gpshtb.com/go/707?source=1606
173.214.244.181 0 B URL gpshtb.com/go/707?source=1606
IP 173.214.244.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/707?source=1606 HTTP/1.1
Host: gpshtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bstnwswrldg.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 01 Jun 2023 01:10:49 GMT
content-type: text/html; charset=UTF-8
location: https://new-psh.com/?pl=epbJxbtxQEuIs1LQXyqFHg&sub_id=1606
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.15.101 314 B URL zerossl.ocsp.sectigo.com/
IP 104.18.15.101:0
Hash 6a3868ccf24274784492e370774fa7e4
d5d372f58c0671abf2532df80a264fc73088782e
bd6e92aafff8fb7dd38e2380df2e86f0fa9d0cdc88ad9602d028bb2be3c29edd
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 01:10:49 GMT
Content-Type: application/ocsp-response
Content-Length: 314
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 19:08:45 GMT
Expires: Sun, 04 Jun 2023 19:08:44 GMT
Etag: "d5d372f58c0671abf2532df80a264fc73088782e"
Cache-Control: max-age=324240,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d03943f6a50067b-OSL
news-dudafa.com/revopush.js?v=4
193.108.118.59 10 kB URL news-dudafa.com/revopush.js?v=4
IP 193.108.118.59:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (9954), with no line terminators
Hash fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0
Analyzer Verdict Alert quad9 Sinkholed
GET /revopush.js?v=4 HTTP/1.1
Host: news-dudafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-dudafa.com/lands/43/?site=8055502&sub1=tk_main&sub2=&sub3=&sub4=
Cookie: clickdata=ODA1NTUwMnw6fDQzfDp8dGtfbWFpbnw6fHw6fHw6fA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:49 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
azkcqs.com/rpe?a=1&s=1&act=17&src=2&p=1028487&st=1169113&wd=397114&d=gtuvyu.com&tpl=57&rnd=0.1882623110248034&sbid=ph_new_ms&sbid2=
185.162.85.14 0 B URL azkcqs.com/rpe?a=1&s=1&act=17&src=2&p=1028487&st=1169113&wd=397114&d=gtuvyu.com&tpl=57&rnd=0.1882623110248034&sbid=ph_new_ms&sbid2=
IP 185.162.85.14:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rpe?a=1&s=1&act=17&src=2&p=1028487&st=1169113&wd=397114&d=gtuvyu.com&tpl=57&rnd=0.1882623110248034&sbid=ph_new_ms&sbid2= HTTP/1.1
Host: azkcqs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dpj4c.gtuvyu.com
DNT: 1
Connection: keep-alive
Referer: https://dpj4c.gtuvyu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 01 Jun 2023 01:10:51 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
azkcqs.com/rpe?a=1&s=1&act=7&src=2&p=1028487&st=1169113&wd=397114&d=gtuvyu.com&tpl=57&rnd=0.4032218182115327&sbid=ph_new_ms&sbid2=
185.162.85.14 0 B URL azkcqs.com/rpe?a=1&s=1&act=7&src=2&p=1028487&st=1169113&wd=397114&d=gtuvyu.com&tpl=57&rnd=0.4032218182115327&sbid=ph_new_ms&sbid2=
IP 185.162.85.14:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rpe?a=1&s=1&act=7&src=2&p=1028487&st=1169113&wd=397114&d=gtuvyu.com&tpl=57&rnd=0.4032218182115327&sbid=ph_new_ms&sbid2= HTTP/1.1
Host: azkcqs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dpj4c.gtuvyu.com
DNT: 1
Connection: keep-alive
Referer: https://dpj4c.gtuvyu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 01 Jun 2023 01:10:51 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
dpj4c.gtuvyu.com/bot-captcha-2?h=waWQiOjEwMjg0ODcsInNpZCI6MTE2OTExMywid2lkIjozOTcxMTQsInNyYyI6Mn0=eyJ&si1=ph_new_ms&i=1
185.56.234.205 72 kB URL dpj4c.gtuvyu.com/bot-captcha-2?h=waWQiOjEwMjg0ODcsInNpZCI6MTE2OTExMywid2lkIjozOTcxMTQsInNyYyI6Mn0=eyJ&si1=ph_new_ms&i=1
IP 185.56.234.205:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Hash 0fe3aabe765b768052712f9114e0801d
e4ee25e9c7b768bde365c8b8ce8471ed8b477be7
116cf332226283996ea97737f5e905d2f389737dafcdb5a807c3d759fa20603b
GET /bot-captcha-2?h=waWQiOjEwMjg0ODcsInNpZCI6MTE2OTExMywid2lkIjozOTcxMTQsInNyYyI6Mn0=eyJ&si1=ph_new_ms&i=1 HTTP/1.1
Host: dpj4c.gtuvyu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gtuvyu.com/
Cookie: truniq=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Thu, 01 Jun 2023 01:10:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu4
content-encoding: gzip
X-Firefox-Spdy: h2
system-notify.app/f/sdk.js?z=785535
157.90.33.68 14 kB URL system-notify.app/f/sdk.js?z=785535
IP 157.90.33.68:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (52267), with no line terminators
Hash 194f05ac33b5593f51fcf460a54ca3ea
c1cf2f102d162226edbc9e37800577d3ec3a4f50
9d7c94e79b7675579e8768948a612a6ae44f5fadf86849fe1b75fbed17ae4446
GET /f/sdk.js?z=785535 HTTP/1.1
Host: system-notify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thbstvd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 14468
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
system-notify.app/event?z=785535
157.90.33.68 0 B URL system-notify.app/event?z=785535
IP 157.90.33.68:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event?z=785535 HTTP/1.1
Host: system-notify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 82
Origin: https://thbstvd.com
DNT: 1
Connection: keep-alive
Referer: https://thbstvd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:54 GMT
content-length: 0
access-control-allow-origin: https://thbstvd.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2
p.rapolok.com/ad/ad?p=215473&w=539748&t=cf894b42e2077dfa&r=&vw=1280&vh=0
54.236.145.30303 See Other 0 B URL User Request GET HTTP/2 p.rapolok.com/ad/ad?p=215473&w=539748&t=cf894b42e2077dfa&r=&vw=1280&vh=0
IP 54.236.145.30:443
Certificate IssuerLet's Encrypt
Subjectp.rapolok.com
Fingerprint60:05:20:EF:10:3D:67:F9:57:3E:99:63:C0:69:41:E2:BC:85:A6:38
ValidityWed, 10 May 2023 11:07:18 GMT - Tue, 08 Aug 2023 11:07:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ad/ad?p=215473&w=539748&t=cf894b42e2077dfa&r=&vw=1280&vh=0 HTTP/1.1
Host: p.rapolok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://p.rapolok.com/go/215473/539748
