ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 86c69d1b9407db383b13a757c988185b
87de14096fc20734f0caf8d31f43f14e72377e3f
a3e63c481c0a086dec9975f115a0709e81720a1717077445c78f0ef21b939254
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sun, 28 May 2023 14:50:07 GMT
Etag: "6472da64-1d7"
Last-Modified: Sun, 28 May 2023 14:13:39 GMT
Server: ECAcc (bsa/EB26)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: A1qAW8gBdS_LmUIGBECKlVgS83suKWMgr71fJ2R4wt_HhVwJ0aITpQ==
Age: 2188
amclicks.com/clk.php?c=7384&p=10899&s1=676047&s2=1266386627&s3=18842
107.21.226.142 0 B URL amclicks.com/clk.php?c=7384&p=10899&s1=676047&s2=1266386627&s3=18842
IP 107.21.226.142:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /clk.php?c=7384&p=10899&s1=676047&s2=1266386627&s3=18842 HTTP/1.1
Host: amclicks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 28 May 2023 14:50:07 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://amclicks.com/x/7384/10899/0/676047/1266386627/18842/0/0/0/
server: Apache/2.4.41 (Ubuntu)
X-Firefox-Spdy: h2
amclicks.com/x/7384/10899/0/676047/1266386627/18842/0/0/0/
107.21.226.142302 Found 172 B URL User Request GET HTTP/2 amclicks.com/x/7384/10899/0/676047/1266386627/18842/0/0/0/
IP 107.21.226.142:443
Certificate IssuerAmazon
Subjectamclicks.com
Fingerprint04:1C:1F:8F:32:D6:9B:38:B8:D9:D5:1A:78:D3:FE:67:41:65:CC:B6
ValidityThu, 02 Mar 2023 00:00:00 GMT - Wed, 23 Aug 2023 23:59:59 GMT
File type HTML document, ASCII text, with no line terminators
Hash 745f9f6e2ddf67019fceb6890b4c0c60
6a1f76b3ee14a3f580a1e1f90777ca3c3484fb9b
f252229211092f76e64b39e4478131bfee042c800f089325598dd2f1406ef7f0
GET /x/7384/10899/0/676047/1266386627/18842/0/0/0/ HTTP/1.1
Host: amclicks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:07 GMT
content-type: text/html; charset=UTF-8
content-length: 172
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: ci_session=djddtifh7m9o9re38nie30g7nrbrphtt; expires=Sun, 28-May-2023 16:50:07 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
ref=1; expires=Sun, 28-May-2023 15:50:07 GMT; Max-Age=3600
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
amclicks.com/x/7384/10899/0/676047/1266386627/18842/0/0/0/
107.21.226.142302 Found 0 B URL User Request GET HTTP/2 amclicks.com/x/7384/10899/0/676047/1266386627/18842/0/0/0/
IP 107.21.226.142:443
Certificate IssuerAmazon
Subjectamclicks.com
Fingerprint04:1C:1F:8F:32:D6:9B:38:B8:D9:D5:1A:78:D3:FE:67:41:65:CC:B6
ValidityThu, 02 Mar 2023 00:00:00 GMT - Wed, 23 Aug 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/7384/10899/0/676047/1266386627/18842/0/0/0/ HTTP/1.1
Host: amclicks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amclicks.com/x/7384/10899/0/676047/1266386627/18842/0/0/0/
Cookie: ref=1; ci_session=djddtifh7m9o9re38nie30g7nrbrphtt
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Sun, 28 May 2023 14:50:07 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 596c13d948d2c19dec9a1959c05d8446
5c4ecd47eb4019e27bdc94157dc1ea5f61096bfd
3615a8c0dbc8c7ad7459ba11d0e3a11660837ac32b7270a16935a3d155614534
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=7200'
Date: Sun, 28 May 2023 14:50:08 GMT
Server: ECAcc (dcb/7E9A)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: N0RTLUtmRx-X1TI32fzBbGkA6X-nXArIIfySAZQJY6C912GNv_1L0A==
primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
107.21.226.142200 OK 5.2 kB URL User Request GET HTTP/2 primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
IP 107.21.226.142:443
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1124)
Hash 4b1d2ef364862c2359ec821355c64fee
1b04bdc4beeacb4ae1c0dc22f52a421111ea2937
b370c7308d73b87b4f35ae1bd0e76e72ed981bc7a87052a31fe85e86156ed22b
Analyzer Verdict Alert fortinet Phishing
GET /go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amclicks.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:08 GMT
content-type: text/html; charset=UTF-8
content-length: 5154
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=a83f4e1v28pfqa443u683mja1lrphpsq; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js
104.17.25.14200 OK 6.2 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js
IP 104.17.25.14:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (19063)
