gummy.trffclb.com/l.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=6481bc0957579f0bbf239dc2&source=888.70.du.488122.jp..jp./
51.83.143.92 0 B URL gummy.trffclb.com/l.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=6481bc0957579f0bbf239dc2&source=888.70.du.488122.jp..jp./
IP 51.83.143.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /l.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=6481bc0957579f0bbf239dc2&source=888.70.du.488122.jp..jp./ HTTP/1.1
Host: gummy.trffclb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 08 Jun 2023 15:49:12 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 11hx4alk7e
Raund: 2su
Location: https://samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.70.du.488122.jp..jp./
samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.70.du.488122.jp..jp./
51.83.143.92 0 B URL samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.70.du.488122.jp..jp./
IP 51.83.143.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.70.du.488122.jp..jp./ HTTP/1.1
Host: samba.trffclb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 08 Jun 2023 15:49:12 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 10voqfxttf
Raund: 2fx
Location: https://popcash.net/world/go/134600/426377
popcash.net/world/go/134600/426377
172.67.194.203 162 B URL popcash.net/world/go/134600/426377
IP 172.67.194.203:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /world/go/134600/426377 HTTP/1.1
Host: popcash.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 08 Jun 2023 15:49:12 GMT
content-type: text/html
content-length: 162
location: http://ps.popcash.net/go/134600/426377
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AndxMMOOCsJB0rcDuf3xC5EKXbirxFmqej64BY2k6bOPF1uQY8ZjcdLPuRH2wYvopF5hCFuEkhHscY2POliGIExj%2BZREBn1BdKucpXRYloo9pieQG4BE5eQ2iWD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4248906debb4eb-OSL
X-Firefox-Spdy: h2
ps.popcash.net/go/134600/426377
54.236.145.30 272 B URL ps.popcash.net/go/134600/426377
IP 54.236.145.30:0
File type HTML document, ASCII text
Hash 9a636fdd5c4afc36736c15dae3462d57
ce21ed41f1d568e0255b99fbd134c443a2876260
621e3013f3a4b20e4ad73b8428f01fc9e9729abca871d8dca1d63ac651b304a5
GET /go/134600/426377 HTTP/1.1
Host: ps.popcash.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 08 Jun 2023 15:49:12 GMT
Server: nginx
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226 1.4 kB URL ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 438a1ab91665619e20397e6eec86d5e3
7b843286f2f6856d09fb8535435a1e79d8cefefb
47f804f3fe524d2f9b4724800ee788daaf5a12b49b3ceda18dc019ecf1fa1c59
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Jun 2023 15:49:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 12 Jun 2023 13:57:55 GMT
ETag: "7b843286f2f6856d09fb8535435a1e79d8cefefb"
Last-Modified: Thu, 08 Jun 2023 13:57:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 661
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d424895bc790b61-OSL
ps.popcash.net/ad/ad?p=134600&w=426377&t=9ef80c82ad201327&r=&vw=1280&vh=0
34.204.24.58 0 B URL ps.popcash.net/ad/ad?p=134600&w=426377&t=9ef80c82ad201327&r=&vw=1280&vh=0
IP 34.204.24.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ad/ad?p=134600&w=426377&t=9ef80c82ad201327&r=&vw=1280&vh=0 HTTP/1.1
Host: ps.popcash.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ps.popcash.net/go/134600/426377
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
server: nginx
date: Thu, 08 Jun 2023 15:49:13 GMT
content-length: 0
location: https://retryngs.com/link?z=6003257&var=426377&ymid=125402769175
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
retryngs.com/link?z=6003257&var=426377&ymid=125402769175
139.45.197.249 0 B URL retryngs.com/link?z=6003257&var=426377&ymid=125402769175