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 303 See Other
server: nginx
date: Thu, 01 Jun 2023 01:10:55 GMT
content-length: 0
location: https://retryngs.com/link?z=6003257&var=539748&ymid=125036389790
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
news-dudafa.com/lands/43/?site=8055502&sub1=tk_main&sub2=&sub3=&sub4=
193.108.118.59 34 kB URL news-dudafa.com/lands/43/?site=8055502&sub1=tk_main&sub2=&sub3=&sub4=
IP 193.108.118.59:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32723)
Hash 49275dd1813a0a4da0816a20e8dc783d
22b27987a8cc38c255b29aba053e10aed49afe13
28ff889e58562b9419c822748da9fe87aa9f0c835a794def0a0be46cb4580fad
Analyzer Verdict Alert quad9 Sinkholed
GET /lands/43/?site=8055502&sub1=tk_main&sub2=&sub3=&sub4= HTTP/1.1
Host: news-dudafa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bstnwswrldg.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:49 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1NTUwMnw6fDQzfDp8dGtfbWFpbnw6fHw6fHw6fA%3D%3D; expires=Thu, 01-Jun-2023 02:10:49 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 5b53f2fcda25e30bbbf202b507fac96c
1d1cfb1765f42aba83c3b3e89417b228ed9f0b22
6971f9675ef64b91754cc952302f0a4e9d93b0435625536165dde4c7fe71b235
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 01:10:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdntechone.com/stattag.js
172.67.149.153200 OK 7.7 kB URL GET HTTP/2 cdntechone.com/stattag.js
IP 172.67.149.153:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (17871)
Hash 0fdff67feab23cc69ecfb6800fc54cb7
eb84c650e6d27e290795207b1f37dd7b67f2aa06
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 01:10:56 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:53 GMT
etag: W/"646736c9-4859"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQXQv6tCidNP5RVmAJZ7jc9h6OA1PBoaFGUyUtwF2STD7ponwAROKtx4TskgfkYT6GutDpCf42kNkp%2BhU6MiOJIXGETpYQBv7ntHfQQhmK5kQ0KOCCQl2J6m9ghATYO37g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d039469f859fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-F0JFDXF7TQ
142.250.74.168200 OK 89 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-F0JFDXF7TQ
IP 142.250.74.168:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (6408)
Hash 9837f3b8d2d7760deb9bb7c480cf6f8f
7fb161a398b0128c429ab126653dcc20b2b97873
a7982febac92b050e2fb8703e8da16c1418f55e29833df657c89f1e5707be4ed
GET /gtag/js?id=G-F0JFDXF7TQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Jun 2023 01:10:56 GMT
expires: Thu, 01 Jun 2023 01:10:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88566
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 5b53f2fcda25e30bbbf202b507fac96c
1d1cfb1765f42aba83c3b3e89417b228ed9f0b22
6971f9675ef64b91754cc952302f0a4e9d93b0435625536165dde4c7fe71b235
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 01:10:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
niwooghu.com/400/5904249?ymid=687942579767226394&var=zd_6003257&var3=539748
139.45.197.237200 OK 32 kB URL GET HTTP/2 niwooghu.com/400/5904249?ymid=687942579767226394&var=zd_6003257&var3=539748
IP 139.45.197.237:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash c38114d8190bfe44e7ee5e51e1a384ef
c7c6ed843b46efac62f3e153d4197bc20cf85654
d01187613b2e3e9adde6bfeec3debf08b2836e65da9fc9ebf3d45cde788fedb0
GET /400/5904249?ymid=687942579767226394&var=zd_6003257&var3=539748 HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:56 GMT
content-type: application/javascript
x-trace-id: 2298102e5460a89ac8b1bc67608485d9
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=4c030a7c9eec41ebb5db3631a98b203f; expires=Fri, 31 May 2024 01:10:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
rewardarium.com/favicon.ico
188.114.97.1200 OK 11 kB URL GET HTTP/3 rewardarium.com/favicon.ico
IP 188.114.97.1:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectrewardarium.com
FingerprintE9:09:05:81:43:DE:42:13:8F:E6:CA:66:34:30:0C:F1:2C:8D:E1:7E
ValidityThu, 06 Apr 2023 14:36:16 GMT - Wed, 05 Jul 2023 14:36:15 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2309)
Hash f6750ddaf1a2233b2348f1b475a09221
154b33cc755e0990f095a01ef04afb09c8a7b832
34e86493f21dbca249a99943f636b471da2333b566630b2ad321a4d05cd51d8a
GET /favicon.ico HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 01:10:56 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEgtFMzmOloXx%2FvP7bUlP%2B%2F24i%2B1dQD%2FiWFFjemng4q%2B96QlXLzEUh88mj4HGYUoyzureRuhy99wlmwj16ANzZ28pmjJXICupYby%2F1SBPgFvLJQaP9R54F%2BSI0cmJLvS8Z4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 1567
server: cloudflare
cf-ray: 7d03946b2e1fb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
i.th61.com/watch?zone=5904237&var=zd_6003257&ymid=687942579767226394&s=3
104.21.65.151200 OK 477 B URL POST HTTP/2 i.th61.com/watch?zone=5904237&var=zd_6003257&ymid=687942579767226394&s=3
IP 104.21.65.151:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint80:B8:25:47:ED:82:D4:A7:46:25:E7:D0:EF:21:B6:EE:31:E1:D5:63
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /watch?zone=5904237&var=zd_6003257&ymid=687942579767226394&s=3 HTTP/1.1
Host: i.th61.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Thu, 01 Jun 2023 01:10:56 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SprsPn1yTKPe2DCn0vFo6khwCBZ8ceQy0TL1LhlncZi7y%2BnLlrxf1aLMZaOouRcqg7QOzwiZSSniNJATp%2FoSW7cAEn0FwrnVTOl%2FNqIUt%2FNjiit6G8wFV2S8nv0f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d03946a2ff2b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
rewardarium.com/sw.js
188.114.97.1200 OK 2.5 kB IP 188.114.97.1:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectrewardarium.com
FingerprintE9:09:05:81:43:DE:42:13:8F:E6:CA:66:34:30:0C:F1:2C:8D:E1:7E
ValidityThu, 06 Apr 2023 14:36:16 GMT - Wed, 05 Jul 2023 14:36:15 GMT
File type ASCII text, with very long lines (5235)