Hash aad2475f1e2615224fa9716b53954be2
4f08d328c845410583e0a05c8d5a5bc61c23db47
8e95b881702116fa860c3e41ef7ebaac83c3ecf0db026aaae023b46671db74ce
GET /ajax/libs/popper.js/1.12.3/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 6174
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4b24"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3918867
expires: Fri, 17 May 2024 14:50:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WY5MsanccsU0art0z6R3J37y8zqealsA1hM66Mx0ob4MPwPHR6ZYoQTh95DO2pek1bNNe9YH57FRhU0pRlNUHbTMZuXJf6asEHc6f6vhEl1Q5wpSa6p%2Fk3WCPBSQoDC4rZzpy2e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ce74eeb386d0b41-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
primerewardz.com/assets/css/loading_icon_1.css
107.21.226.142200 OK 580 B URL GET HTTP/2 primerewardz.com/assets/css/loading_icon_1.css
IP 107.21.226.142:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
Hash 053b0d384c5e6cac600ccf5a8653e78d
58a6473f06c39c9338e2baaa1474c112e9d3f2e9
091a6575c7efe80624d5054b93b61cd16e00398e10c495511c1af7dc063e882a
GET /assets/css/loading_icon_1.css HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Cookie: ci_session=a83f4e1v28pfqa443u683mja1lrphpsq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:08 GMT
content-type: text/css
content-length: 580
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:07 GMT
etag: "db0-5c80ac2ce37a0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
primerewardz.com/assets/js/jquery.email-autocomplete.min.js
107.21.226.142200 OK 1.3 kB URL GET HTTP/2 primerewardz.com/assets/js/jquery.email-autocomplete.min.js
IP 107.21.226.142:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (2986)
Hash e52c1b9d782a5f900404c7d6b19913b3
92a6f34824da998a181a36ede877ffb611a194aa
369f3c1ba5e42e3b55ca10f6cf763f5e6811af0f44e0b61b84852aa19081de3e
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery.email-autocomplete.min.js HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Cookie: ci_session=a83f4e1v28pfqa443u683mja1lrphpsq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:08 GMT
content-type: application/javascript
content-length: 1279
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:10 GMT
etag: "c5e-5c80ac301ea00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
primerewardz.com/assets/img/guarantee_badge.svg
107.21.226.142200 OK 7.1 kB URL GET HTTP/2 primerewardz.com/assets/img/guarantee_badge.svg
IP 107.21.226.142:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (7104), with no line terminators
Hash 19028bac308549aeb0e41a418646e2df
43209bcef38e912327857ef68ee8796d78c52ca0
977ed311f2c3818040fb8d87f3d93f94088749446b0e2d03b54fd73506e9ab7e
Analyzer Verdict Alert fortinet Phishing
GET /assets/img/guarantee_badge.svg HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Cookie: ci_session=a83f4e1v28pfqa443u683mja1lrphpsq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:08 GMT
content-type: image/svg+xml
content-length: 7104
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 06 Nov 2017 17:45:19 GMT
etag: "1bc0-55d54049409c0"
accept-ranges: bytes
X-Firefox-Spdy: h2
primerewardz.com/assets/js/templ_standard_js.min.js
107.21.226.142200 OK 981 B URL GET HTTP/2 primerewardz.com/assets/js/templ_standard_js.min.js
IP 107.21.226.142:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (937)
Hash 36eb8ad9bbfc0fb3de0c0724e98056e4
0d26daccbee4cd7fbc3b0d1c154c9d30d3449e45
aa7506c4bb3cd1be57d7e487d908bc0a299beef8ee09950189dcd39d691566d9
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/templ_standard_js.min.js HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Cookie: ci_session=a83f4e1v28pfqa443u683mja1lrphpsq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:08 GMT
content-type: application/javascript
content-length: 981
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 11 Nov 2021 17:25:09 GMT
etag: "987-5d0869fd7fe28-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 5eb2d0db01496946784367a1c6a22c28
2d0a58aa819ca13f208af62e0c21996bd123de9f
8c16e79ed32ccf5baf793a07ad6128fa85ea0f0877da7da7145ae6a33e811a1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 14:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js