IP 139.45.197.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /link?z=6003257&var=426377&ymid=125402769175 HTTP/1.1
Host: retryngs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ps.popcash.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 08 Jun 2023 15:49:13 GMT
content-length: 0
location: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6003257&axcusid1=426377&clid={ymid}&r=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3D%7Bvar_4%7D%26acb%3Dproxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: bca5372799378a3d910e8a981240f487
link: <https://cdntechone.com>; rel="dns-prefetch preconnect"
set-cookie: OAID=2370de4430a7419f8df77f4aaf829429; expires=Fri, 07 Jun 2024 15:49:13 GMT
oaidts=1686239353; expires=Fri, 07 Jun 2024 15:49:13 GMT
OXCCLK=7013937.1; expires=Fri, 07 Jun 2024 15:49:13 GMT
allcnt=1; expires=Fri, 07 Jun 2024 15:49:13 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash a7fb986771924cbd91549590ffa3ba3f
7112bbadc4048827e1e8cd08f419007373c90878
ed7f3a3ed2c6e37c6ce4bfd6094455f939835e1771ee79ab85b115cd716ec63e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Jun 2023 15:49:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Jun 2023 14:22:10 GMT
Expires: Thu, 15 Jun 2023 14:22:09 GMT
Etag: "7112bbadc4048827e1e8cd08f419007373c90878"
Cache-Control: max-age=600750,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d42489bece60afa-OSL
datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
139.45.195.253 2 B URL datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
IP 139.45.195.253:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1725
Origin: https://cdntechone.com
DNT: 1
Connection: keep-alive
Referer: https://cdntechone.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 08 Jun 2023 15:49:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://cdntechone.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 6f287b4bfb957c65665d7016bfdf092c
2feb8eb2cb8b4532477ae7e9040a1b70a75a2015
6dd0a21e0fe596ba7db31685fdb8ff0954053775b0f5c3c19a94f83efe354b75
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Jun 2023 15:49:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-F0JFDXF7TQ
142.250.74.40200 OK 89 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-F0JFDXF7TQ
IP 142.250.74.40:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (6406)
Hash b2f541bde26044b90e7853ec387d1048
d1022a0bfd0c119d2d83e1a56f421cc521cd8245
0e4229976669f566a28038496837ca39431e6a70b65158f3df16ed6802157244
GET /gtag/js?id=G-F0JFDXF7TQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Jun 2023 15:49:14 GMT
expires: Thu, 08 Jun 2023 15:49:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88831
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 6f287b4bfb957c65665d7016bfdf092c
2feb8eb2cb8b4532477ae7e9040a1b70a75a2015
6dd0a21e0fe596ba7db31685fdb8ff0954053775b0f5c3c19a94f83efe354b75
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Jun 2023 15:49:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
niwooghu.com/400/5904249?ymid=690700424564711669&var=zd_6003257&var3=426377
139.45.197.237200 OK 34 kB URL GET HTTP/2 niwooghu.com/400/5904249?ymid=690700424564711669&var=zd_6003257&var3=426377
IP 139.45.197.237:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash ba4a34fdc6b798a3bbc4efbc012c3341
d6c15c7a19af625753ab0f77b3c7b9f079d37283
154983960af02a941716a286d1b86d202d021603f4493773f170bc384ddcd2c6
GET /400/5904249?ymid=690700424564711669&var=zd_6003257&var3=426377 HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:14 GMT
content-type: application/javascript
x-trace-id: 0f880aa0bc2bd0102399ae9c3ad5f867
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=696a2343021c4664b9804648c9171135; expires=Fri, 07 Jun 2024 15:49:14 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