Hash 809c8f2863e519babd2dc405af277aa0
7a0f43bd8f81ef944627a6d83ced615d0eda962f
ecbb19ecba66133221ec0f3d6db1932b0507cc76f224b175768134f393e2033d
GET /sw.js HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
DNT: 1
Connection: keep-alive
Cookie: _ga_F0JFDXF7TQ=GS1.1.1685581856.1.0.1685581856.0.0.0; _ga=GA1.1.122212287.1685581856
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 01:10:56 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"ca2bad6cb20023661b53ea682a457ede"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siXrp5lmyxMZWi%2BsHvosFprxbQJMRVgKcM2XFSGU1Odi0hIoO8jnaQkKMbZBVFe%2F2SKLahHdWGvqbq45bxmTtCzfYffpLrreChsarwd7k%2BB1YhcDGddabpetOW%2B6kS8Y%2Bq4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 5438
server: cloudflare
cf-ray: 7d03946d6efeb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
datatechonert.com/log/add?cid=4fdc95c9-9001-4768-aac8-c1886405d3a9
139.45.195.253200 OK 12 B URL POST HTTP/1.1 datatechonert.com/log/add?cid=4fdc95c9-9001-4768-aac8-c1886405d3a9
IP 139.45.195.253:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerSectigo Limited
Subjectdatatechonert.com
Fingerprint6F:17:15:C2:7F:CC:16:6C:9D:C0:AD:C3:EE:DA:69:61:8C:77:0B:5B
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=4fdc95c9-9001-4768-aac8-c1886405d3a9 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1413
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 01 Jun 2023 01:10:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://rewardarium.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
tzegilo.com/stattag.js
104.21.0.191200 OK 6.9 kB IP 104.21.0.191:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerGoogle Trust Services LLC
Subject*.tzegilo.com
FingerprintDF:12:8C:B5:F2:22:D6:BE:72:F3:C6:9A:FA:DD:9E:1F:4E:58:63:1E
ValidityTue, 11 Apr 2023 10:11:54 GMT - Mon, 10 Jul 2023 10:11:53 GMT
File type ASCII text, with very long lines (17479), with no line terminators
Hash dd2f9f2bb1e1c74b905556d0a7bc5545
0c831c8c56da8167b9e2dfd1d3eb3288348da85d
63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 01:10:56 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:59 GMT
etag: W/"646736cf-4447"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3545
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWAkmgfXz%2BHg94pp6mxEEKF9eiOEdt7ocUs9wZccIJoz77xEMBfIhSBCKWIsWm1Lb9kqvOuy89YEMJ5%2FuQt%2Fp0FKOoYw335VbZKmbfrkmw%2BbXLOqu6Wr7QdLi1LYsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d03946c79d1b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Content-Length: 556
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:56 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: b512395dd011893069d4af24b78bb904
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.436
139.45.197.250200 OK 34 kB URL GET HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.436
IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 8d745db748fde938f23822fda02b0846
5b9cf892becb8aa1e2a6eed31184ff98e3b831b4
6076bf0b218bb612720807ff748e6fd14f4598b26a8d1ecdac304a8df10e3cc2
GET /pfe/current/universal.min.js?v=3.1.436 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:56 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 12:46:19 GMT
etag: W/"6475f01b-19367"
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
psaudous.com/4/5904237/?ymid=687942579767226394&var=zd_6003257&var3=539748
139.45.197.239200 OK 12 kB URL GET HTTP/2 psaudous.com/4/5904237/?ymid=687942579767226394&var=zd_6003257&var3=539748
IP 139.45.197.239:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectpsaudous.com
Fingerprint74:1B:0B:1B:1B:A5:B9:16:B3:8D:1B:39:D1:7D:7D:00:8A:53:AB:D0
ValidityThu, 23 Mar 2023 05:13:48 GMT - Wed, 21 Jun 2023 05:13:47 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 31b0d15a8cc5cafcecb115f364bfae72
45266b4b702a889d4810a11be4ba4e21be32fa62
03690312470da127659a2ed73ad558b9ecb321a111fe96fd9bddc16b63a6390a
GET /4/5904237/?ymid=687942579767226394&var=zd_6003257&var3=539748 HTTP/1.1
Host: psaudous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:56 GMT
content-type: text/html; charset=utf8
x-trace-id: 0263d083e5b5095b96224f1544f5a91b
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
access-control-allow-credentials: true
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=e7c94e161a7f4dd39ef1c8ffdd3377d2; expires=Fri, 31 May 2024 01:10:56 GMT; path=/; secure; SameSite=None
oaidts=1685581856; expires=Fri, 31 May 2024 01:10:56 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *, *
access-control-allow-methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, Accept, Content-Type, Content-Length, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
File type JSON data\012- , ASCII text
Hash f8d542d61f005d49742091d534246138
a245ae2a29233f61426c60913757b6d7a33775af
f01df7f6cfd3f71089051761cc48f6dac7f7ae0b02544c8aa795a68844e181fc
Analyzer Verdict Alert quad9 Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Content-Length: 606
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:57 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 31070d06cede06ee77ccb0a0870070b9
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.15.101 471 B IP 104.18.15.101:0
Hash 45c44320445221beacf6cb407a7724b0
6123b952d3ee7cd14358b82305e95c73cba0d906
ce74ba8d47e2cf668b51f8394d3a99e83bf7056e819762e55287712b46a1299b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 01:10:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 29 May 2023 02:07:07 GMT
Expires: Mon, 05 Jun 2023 02:07:06 GMT
Etag: "6123b952d3ee7cd14358b82305e95c73cba0d906"
Cache-Control: max-age=349468,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d03946efad10b02-OSL
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Content-Length: 908
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:57 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 9da0d1db67b05d2a6bc96518b4c774cd