104.18.10.207200 OK 14 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js
IP 104.18.10.207:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (50277)
Hash 46b549bdc90920f18a911f186b9dd75c
3c639c4af5c036a6ee364215bd12c0b12937827d
1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5
GET /bootstrap/4.0.0-beta.2/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:08 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:03 GMT
cdn-cachedat: 2021-04-23 06:28:09
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: a9ac53c2137aaf1cc3a74aff1812514f
cdn-cache: HIT
cf-cache-status: HIT
age: 1859330
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ce74eeb381ab4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
142.250.74.138200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 142.250.74.138:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (32058)
Hash c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 06:56:45 GMT
expires: Wed, 22 May 2024 06:56:45 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 460403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
primerewardz.com/assets/js/plugins/email.verify.1.1.js
107.21.226.142200 OK 1.5 kB URL GET HTTP/2 primerewardz.com/assets/js/plugins/email.verify.1.1.js
IP 107.21.226.142:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type assembler source, ASCII text, with very long lines (947)
Hash 172c7088f34c1c375ae260a028a9f0cf
150684d6ffcd2e12727954790e17685b3410ff95
d3c8d6a7d5f212160de2ead76c91e553cd29e8f2271536586ccb41d401fab4ad
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/plugins/email.verify.1.1.js HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Cookie: ci_session=a83f4e1v28pfqa443u683mja1lrphpsq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:08 GMT
content-type: application/javascript
content-length: 1470
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:14 GMT
etag: "14c2-5c80ac33e27e0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
primerewardz.com/assets/js/pop_window.js
107.21.226.142200 OK 752 B URL GET HTTP/2 primerewardz.com/assets/js/pop_window.js
IP 107.21.226.142:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
Hash 5ab611ffa62c4d2208e8b06c984337ec
7b1f19e115be9f0b90d7791ce2ca85e5ee536b82
c878606d2efe52e77a736f5bca231a2a62281697138d10416088282fd8a090ee
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/pop_window.js HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Cookie: ci_session=a83f4e1v28pfqa443u683mja1lrphpsq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:08 GMT
content-type: application/javascript
content-length: 752
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:14 GMT
etag: "1085-5c80ac33e7600-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 5eb2d0db01496946784367a1c6a22c28
2d0a58aa819ca13f208af62e0c21996bd123de9f
8c16e79ed32ccf5baf793a07ad6128fa85ea0f0877da7da7145ae6a33e811a1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 14:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 5eb2d0db01496946784367a1c6a22c28
2d0a58aa819ca13f208af62e0c21996bd123de9f
8c16e79ed32ccf5baf793a07ad6128fa85ea0f0877da7da7145ae6a33e811a1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 14:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
primerewardz.com/assets/js/jquery.email-autocomplete.min.js
107.21.226.142200 OK 1.3 kB URL GET HTTP/2 primerewardz.com/assets/js/jquery.email-autocomplete.min.js
IP 107.21.226.142:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (2986)
Hash e52c1b9d782a5f900404c7d6b19913b3
92a6f34824da998a181a36ede877ffb611a194aa
369f3c1ba5e42e3b55ca10f6cf763f5e6811af0f44e0b61b84852aa19081de3e
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery.email-autocomplete.min.js HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Cookie: ci_session=a83f4e1v28pfqa443u683mja1lrphpsq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:08 GMT
content-type: application/javascript
content-length: 1279
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:10 GMT
etag: "c5e-5c80ac301ea00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash bb63f1caaf551e76a88f326c8db516ce
513533cccfb522767abf37082518f766adc3c070