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
psaudous.com/?z=5904237&syncedCookie=true&rhd=false
139.45.197.239302 Found 0 B URL POST HTTP/2 psaudous.com/?z=5904237&syncedCookie=true&rhd=false
IP 139.45.197.239:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectpsaudous.com
Fingerprint74:1B:0B:1B:1B:A5:B9:16:B3:8D:1B:39:D1:7D:7D:00:8A:53:AB:D0
ValidityThu, 23 Mar 2023 05:13:48 GMT - Wed, 21 Jun 2023 05:13:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?z=5904237&syncedCookie=true&rhd=false HTTP/1.1
Host: psaudous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 538
Origin: https://psaudous.com
DNT: 1
Connection: keep-alive
Referer: https://psaudous.com/afu.php?zoneid=5904237&var=5904237&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false
Cookie: OAID=e7c94e161a7f4dd39ef1c8ffdd3377d2; oaidts=1685581856
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 01 Jun 2023 01:10:57 GMT
content-length: 0
location: https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
x-trace-id: cb19937043d47cc341c477b88e589c1a
link: <https://www.mysexymatches.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
access-control-allow-origin: https://psaudous.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=e7c94e161a7f4dd39ef1c8ffdd3377d2; expires=Fri, 31 May 2024 01:10:57 GMT; path=/; secure; SameSite=None
oaidts=1685581856; expires=Fri, 31 May 2024 01:10:57 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 08 Jun 2023 01:10:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
niwooghu.com/500/5904249?excludes=&oaid=f7531ae4ce4d4dfbad0f0284c1d11ee1&var=zd_6003257&ymid=687942579767226394&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL OPTIONS HTTP/2 niwooghu.com/500/5904249?excludes=&oaid=f7531ae4ce4d4dfbad0f0284c1d11ee1&var=zd_6003257&ymid=687942579767226394&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5904249?excludes=&oaid=f7531ae4ce4d4dfbad0f0284c1d11ee1&var=zd_6003257&ymid=687942579767226394&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:57 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://rewardarium.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
52.17.88.125200 OK 12 kB URL GET HTTP/2 www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
IP 52.17.88.125:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subject*.mysexymatches.com
Fingerprint7D:35:18:C7:41:6B:DC:68:1E:F2:FB:E0:71:F3:96:D3:FE:1A:B7:7C
ValiditySat, 20 May 2023 00:31:45 GMT - Fri, 18 Aug 2023 00:31:44 GMT
File type gzip compressed data, from Unix\012- data
Hash a1b3de96b8ab39fc98cecb9da281e2d6
b36da26e147d7c0cfc06b902c1471e5b921788fc
0fc3af1a52085a86b8d66e8e75732075913ed9b61d5c69ecdf407e8c00483c31
GET /c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237 HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:57 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=6477f02100022641; Path=/; Expires=Mon, 31 Jul 2023 01:10:57 GMT; Secure; SameSite=None
unique_id2=6477f02100022e5c; Path=/; Expires=Wed, 30 Aug 2023 01:10:57 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Thu, 01 Jun 2023 01:10:57 GMT; Secure; SameSite=None
6477f02100022e5c_sl=[277423]; Path=/; Expires=Thu, 15 Jun 2023 01:10:57 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
niwooghu.com/500/5904249?excludes=&oaid=f7531ae4ce4d4dfbad0f0284c1d11ee1&var=zd_6003257&ymid=687942579767226394&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 1.6 kB URL OPTIONS HTTP/2 niwooghu.com/500/5904249?excludes=&oaid=f7531ae4ce4d4dfbad0f0284c1d11ee1&var=zd_6003257&ymid=687942579767226394&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 00c4479118f8c9eb7d4184da70928049
20d5097da5ef735866b85011826ac8b324ffa509
ef7d16b9a52ce6e51f932f8b790da908395d2a18437c099e838ae8f22bbc9eff
GET /500/5904249?excludes=&oaid=f7531ae4ce4d4dfbad0f0284c1d11ee1&var=zd_6003257&ymid=687942579767226394&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Cookie: OAID=4c030a7c9eec41ebb5db3631a98b203f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:57 GMT
content-type: application/javascript
x-trace-id: 5bf9a335144311635cd92b2ccfaea570
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://rewardarium.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f7531ae4ce4d4dfbad0f0284c1d11ee1; expires=Fri, 31 May 2024 01:10:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/277423/1669996037/css/stylesheet.css?1669996037
23.36.76.96200 OK 1.3 kB URL GET HTTP/1.1 cdn-adef.akamaized.net/landings/277423/1669996037/css/stylesheet.css?1669996037
IP 23.36.76.96:443
ASN #20940 Akamai International B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash c4709de8c9c356021de98176f13270b3
9aa1ef140c7d3800f0bbc85a740acbdebe6f4ccf
bb7494d63176403e003a8af05c8017b4f56b18ac8b73bedaad87350f38168d32
GET /landings/277423/1669996037/css/stylesheet.css?1669996037 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: IyESBznHP7Ein0nvpfWYoHLdKF/ERsmL3RJ/hMTJ90TlFJanGi/X0MkZPhsbXrD2m2l5iVtiMdI=
x-amz-request-id: 9HZPW3V4SPRRPM3J
Last-Modified: Fri, 02 Dec 2022 15:47:19 GMT
ETag: "c4709de8c9c356021de98176f13270b3"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Jun 2023 01:10:57 GMT
Content-Length: 1266
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/277423/1669996037/js/secondofferv2.js?1669996037
23.36.76.96200 OK 454 B URL GET HTTP/1.1 cdn-adef.akamaized.net/landings/277423/1669996037/js/secondofferv2.js?1669996037
IP 23.36.76.96:443
ASN #20940 Akamai International B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash 9bbe216b8e526fd98d219f2b91ccaa57
3f5d1be91ba58b6501c022155fe6778ce82b1663
1c83d2863f746a234e46c5578826ceeb8cbe126bc4c274ca679295441c44b948
GET /landings/277423/1669996037/js/secondofferv2.js?1669996037 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: TBXznBQnjCkBzBBFj9JkzFMaDIYn8xvJBUm1XIV1OQobif1haYm4G918n4r7TuaZ4fb9w7KqUB8=