cfe2e32528181d9ff75d3946d789811d6d2c71e153c39aa72c0a586b922ebeb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 14:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash bb63f1caaf551e76a88f326c8db516ce
513533cccfb522767abf37082518f766adc3c070
cfe2e32528181d9ff75d3946d789811d6d2c71e153c39aa72c0a586b922ebeb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 14:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:11:48 GMT
expires: Sun, 26 May 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 128300
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash bb63f1caaf551e76a88f326c8db516ce
513533cccfb522767abf37082518f766adc3c070
cfe2e32528181d9ff75d3946d789811d6d2c71e153c39aa72c0a586b922ebeb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 14:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 07:44:41 GMT
expires: Sun, 26 May 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 111927
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playball/v17/TK3gWksYAxQ7jbsKcg8Eneo.woff2
216.58.207.227200 OK 32 kB URL GET HTTP/2 fonts.gstatic.com/s/playball/v17/TK3gWksYAxQ7jbsKcg8Eneo.woff2
IP 216.58.207.227:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 31564, version 1.0\012- data
Hash 34b8d410c61dcbac31c06d4e72e17e22
f8edc32d045953f1190f2503da2bd590048f5fc6
21a5a1944ae56ff8b3142b32a4e54eab52dd4a630d2161179b8b98a5cbe8b80d
GET /s/playball/v17/TK3gWksYAxQ7jbsKcg8Eneo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:17:37 GMT
expires: Thu, 23 May 2024 00:17:37 GMT
cache-control: public, max-age=31536000
age: 397951
last-modified: Tue, 02 May 2023 16:04:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Playball|Roboto:400,700
142.250.74.106200 OK 1.2 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Playball|Roboto:400,700
IP 142.250.74.106:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type gzip compressed data, max compression\012- data
Hash a21b5f9aefedf7cbcaa0795f11d64f83
edc8b06d99bb97961822f9656b2a4bb4b072df9e
fe48693476c82c41a0cc219c9055df8b23f16f9f0bc62aee87b5602df153ace0
GET /css?family=Playball|Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 May 2023 14:50:08 GMT
date: Sun, 28 May 2023 14:50:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash d8a1af6f2f7da0f2c772b7aaf3298eb5
d382551a991cef5c84a2d889c585f4e7e7aa962c
9067c3cf63a39e2560f73995a3015b0b89d3d67817540ad381511853186056fc
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sun, 28 May 2023 14:50:09 GMT
Last-Modified: Sun, 28 May 2023 13:28:38 GMT
Server: ECAcc (nya/7968)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zBnbKiJtQZDEpIT5UBFK9f2ApjJ-E_eQ4M3YLWnJV1zL4YcUZiGFAQ==
Age: 4891
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 001406997482312609f0ed5358677626
b61d8c44d018eaac9c112a232c68c867045ae11f
19735dd80ad120a80420f47d9dbdf50ccc0e29f82b8346ffe447b72fb9f78d7b
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sun, 28 May 2023 14:50:09 GMT
Last-Modified: Sun, 28 May 2023 14:22:22 GMT
Server: ECAcc (bsa/EA9D)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4nHt3Dt73AZHRgc8-qdTitDGkh1Yad51r8YXd0eln-6i3drqwz1i9Q==
Age: 1667
api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16852854086170.4945176914181282&invert_field_sensitivity=false
3.211.160.236301 Moved Permanently 134 B URL GET HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16852854086170.4945176914181282&invert_field_sensitivity=false
IP 3.211.160.236:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /trustedform.js?provide_referrer=false&field=trusted_form&l=16852854086170.4945176914181282&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Sun, 28 May 2023 14:50:09 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form&l=16852854086170.4945176914181282&invert_field_sensitivity=false
X-Firefox-Spdy: h2
primerewardz.com/assets/img/campaign/1200_bg.jpg
107.21.226.142200 OK 651 kB URL GET HTTP/2 primerewardz.com/assets/img/campaign/1200_bg.jpg
IP 107.21.226.142:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 3840x2305, components 3\012- data
Size 651 kB (651297 bytes)
Hash c1679eec674158c15e0ccb8c569dd206
7b3f9217b1d43fc7673c287b3267ebfe48071f4a
7fe2fae5ff0fc8e53499d44a560bafb86931c14aae49f1c01ff152a16e22d2e6
GET /assets/img/campaign/1200_bg.jpg HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Cookie: ci_session=a83f4e1v28pfqa443u683mja1lrphpsq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:08 GMT
content-type: image/jpeg
content-length: 651297
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:32:39 GMT
etag: "9f021-5d7afd9f0fc38"
accept-ranges: bytes
X-Firefox-Spdy: h2
pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=primerewardz.com
108.157.214.104200 OK 2.2 kB URL GET HTTP/2 pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=primerewardz.com
IP 108.157.214.104:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectpushpros.tech
FingerprintF1:27:D4:0A:37:DD:69:2C:97:CF:48:D1:1A:24:56:E0:17:C8:BB:F9
ValidityThu, 04 May 2023 00:00:00 GMT - Sat, 01 Jun 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2182), with no line terminators
Hash dda4b2ad967142d30726ca20e8af93bc
1ac1a32ccaf48712a3ed31e45851a2f96ef3168e
24a95847ba714c08305ac2b7407543967f0faa87189874fb0a2b38a3c628efce
GET /GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=primerewardz.com HTTP/1.1
Host: pushpros.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://primerewardz.com/
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
content-length: 2182
date: Sun, 28 May 2023 14:50:09 GMT
x-amzn-requestid: fb3c0a84-5a09-4069-9e02-fc4e0a4bd2fa
access-control-allow-origin: *
x-amz-apigw-id: Fo2FREw6oAMFwHQ=
x-amzn-trace-id: Root=1-64736a21-60804c805390c42d73be7a9f;Sampled=0;lineage=ce85cba6:0
x-cache: Miss from cloudfront
via: 1.1 59202edf772149f3e7805f2a4994d252.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: VTTl_2l0fVKbDzshRTh0fcwKylPWKd0Pej7ZZKE4TEhNYdujTmC5lQ==
X-Firefox-Spdy: h2
primerewardz.com/assets/img/campaign/1200_welcome.png
107.21.226.142200 OK 709 kB URL GET HTTP/2 primerewardz.com/assets/img/campaign/1200_welcome.png
IP 107.21.226.142:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type PNG image data, 1517 x 1183, 8-bit/color RGBA, non-interlaced\012- data
Size 709 kB (708688 bytes)
Hash b74ab05c4fd0c1aa56fac019a132ba46
1b5c4b2d6219f56070e34bb984bd70dee73fb76f
25a4080d24a34c9f3cec714c55e06fb77742658289c9fa78599f621176a79742
GET /assets/img/campaign/1200_welcome.png HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Cookie: ci_session=a83f4e1v28pfqa443u683mja1lrphpsq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:08 GMT
content-type: image/png
content-length: 708688
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:32:41 GMT
etag: "ad050-5d7afda0d3e98"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 73caf6fdf51db0cb515d9c9464ea62f0
04b4e059165e9918c10a4acb447be7256a3de157
879c6c9486e5c8d8495d9062c26c66936edcdfca4dc362c9c7d516fa4393c6a6
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=7200'
Date: Sun, 28 May 2023 14:50:09 GMT
Etag: "647223bb-1d7"
Server: ECAcc (dcb/7F10)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cKPZ-2UEXdCI8chxd-E6mlcewKe8eaENTJ61Q_OX-TvbzGFKocI6vg==
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 75de079d821a3dd11707c06ad73117c1
760e8edf788c93cef9303df371de5de4cb876b62
1bb10cf4b1566d44d34c07eabada16e86dba81cc5eeb1f5840b8e0f2b485b9d9
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sun, 28 May 2023 14:50:09 GMT
Last-Modified: Sun, 28 May 2023 13:19:22 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: agO2-rNfpttuZ0hZkbq49pJmCRh1een01JX1_l8RNTeqOFsHgm104Q==
Age: 5447
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 4d38093dc11cbdff312b4595729238c3
e07e058562aabf897702c77ad95efd8f934eeef5
9727e1a78636a392630aaa931e8f9b23955d01205a0e11ef7a16b82e2f76ed4f
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sun, 28 May 2023 14:50:09 GMT
Etag: "64725ead-1d7"
Last-Modified: Sun, 28 May 2023 14:39:06 GMT
Server: ECAcc (nya/7968)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8vr_JE2Zal2h89igycXlvC7YiDH5CYqQFMGXfXPf-fpEwqfcv-qylg==
Age: 663
primerewardz.com/favicon.ico
107.21.226.142200 OK 5.4 kB URL GET HTTP/2 primerewardz.com/favicon.ico
IP 107.21.226.142:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b0a102991e7332643ae57365023c00c8
4ea4c55c982e08bda104d2e8e981594c067cef24
1dfc58ffbcb07c761f79eb6b46f50b3789bd21e41a0b4cb1aca82b1dd8020fcc