x-amz-request-id: VBQAT92HF3YSW2PR
Last-Modified: Fri, 02 Dec 2022 15:47:20 GMT
ETag: "9bbe216b8e526fd98d219f2b91ccaa57"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Jun 2023 01:10:57 GMT
Content-Length: 454
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/277423/1669996037/js/MB_push_NEW.js?1669996037
23.36.76.96200 OK 671 B URL GET HTTP/1.1 cdn-adef.akamaized.net/landings/277423/1669996037/js/MB_push_NEW.js?1669996037
IP 23.36.76.96:443
ASN #20940 Akamai International B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 533a9cb9c41907529c3d603edb25d5d9
222bee472465971cf71bfa210d04136eb765ccc0
45d257677164ebc2c1fd4ff44b4ee5a1ce9c87682f165836a3e38113d1e09eaf
GET /landings/277423/1669996037/js/MB_push_NEW.js?1669996037 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: TwtcLsNEPH0+dOTQxWCH0dp8vLuCBDIrT/t2FyN4HhkY5jqf77SoMEMiHK+TLdb/FDICBNRSev0=
x-amz-request-id: 9HZQ5999SNHCV322
Last-Modified: Fri, 02 Dec 2022 15:47:20 GMT
ETag: "533a9cb9c41907529c3d603edb25d5d9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 671
Date: Thu, 01 Jun 2023 01:10:57 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/277423/1669996037/js/jquery.min.js?1669996037
23.36.76.96200 OK 30 kB URL GET HTTP/1.1 cdn-adef.akamaized.net/landings/277423/1669996037/js/jquery.min.js?1669996037
IP 23.36.76.96:443
ASN #20940 Akamai International B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /landings/277423/1669996037/js/jquery.min.js?1669996037 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: JrgOilEZ3uRoKC6ngsupgtvA0XmkXUSz0XfNR3rzF0zCH3hHZ06hF/4c6ZKPwM6mVuOMVG+QbPk=
x-amz-request-id: 9HZTD5K3AZSVMWET
Last-Modified: Fri, 02 Dec 2022 15:47:19 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Jun 2023 01:10:57 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/277423/1669996037/js/main.js?1669996037
23.36.76.96200 OK 40 kB URL GET HTTP/1.1 cdn-adef.akamaized.net/landings/277423/1669996037/js/main.js?1669996037
IP 23.36.76.96:443
ASN #20940 Akamai International B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (568), with CRLF line terminators
Hash a0f4da40bd81c65d824afc106743d47f
55b2d4c57fdb017314f62ac2fe8a3e287dcadf7f
e40e7cc368c897d6a3a5095fae6ccd6d9a3f88af5ef9c590f79b9fd22293ad10
GET /landings/277423/1669996037/js/main.js?1669996037 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: g+E+f+ZbK/fcOZUXAojseAsPNRn67mWzaCqIfISD2cC6tTHSKxejVPkwtmuzMSGis2iwjqPrvFI=
x-amz-request-id: 9HZQGJ3RYAASCRS4
Last-Modified: Fri, 02 Dec 2022 15:47:19 GMT
ETag: "a0f4da40bd81c65d824afc106743d47f"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Jun 2023 01:10:57 GMT
Content-Length: 40511
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
niwooghu.com/impression/dh7YFbWZa0IWinWC7OW2ktIUSHn317U8AHDtwVN1LmsmfYiOez3a06nOz7qTFgs6h8rvZ_8athsYcHptoXiN4u-6adPkRjjJEeV2b-aLunQySbHCyYOg-dM5wnXcF3xrz7Y9RM5pVLdyAyjDiLJl3Uo9kbAU_O2y8m0uW4KyzD--Sa_mxaqk76LFkTLMkzlDtCA4lEZ0v7XGRmgQ-L5cP4BG1XIw7SAFrACnVYzOm4F8u2pZ1DKLWlMAWyPzoj2-aP95jO4P4Lr0SYVeljYlotZdyt0XhRdIia68vXndqsFymWeoKirvKbOYwHVQApALTuipeObLv8VcPiXvjBRNo90HFwUv_OSWEonXSdO1LOte46Hzt6ZrzX5ZSIcvyoykS0p9tAhkYcOqIzoZXLhHeAQaCqb1VouJG_sJ-gKW6Lb5wjf1Z-Ywg0n--XP8q9w9x8rKuGngUF1AhI3D_e_v-6g2iYsY5Nlqt_9MQ96iHMXncbnoxKKqHaM_eywrFglm4hdLha6BkhNwVd1bOH-T5IACa1HH-g-fOKInLn-IEboZzOD8dvKhUVQsm447YBOZOrwdA0JE0uvrMXfOUQSj3iHEwJytm88yZFFRHCgj5s5wEesdiDfdYlksMtvR-Js-?_z=5904249&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL GET HTTP/2 niwooghu.com/impression/dh7YFbWZa0IWinWC7OW2ktIUSHn317U8AHDtwVN1LmsmfYiOez3a06nOz7qTFgs6h8rvZ_8athsYcHptoXiN4u-6adPkRjjJEeV2b-aLunQySbHCyYOg-dM5wnXcF3xrz7Y9RM5pVLdyAyjDiLJl3Uo9kbAU_O2y8m0uW4KyzD--Sa_mxaqk76LFkTLMkzlDtCA4lEZ0v7XGRmgQ-L5cP4BG1XIw7SAFrACnVYzOm4F8u2pZ1DKLWlMAWyPzoj2-aP95jO4P4Lr0SYVeljYlotZdyt0XhRdIia68vXndqsFymWeoKirvKbOYwHVQApALTuipeObLv8VcPiXvjBRNo90HFwUv_OSWEonXSdO1LOte46Hzt6ZrzX5ZSIcvyoykS0p9tAhkYcOqIzoZXLhHeAQaCqb1VouJG_sJ-gKW6Lb5wjf1Z-Ywg0n--XP8q9w9x8rKuGngUF1AhI3D_e_v-6g2iYsY5Nlqt_9MQ96iHMXncbnoxKKqHaM_eywrFglm4hdLha6BkhNwVd1bOH-T5IACa1HH-g-fOKInLn-IEboZzOD8dvKhUVQsm447YBOZOrwdA0JE0uvrMXfOUQSj3iHEwJytm88yZFFRHCgj5s5wEesdiDfdYlksMtvR-Js-?_z=5904249&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/dh7YFbWZa0IWinWC7OW2ktIUSHn317U8AHDtwVN1LmsmfYiOez3a06nOz7qTFgs6h8rvZ_8athsYcHptoXiN4u-6adPkRjjJEeV2b-aLunQySbHCyYOg-dM5wnXcF3xrz7Y9RM5pVLdyAyjDiLJl3Uo9kbAU_O2y8m0uW4KyzD--Sa_mxaqk76LFkTLMkzlDtCA4lEZ0v7XGRmgQ-L5cP4BG1XIw7SAFrACnVYzOm4F8u2pZ1DKLWlMAWyPzoj2-aP95jO4P4Lr0SYVeljYlotZdyt0XhRdIia68vXndqsFymWeoKirvKbOYwHVQApALTuipeObLv8VcPiXvjBRNo90HFwUv_OSWEonXSdO1LOte46Hzt6ZrzX5ZSIcvyoykS0p9tAhkYcOqIzoZXLhHeAQaCqb1VouJG_sJ-gKW6Lb5wjf1Z-Ywg0n--XP8q9w9x8rKuGngUF1AhI3D_e_v-6g2iYsY5Nlqt_9MQ96iHMXncbnoxKKqHaM_eywrFglm4hdLha6BkhNwVd1bOH-T5IACa1HH-g-fOKInLn-IEboZzOD8dvKhUVQsm447YBOZOrwdA0JE0uvrMXfOUQSj3iHEwJytm88yZFFRHCgj5s5wEesdiDfdYlksMtvR-Js-?_z=5904249&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Cookie: OAID=f7531ae4ce4d4dfbad0f0284c1d11ee1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:57 GMT
content-type: image/gif
content-length: 43
x-trace-id: d3f134793e1b8ebdf54b80ab38ef0679
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/277423/1669996037/images/bg.gif
23.36.76.96200 OK 1.2 MB URL GET HTTP/1.1 cdn-adef.akamaized.net/landings/277423/1669996037/images/bg.gif
IP 23.36.76.96:443
ASN #20940 Akamai International B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type GIF image data, version 89a, 298 x 517\012- data
Size 1.2 MB (1235704 bytes)
Hash 24834ba3652037ba5e9dd83bfe2c5c50
955eddd177b4135779733c22c6460e78f8b68a41
50584cbf4273096c0c420aedf9c04ddc0b6651eb26d75994df7665f4191c7705
GET /landings/277423/1669996037/images/bg.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/landings/277423/1669996037/css/stylesheet.css?1669996037