GET /favicon.ico HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Cookie: ci_session=a83f4e1v28pfqa443u683mja1lrphpsq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:09 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:08 GMT
etag: "1536-5c80ac2e78fe8"
accept-ranges: bytes
X-Firefox-Spdy: h2
s3.amazonaws.com/trackpush/trackpush.min.js
52.216.89.246200 OK 13 kB URL GET HTTP/1.1 s3.amazonaws.com/trackpush/trackpush.min.js
IP 52.216.89.246:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjects3.amazonaws.com
Fingerprint94:B9:7C:21:8C:A0:94:8C:1A:34:F7:CB:48:59:A4:A2:B4:E5:81:03
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 20 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (47625), with no line terminators
Hash d470356148c00da67db3c9bdaecc90f9
d12a4df31633cf9a982bd6e8c3ffbc2449b1753f
5ea9947b55246bd7e281b10027a5ed301039077b0589afff470b73c561a93054
GET /trackpush/trackpush.min.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 5F7FEea9sJ/X7TiOPIBGeqoU/uByrjs+XxRbCIPXq1Rzn9UoikWxJU/5jvbMcbW8WtnAkD++1LU=
x-amz-request-id: SQ35KQNW8GS5AKPW
Date: Sun, 28 May 2023 14:50:11 GMT
Last-Modified: Thu, 03 Nov 2022 18:51:50 GMT
ETag: "cbd14612441d2cca730df2e3c9f185c1"
Cache-Control: max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 13264
signals.aimtell.com/pageview?id_site=12400&v=3.974&support=0&state=default&wl=1
104.18.31.151200 OK 43 B URL POST HTTP/2 signals.aimtell.com/pageview?id_site=12400&v=3.974&support=0&state=default&wl=1
IP 104.18.31.151:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerCloudflare, Inc.
Subjectaimtell.com
Fingerprint1C:CD:DA:C4:62:7E:59:6E:A3:E5:F3:89:A3:BD:88:CA:D9:F0:F7:3D
ValiditySat, 08 Apr 2023 00:00:00 GMT - Sun, 07 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /pageview?id_site=12400&v=3.974&support=0&state=default&wl=1 HTTP/1.1
Host: signals.aimtell.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:10 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: https://primerewardz.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse, Aimtell-Signal
aimtell-hash-exists: 0
aimtell-signal: 0
aimtell-traverse: 0
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce74ef5ba340b45-OSL
X-Firefox-Spdy: h2
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
54.230.245.201200 OK 1.4 kB URL GET HTTP/1.1 d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP 54.230.245.201:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f383924b4df21ad2fe7e8882c61bd5ce
465f78b89eaf1a5aaea70d27ddef8bd19b72fee5
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
GET /iframe.html?token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 18 Apr 2023 16:14:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Sat, 27 May 2023 16:27:16 GMT
ETag: W/"643ec1f4-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2_m3MlJhdNC_-QIUdwd0R6WCfv23u8dAA60rirp4irCPjAjBNROz9g==
Age: 80574
api.trustedform.com/certs
3.211.160.236201 Created 475 B URL POST HTTP/2 api.trustedform.com/certs
IP 3.211.160.236:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Hash 94746bb56f04b97f003684003c704fe3
14c6e550203a20c6808bff641def5d73c056016d
e694270e2e0a945d5cdfc731bf39273c95801ad3e538dd621a0f248b46c996e6
POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 664
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 201 Created
date: Sun, 28 May 2023 14:50:10 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
cdn.trustedform.com/trustedform-1.8.39.js
54.230.111.60200 OK 38 kB URL GET HTTP/2 cdn.trustedform.com/trustedform-1.8.39.js
IP 54.230.111.60:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash f33721b39a3c37fcc07bc76aa9f714e9
eb62d7ec49a5389b7f3fe9ef0c438b20e9d71fd8
b3f790d6031f833ed87d7c4200bcd1782b8ffbd4fcfdda86b7839fc40278394c
GET /trustedform-1.8.39.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: OadgesbszW_FbzYEqgjtb7SPpT8rHyZy
server: AmazonS3
content-encoding: gzip
date: Sun, 28 May 2023 14:50:10 GMT
etag: W/"9c2830f2c2e5b9cb27e0e7f151317cbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NExxH0AuY_63VkyaCzYwWCgr_CXN8i6UITsFaBOn7CARHtJMN7UsXw==
age: 24
X-Firefox-Spdy: h2
api.trustedform.com/certs/44b758e72ad43a177894a5abc7f695e2b8ce976f/snapshot
3.211.160.236204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/44b758e72ad43a177894a5abc7f695e2b8ce976f/snapshot
IP 3.211.160.236:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/44b758e72ad43a177894a5abc7f695e2b8ce976f/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 7515
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 28 May 2023 14:50:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/44b758e72ad43a177894a5abc7f695e2b8ce976f/fingerprints
3.211.160.236204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/44b758e72ad43a177894a5abc7f695e2b8ce976f/fingerprints
IP 3.211.160.236:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/44b758e72ad43a177894a5abc7f695e2b8ce976f/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 176
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 28 May 2023 14:50:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/44b758e72ad43a177894a5abc7f695e2b8ce976f/events
3.211.160.236204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/44b758e72ad43a177894a5abc7f695e2b8ce976f/events
IP 3.211.160.236:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/44b758e72ad43a177894a5abc7f695e2b8ce976f/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 254
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 28 May 2023 14:50:11 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16852854086170.4945176914181282&invert_field_sensitivity=false
54.230.111.60200 OK 3.5 kB URL GET HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16852854086170.4945176914181282&invert_field_sensitivity=false
IP 54.230.111.60:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 1df6b5c4cfd6aface0c9fd027036d672
7490d99082c24ce39821766a4d06025a02689b90
ed18bff662d881209e5ce3fd0aaacd5dc1513ea844af75ead6e1a08b2e5e32b9
GET /bootstrap.js?provide_referrer=false&field=trusted_form&l=16852854086170.4945176914181282&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://primerewardz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 28 May 2023 14:50:10 GMT
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: 3_b23spJZawDo2DonqGySoPkWa3Umuag
etag: W/"88ddf717f635b54023edd7480431e1d1"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NaBL5K-zAwOGfo9Qyg3FLYY3RqWH-bwoXYHQkDqz-tGjXgj4zkhXOg==
X-Firefox-Spdy: h2
primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
52.2.18.249200 OK 5.2 kB URL User Request GET HTTP/2 primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
IP 52.2.18.249:443
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1124)
Hash 4b1d2ef364862c2359ec821355c64fee
1b04bdc4beeacb4ae1c0dc22f52a421111ea2937
b370c7308d73b87b4f35ae1bd0e76e72ed981bc7a87052a31fe85e86156ed22b
Analyzer Verdict Alert fortinet Phishing
GET /go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:23 GMT
content-type: text/html; charset=UTF-8
content-length: 5154
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=6moriog381864nvol75th0ovq7du6fp8; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
deviceid.trueleadid.com/iframe.html?token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
52.206.129.240200 OK 4.2 kB URL GET HTTP/2 deviceid.trueleadid.com/iframe.html?token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP 52.206.129.240:443
Requested by https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
Certificate IssuerAmazon
Subjectdeviceid.trueleadid.com
FingerprintD8:8B:86:53:4A:F3:E9:53:1D:C4:CD:CB:91:CD:50:50:B0:84:BA:DB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4323), with no line terminators
Hash 27a57862137bf0b580930f288703c507
20114057bbb1f8a2ca6f1b6a2d81fe7f2b75c64a
b0019d4447d91be93f68b8fb233b8fcccc542e3dffc16d4dc9c9f71bc9704550
GET /iframe.html?token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:10 GMT
content-type: text/html
server: nginx
last-modified: Tue, 23 May 2023 16:17:22 GMT
etag: W/"646ce712-1049"
expires: Mon, 29 May 2023 14:50:10 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2
create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
104.22.39.182200 OK 126 kB URL GET HTTP/2 create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
IP 104.22.39.182:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerCloudflare, Inc.