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: tG/yOycB7uc1KVXLa4AHQUnMI3lStDs13OpaZ4ApoZNGSHQTSzQc8k22EhV76yoN2rF+j0Eo6Yk=
x-amz-request-id: VBQB08MQ2M49GF38
Last-Modified: Fri, 02 Dec 2022 15:47:19 GMT
ETag: "24834ba3652037ba5e9dd83bfe2c5c50"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 1235704
Date: Thu, 01 Jun 2023 01:10:57 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
niwooghu.com/500/5904249?excludes=17921596&oaid=f7531ae4ce4d4dfbad0f0284c1d11ee1&var=zd_6003257&ymid=687942579767226394&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL GET HTTP/2 niwooghu.com/500/5904249?excludes=17921596&oaid=f7531ae4ce4d4dfbad0f0284c1d11ee1&var=zd_6003257&ymid=687942579767226394&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5904249?excludes=17921596&oaid=f7531ae4ce4d4dfbad0f0284c1d11ee1&var=zd_6003257&ymid=687942579767226394&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:57 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://rewardarium.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ
142.250.74.168200 OK 56 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ
IP 142.250.74.168:443
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (4691)
Hash 7d596a035b70c8ddec687bfb4d552a5a
5d68b3f5eb56b177ab21e1c31c271f1e13a41d6d
e3e4ba56e024d3e21de37396a7d060cf80273052c07248dfa0b9e0352a5ec1b0
GET /gtm.js?id=GTM-MLVPDTJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Jun 2023 01:10:57 GMT
expires: Thu, 01 Jun 2023 01:10:57 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Jun 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56019
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
offerimage.com/www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg
172.67.22.216200 OK 9.4 kB URL GET HTTP/2 offerimage.com/www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg
IP 172.67.22.216:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash b5f73ce42127f4d8c5bfab96f57ecde2
686013156c0356f659f2f36284ecff5356a0e097
554f56616073200065c6c4690f8edfadf16c2e67450e625eaaa4386452afecfd
GET /www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 01:10:58 GMT
content-type: image/jpeg
content-length: 9380
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62807d8b-24a4"
expires: Thu, 01 Jun 2023 12:44:20 GMT
last-modified: Sun, 15 May 2022 04:11:55 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 44798
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d03947519e9b517-OSL
X-Firefox-Spdy: h2
s.exv6.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6>mcb=1005986068
95.211.229.245200 OK 20 B URL GET HTTP/1.1 s.exv6.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6>mcb=1005986068
IP 95.211.229.245:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Certificate IssuerLet's Encrypt
Subjectexv6.com
Fingerprint95:DF:82:34:08:E0:F8:A7:24:C5:64:DB:75:CB:C7:E5:8D:E1:4D:6E
ValidityTue, 09 May 2023 12:39:36 GMT - Mon, 07 Aug 2023 12:39:35 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6>mcb=1005986068 HTTP/1.1
Host: s.exv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:10:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A71748%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-05-31%22%3B%7D%7D; expires=Fri, 31 May 2024 01:10:58 GMT; path=/; domain=.exv6.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
offerimage.com/www/images/3f69e1877801cf3e6e161bb2114c915f.jpg
172.67.22.216200 OK 10 kB URL GET HTTP/2 offerimage.com/www/images/3f69e1877801cf3e6e161bb2114c915f.jpg
IP 172.67.22.216:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 3f69e1877801cf3e6e161bb2114c915f
e5bd65573fc9d952cbd63fb097395eed8f3f7a3c
34312eeb95acf67ca8d3e63a8bbfb9e067f61550f19e606ab244dab69c78ef5f
GET /www/images/3f69e1877801cf3e6e161bb2114c915f.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 01:10:58 GMT
content-type: image/jpeg
content-length: 10224
cache-control: max-age=86400
cf-bgj: h2pri
etag: "63fdb2cf-27f0"
expires: Thu, 01 Jun 2023 11:18:10 GMT
last-modified: Tue, 28 Feb 2023 07:52:47 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 49968
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0394756a08b517-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 01:10:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
142.250.74.35200 OK 8.6 kB URL GET HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP 142.250.74.35:443
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (25088)
Hash 9164d0e8a317eceb870cca88c9683127
4617c910005f7100b4ff26a458a8b4463e33cdc6
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 17:31:35 GMT
expires: Wed, 29 May 2024 17:31:35 GMT
cache-control: public, max-age=31536000
age: 113963
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 01:10:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
142.250.74.35200 OK 10 kB URL GET HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP 142.250.74.35:443
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (35547)
Hash 0cb7a0eb328ea70ab360f861314c8820
e3e20eb50dae36f4cbcef1890b1cc7878acb537a
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 21:40:29 GMT
expires: Wed, 29 May 2024 21:40:29 GMT
cache-control: public, max-age=31536000
age: 99029
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 01:10:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
smrtlnktp.com/go/5?pid=1
173.214.244.181 4.2 kB IP 173.214.244.181:0
File type gzip compressed data, max speed, from Unix\012- data
Hash 9aff54fdb07ae6d89486092e3c0e0831
6a9e7004cb94f799041b68febc3a0f1d787480a1
515cab2a54fc72a3ab990691cb9d58942a7aaa321f60d2bdf7f0e76a215b2367
Analyzer Verdict Alert quad9 Sinkholed
GET /go/5?pid=1 HTTP/1.1
Host: smrtlnktp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dpj4c.gtuvyu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 01 Jun 2023 01:09:56 GMT
content-type: text/html; charset=UTF-8
location: https://thbstvd.com/?source=tk_all
X-Firefox-Spdy: h2
offerimage.com/www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg
172.67.22.216200 OK 9.4 kB URL GET HTTP/2 offerimage.com/www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg
IP 172.67.22.216:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash b5f73ce42127f4d8c5bfab96f57ecde2
686013156c0356f659f2f36284ecff5356a0e097
554f56616073200065c6c4690f8edfadf16c2e67450e625eaaa4386452afecfd
GET /www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 01:11:00 GMT
content-type: image/jpeg
content-length: 9380
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62807d8b-24a4"
expires: Thu, 01 Jun 2023 12:44:20 GMT
last-modified: Sun, 15 May 2022 04:11:55 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 44800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d039481dfeeb517-OSL
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/277423/1669996037/js/backoffer.js?1669996037
23.36.76.96200 OK 430 B URL GET HTTP/1.1 cdn-adef.akamaized.net/landings/277423/1669996037/js/backoffer.js?1669996037
IP 23.36.76.96:443
ASN #20940 Akamai International B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (430), with no line terminators
Hash 6d5aa83d23ce0b9f72d3b87d000d8fae
034fb8768eb58ffc0b5849e2c162989741a6cbec
89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800
GET /landings/277423/1669996037/js/backoffer.js?1669996037 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: wQjQ4KLZfZPl4C4F+cDGnMVIpeWXFGoN5EU5RZivmlsy4B9dTxNAY7kNXlx9wjGfAnd6nZY5JPk=
x-amz-request-id: 9HZH1FTBM5DXQVE7
Last-Modified: Fri, 02 Dec 2022 15:47:19 GMT
ETag: "6d5aa83d23ce0b9f72d3b87d000d8fae"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 430
Date: Thu, 01 Jun 2023 01:10:57 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
188.114.97.1200 OK 27 kB URL User Request GET HTTP/2 rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
IP 188.114.97.1:443
Certificate IssuerLet's Encrypt
Subjectrewardarium.com
FingerprintE9:09:05:81:43:DE:42:13:8F:E6:CA:66:34:30:0C:F1:2C:8D:E1:7E
ValidityThu, 06 Apr 2023 14:36:16 GMT - Wed, 05 Jul 2023 14:36:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4} HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://p.rapolok.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 01:10:56 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaR5jbROH%2Ff758%2B%2B4B%2F3nUY32Bnu%2BBn4uaWYFK5C4tPDhJ31G%2FTLxnT3FDWk6ZlFocn5forhAYmvRTyxnN7kVAgk4jgszX4mVHw2r510LSGXqNYTX%2BErdZx7beH%2FAiC6Eko%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d03946868adb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rewardarium.com/lightning.svg
188.114.97.1200 OK 558 B URL GET HTTP/3 rewardarium.com/lightning.svg
IP 188.114.97.1:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectrewardarium.com
FingerprintE9:09:05:81:43:DE:42:13:8F:E6:CA:66:34:30:0C:F1:2C:8D:E1:7E
ValidityThu, 06 Apr 2023 14:36:16 GMT - Wed, 05 Jul 2023 14:36:15 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (603), with no line terminators
Hash 9c0ef0f4019464092e924742904d75ea
33ed4dae960a9bfc33b63882d39e47ec431ec46d
2b810d0b2fb0339bca96276a4646b209804b992d8dbffb6e0d62651e48d97e83
GET /lightning.svg HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 01:10:56 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"9cbec3ef22e57179a0901d90b7b6e2fd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpQpBOFvDdK%2BoTU1VOGw4MJcVcW0ADzCZvxq6lrZXi3NbUQshNi8Ws0G2vDf%2BzSYkZtmHSOJbpZLXlM2I%2BE7FLYkXA9q6a%2FwLIaKpiW7R2fhsJ%2B25gwQKXTzbxRad997NKJGXrmiqMxerEFWjZg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 4119
server: cloudflare
cf-ray: 7d0394698d7eb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js
52.17.88.125200 OK 9.4 kB URL GET HTTP/2 www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js
IP 52.17.88.125:443
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Certificate IssuerLet's Encrypt
Subject*.mysexymatches.com
Fingerprint7D:35:18:C7:41:6B:DC:68:1E:F2:FB:E0:71:F3:96:D3:FE:1A:B7:7C
ValiditySat, 20 May 2023 00:31:45 GMT - Fri, 18 Aug 2023 00:31:44 GMT
File type C source text\012- troff or preprocessor input, ASCII text, with very long lines (9653), with no line terminators
Hash 84b622eb79d84a20b4fb5d3e2e122e2a
73eb77325e2b070e36f393eb4db66fa5af549ac6
514e603036c84a1e1afbc3b0eb748362dbd294f6af16bf88637d7b27f7a224dc
GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Cookie: unique_id=6477f02100022641; unique_id2=6477f02100022e5c; 6477f02100022e5c_sl=[277423]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:57 GMT
content-type: application/javascript
expires: Thu, 08 Jun 2023 01:10:57 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
retryngs.com/link?z=6003257&var=539748&ymid=125036389790
139.45.197.249302 Found 27 kB URL User Request GET HTTP/2 retryngs.com/link?z=6003257&var=539748&ymid=125036389790
IP 139.45.197.249:443
Certificate IssuerLet's Encrypt
Subjectretryngs.com
Fingerprint1A:C8:0D:3F:5E:17:29:A3:F4:BB:4D:C3:33:82:DB:4E:13:0A:B7:40
ValidityWed, 26 Apr 2023 05:34:17 GMT - Tue, 25 Jul 2023 05:34:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /link?z=6003257&var=539748&ymid=125036389790 HTTP/1.1
Host: retryngs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://p.rapolok.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 01 Jun 2023 01:10:56 GMT
content-length: 0
location: https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: e55c4d6a50981f98f62fbb6a33d8bb89
link: <https://rewardarium.com>; rel="dns-prefetch preconnect"
set-cookie: OAID=3cd65b8963144c18a0dc3ad141c45b40; expires=Fri, 31 May 2024 01:10:55 GMT
oaidts=1685581855; expires=Fri, 31 May 2024 01:10:55 GMT
OXCCLK=7013937.1; expires=Fri, 31 May 2024 01:10:56 GMT
allcnt=1; expires=Fri, 31 May 2024 01:10:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=5776812&ymid=687942579767226394&var=zd_6003257&var3=539748