Subjectlidstatic.com
FingerprintF7:D5:3C:A9:3E:B6:D5:BF:11:CB:69:9F:0B:34:88:4F:18:79:BC:88
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT
Size 126 kB (126350 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:09 GMT
content-type: text/javascript
x-amz-id-2: kVBGEAUx47lxyuJZOhYviXpJGIkiVbmk+c6uPb89kAC50DamnXpsljZDC8CG/J9QyocC7LR0AvI=
x-amz-request-id: N4537WQ29D95J6QB
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 00:55:16 GMT
etag: W/"97495a102c98049f30e62264b1eb50f5"
cache-control: max-age=1800
x-amz-version-id: StKcIVmHluaEF1AzrOc3qrEmwMpZOgwG
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce74eee3abb1665-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517232
54.237.170.210200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=3&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517232
IP 54.237.170.210:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=3&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517232 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1238
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:10 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rguserid=1c2e1115-e905-4a11-8e7a-ffe26cb09dde; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517231
54.237.170.210200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/SaveDom?msn=2&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517231
IP 54.237.170.210:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/SaveDom?msn=2&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517231 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 496
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:10 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rguserid=d2f44e76-2381-4c25-a73c-cf927a125970; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=7&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517236
54.237.170.210200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/Snap?msn=7&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517236
IP 54.237.170.210:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=7&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517236 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 40680
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:12 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Tue, 27-Jun-2023 14:50:12 GMT; Max-Age=2592000; path=/
rguserid=1cbdb90d-d31f-4819-975c-8c745a4a514f; expires=Tue, 27-Jun-2023 14:50:12 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Tue, 27-Jun-2023 14:50:12 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Tue, 27-Jun-2023 14:50:12 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&_=636517230
54.237.170.210200 OK 36 B URL POST HTTP/2 create.leadid.com/2.11.9/GenerateToken?msn=1&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&_=636517230
IP 54.237.170.210:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash be826a06773f61c5774fe4dfe9600c06
6f6af1baa668ede9cd1ccf63ba5e0e0f71f7bca0
564875ad7080b24c6c51b94ff9d0a28876189f44bedf0f04164c0742141177c3
POST /2.11.9/GenerateToken?msn=1&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&_=636517230 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 292
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:10 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rguserid=b9c98255-8a4c-4c0e-9fc1-0ca30618db3a; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=6&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517235
54.237.170.210200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/Snap?msn=6&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517235
IP 54.237.170.210:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=6&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517235 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 139880
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:12 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Tue, 27-Jun-2023 14:50:12 GMT; Max-Age=2592000; path=/
rguserid=e7bae1f5-5543-4098-b717-b27895134ab5; expires=Tue, 27-Jun-2023 14:50:12 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Tue, 27-Jun-2023 14:50:12 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Tue, 27-Jun-2023 14:50:12 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/css/bootstrap.min.css
104.18.10.207200 OK 127 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/css/bootstrap.min.css
IP 104.18.10.207:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65318)
Size 127 kB (127343 bytes)
Hash 95df726a7936892cf645a57c1ccf3b75
3e035b1a98c46848c442529af959270bae59471b
414caa66bb79bc88c1ba6a2a415d2333c0a01aab1c15f74684dfa7542a97d2f7
GET /bootstrap/4.0.0-beta.2/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:08 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:03 GMT
cdn-cachedat: 11/02/2021 02:15:40
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 5014485a46d581605d0e095f8e21f934
cdn-cache: HIT
cf-cache-status: HIT
age: 30726201
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ce74eeb2807b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=4&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517233
54.237.170.210200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=4&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517233
IP 54.237.170.210:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=4&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517233 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1063
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:10 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rguserid=aad1956c-db90-487c-b853-b9302bbdeadc; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&uuid=f08787bd5898419698f0a465be23b95d
54.237.170.210200 OK 0 B URL GET HTTP/2 create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&uuid=f08787bd5898419698f0a465be23b95d
IP 54.237.170.210:443
Requested by https://deviceid.trueleadid.com/iframe.html?token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&uuid=f08787bd5898419698f0a465be23b95d HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:10 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rguserid=2fe2ef75-cb64-4281-9904-bc15a580d598; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Tue, 27-Jun-2023 14:50:10 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=5&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517234
54.237.170.210200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/Snap?msn=5&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517234
IP 54.237.170.210:443
Requested by https://primerewardz.com/go/to/72d25f/key/1e300bac3ea2cf937b5ab1d96bff031a/aid/10899/s1/676047/pop/no
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=5&pid=5a1f1eea-6cf9-4bba-9dc4-429df9c6e429&token=E0D08530-C890-893C-5F72-CEA2B8C93CFD&_=636517234 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 164775
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 14:50:12 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Tue, 27-Jun-2023 14:50:12 GMT; Max-Age=2592000; path=/
rguserid=9338358a-54bc-4666-8d63-c91e972f7531; expires=Tue, 27-Jun-2023 14:50:12 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Tue, 27-Jun-2023 14:50:12 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Tue, 27-Jun-2023 14:50:12 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2