139.45.197.250200 OK 15 kB URL GET HTTP/2 stootsou.net/pfe/current/tag.min.js?z=5776812&ymid=687942579767226394&var=zd_6003257&var3=539748
IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type C source, ASCII text, with very long lines (14679), with no line terminators
Hash dd1bd926c9d267f953b3631fa55c8597
1a37cc25c5dbeb4edd216419587df4c3f270adf0
6e021b2b21122242fa40175b8df6316a9386aa36454efd2c234e891258003d27
GET /pfe/current/tag.min.js?z=5776812&ymid=687942579767226394&var=zd_6003257&var3=539748 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:56 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 12:46:19 GMT
etag: W/"6475f01b-3957"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
www.mysexymatches.com/js/pushjs/1.0.0/utils.js
52.17.88.125200 OK 7.1 kB URL GET HTTP/2 www.mysexymatches.com/js/pushjs/1.0.0/utils.js
IP 52.17.88.125:443
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Certificate IssuerLet's Encrypt
Subject*.mysexymatches.com
Fingerprint7D:35:18:C7:41:6B:DC:68:1E:F2:FB:E0:71:F3:96:D3:FE:1A:B7:7C
ValiditySat, 20 May 2023 00:31:45 GMT - Fri, 18 Aug 2023 00:31:44 GMT
File type C source, ASCII text, with very long lines (7334), with no line terminators
Hash 7df62062a027cd25d5a179c520f38668
0ddaa8cd9090908d987e0299cef74fbf7f118738
cdf93aff990bae251f609ef00d7d2bdbb56a35f003c7184ba067b5948629faa3
GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5904237
Cookie: unique_id=6477f02100022641; unique_id2=6477f02100022e5c; 6477f02100022e5c_sl=[277423]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:58 GMT
content-type: application/javascript
expires: Thu, 08 Jun 2023 01:10:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 9e9ef759d961e87cca2c4110ebd9a872
31a99b437c0b48dd6f915579c4a61b3ea7d75832
c6153278076560036227bbd908fa17a8dc9d44cf8eb2b3a486b9ccbd29c21c29
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:57 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://rewardarium.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f7531ae4ce4d4dfbad0f0284c1d11ee1; expires=Fri, 31 May 2024 01:10:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
stootsou.net/zone?pub=0&zone_id=5776812&is_mobile=false&domain=rewardarium.com&var=zd_6003257&ymid=687942579767226394&var_3=
139.45.197.250200 OK 880 B URL GET HTTP/2 stootsou.net/zone?pub=0&zone_id=5776812&is_mobile=false&domain=rewardarium.com&var=zd_6003257&ymid=687942579767226394&var_3=
IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type troff or preprocessor input, ASCII text, with very long lines (977), with no line terminators
Hash 68a6d61d9ff42278711c88fd618e29d4
1f04e419443be2c8873674f409c2d4bea56f3b65
4c3d0bfc5902fe0f38cea1f82026458bad06ef57145999a5ddd6c0e23e33d5b9
GET /zone?pub=0&zone_id=5776812&is_mobile=false&domain=rewardarium.com&var=zd_6003257&ymid=687942579767226394&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:56 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: 794b2474c996e4c841b51045be771b21
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
niwooghu.com/impression/cZp2yCxC379Z8g3iAO5QIBKQiDiw9i0QmTH_WoZZ3fgFKkmmHrRaIH82J5b996B3PtEoKzzGqVbqZSMNA-6uJL6YjUxp2nz3aHziCBg3tF_UTRjom0_cuGv73P6WAeYJ13axl7YlJ8EoBg0jPIYfTkInpm6JkQge-c_RB6J8KUSZ0TYuWan2aJlUMU9zugN4UFc3dJATa-wI4KmFosRuP1HrIMOa3NdeIlPqcXknX_OWs1CUKh-PgCklrvoCCQ8xkp-yGqPQG6v4gzjTTt1rVW5ciZSexUqLJD7QDbdaPFEPA5wwgEzTVw4L1W0fZHizeqbZ1zjE7sASqexHDSrwLnhmC_qP8bVaBexVktgn9V8-KoNkD6VWzlOSoIOi0GjgUYFf15vIDIyt56ddDYwxRHPq1x4HKp1MDiOvSxx6xzxDcnUwP02Pnbxqb30Xa19lQqcqLhuj2aOFf6PCeXUHVT_6z_UMfHiU9G4tb1OqQ8bIW3cgR1o8ayYvZxoJMFa0uaGuNcU-qBWaEc_jPlr9SSjiqG2nUtENyiMx92iDSZRdvferKbO86LQUr4WwJngrja3wwSD1vNjV7Za5V64-wKjRRxTCXs25pifb9E6HHTqd2UjA6T1x-ydRwWt4HjuD?_z=5904249&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL GET HTTP/2 niwooghu.com/impression/cZp2yCxC379Z8g3iAO5QIBKQiDiw9i0QmTH_WoZZ3fgFKkmmHrRaIH82J5b996B3PtEoKzzGqVbqZSMNA-6uJL6YjUxp2nz3aHziCBg3tF_UTRjom0_cuGv73P6WAeYJ13axl7YlJ8EoBg0jPIYfTkInpm6JkQge-c_RB6J8KUSZ0TYuWan2aJlUMU9zugN4UFc3dJATa-wI4KmFosRuP1HrIMOa3NdeIlPqcXknX_OWs1CUKh-PgCklrvoCCQ8xkp-yGqPQG6v4gzjTTt1rVW5ciZSexUqLJD7QDbdaPFEPA5wwgEzTVw4L1W0fZHizeqbZ1zjE7sASqexHDSrwLnhmC_qP8bVaBexVktgn9V8-KoNkD6VWzlOSoIOi0GjgUYFf15vIDIyt56ddDYwxRHPq1x4HKp1MDiOvSxx6xzxDcnUwP02Pnbxqb30Xa19lQqcqLhuj2aOFf6PCeXUHVT_6z_UMfHiU9G4tb1OqQ8bIW3cgR1o8ayYvZxoJMFa0uaGuNcU-qBWaEc_jPlr9SSjiqG2nUtENyiMx92iDSZRdvferKbO86LQUr4WwJngrja3wwSD1vNjV7Za5V64-wKjRRxTCXs25pifb9E6HHTqd2UjA6T1x-ydRwWt4HjuD?_z=5904249&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&var=zd_6003257&ar=1&ymid=687942579767226394&source=539748&ret={var_4}
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/cZp2yCxC379Z8g3iAO5QIBKQiDiw9i0QmTH_WoZZ3fgFKkmmHrRaIH82J5b996B3PtEoKzzGqVbqZSMNA-6uJL6YjUxp2nz3aHziCBg3tF_UTRjom0_cuGv73P6WAeYJ13axl7YlJ8EoBg0jPIYfTkInpm6JkQge-c_RB6J8KUSZ0TYuWan2aJlUMU9zugN4UFc3dJATa-wI4KmFosRuP1HrIMOa3NdeIlPqcXknX_OWs1CUKh-PgCklrvoCCQ8xkp-yGqPQG6v4gzjTTt1rVW5ciZSexUqLJD7QDbdaPFEPA5wwgEzTVw4L1W0fZHizeqbZ1zjE7sASqexHDSrwLnhmC_qP8bVaBexVktgn9V8-KoNkD6VWzlOSoIOi0GjgUYFf15vIDIyt56ddDYwxRHPq1x4HKp1MDiOvSxx6xzxDcnUwP02Pnbxqb30Xa19lQqcqLhuj2aOFf6PCeXUHVT_6z_UMfHiU9G4tb1OqQ8bIW3cgR1o8ayYvZxoJMFa0uaGuNcU-qBWaEc_jPlr9SSjiqG2nUtENyiMx92iDSZRdvferKbO86LQUr4WwJngrja3wwSD1vNjV7Za5V64-wKjRRxTCXs25pifb9E6HHTqd2UjA6T1x-ydRwWt4HjuD?_z=5904249&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26var%3Dzd_6003257%26ar%3D1%26ymid%3D687942579767226394%26source%3D539748%26ret%3D%7Bvar_4%7D&drf=https%3A%2F%2Fp.rapolok.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Cookie: OAID=f7531ae4ce4d4dfbad0f0284c1d11ee1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 01:10:59 GMT
content-type: image/gif
content-length: 43
x-trace-id: 89456d3424e57d676f452cf7f78531f7
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2