stootsou.net/zone?pub=0&zone_id=5776812&is_mobile=false&domain=rewardarium.com&var=zd_6003257&ymid=690700424564711669&var_3=
139.45.197.250200 OK 880 B URL GET HTTP/2 stootsou.net/zone?pub=0&zone_id=5776812&is_mobile=false&domain=rewardarium.com&var=zd_6003257&ymid=690700424564711669&var_3=
IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type JSON data\012- , ASCII text, with very long lines (879)
Hash ee62be1e7ae4899da9044737dd07e635
ab6cd84336e9426ef98fa450f2288f195bc6d826
44287053ad37f51c2f6145d391db985e5876c57c67a111c452cdfff440db2d68
GET /zone?pub=0&zone_id=5776812&is_mobile=false&domain=rewardarium.com&var=zd_6003257&ymid=690700424564711669&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: 68e2a7db7ff5f14737506bd04de86cc4
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
selymer-sperts.com/1ef4357d-0ed6-4b54-b541-bc1d06049ed2?zoneid=5904237&adid=18049709&browser=firefox&campid=7049236&country=NO®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:109.0)%20Gecko/20100101%20Firefox/111.0&language=en&os=linux&cost=0.000828&visitor_id=690700518796046541
18.158.88.249302 Found 0 B URL GET HTTP/2 selymer-sperts.com/1ef4357d-0ed6-4b54-b541-bc1d06049ed2?zoneid=5904237&adid=18049709&browser=firefox&campid=7049236&country=NO®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:109.0)%20Gecko/20100101%20Firefox/111.0&language=en&os=linux&cost=0.000828&visitor_id=690700518796046541
IP 18.158.88.249:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectselymer-sperts.com
Fingerprint97:EF:07:D2:AD:E7:A9:E5:55:C2:C2:E8:B4:B6:44:D9:B1:E1:AC:11
ValidityTue, 16 May 2023 05:53:19 GMT - Mon, 14 Aug 2023 05:53:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1ef4357d-0ed6-4b54-b541-bc1d06049ed2?zoneid=5904237&adid=18049709&browser=firefox&campid=7049236&country=NO®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:109.0)%20Gecko/20100101%20Firefox/111.0&language=en&os=linux&cost=0.000828&visitor_id=690700518796046541 HTTP/1.1
Host: selymer-sperts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://med.etoro.com/B12300_A72681_TClick.aspx&click_id=wcfvj0ln86qf5v9p2e95ltmu
pragma: no-cache
set-cookie: 1ef4357d-0ed6-4b54-b541-bc1d06049ed2-v4=JJ5qD92xaL-kcla01_Di5v6JwlNI0B48WpvRGW0vFro; Max-Age=86400; Expires=Fri, 09-Jun-2023 15:49:15 GMT; Domain=selymer-sperts.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=L7FNanzMOxahfyE1h2eDHSd8ig17D2rvmDfGN0sAUbAJPwFalDQA67S5k%2FqLD9lWW4hvD%2BsBM6LxLvX6r%2FNgDVeFrFjifY%2FtFtTCiPX5IVq%2FnAQ%2F4ZSL9HlIktsgCAqZF9J9AiiWVSyRQt3SULaWWg%3D%3D; Max-Age=31536000; Expires=Fri, 07-Jun-2024 15:49:15 GMT; Domain=selymer-sperts.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=merge&userId=a15b8e1ef460480f9056232a772ad68f
139.45.195.8 43 B URL my.rtmark.net/img.gif?f=merge&userId=a15b8e1ef460480f9056232a772ad68f
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=a15b8e1ef460480f9056232a772ad68f HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a15b8e1ef460480f9056232a772ad68f; expires=Fri, 07 Jun 2024 15:49:15 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT
File type JSON data\012- , ASCII text
Hash 7da0d54fc923083c90da8b5fb8cfc0a0
fdb9e3991541853250be7bc0ed4021788509b6e5
771c1e86f2c7355baeacc9091fa5dd6e65eb375d598151e11df45c5b532a02d4
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://rewardarium.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4b9235541ffc42ee9d7fb57c156c3b88; expires=Fri, 07 Jun 2024 15:49:15 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
med.etoro.com/B12300_A72681_TClick.aspx&click_id=wcfvj0ln86qf5v9p2e95ltmu
104.110.14.59301 Moved Permanently 0 B URL GET HTTP/1.1 med.etoro.com/B12300_A72681_TClick.aspx&click_id=wcfvj0ln86qf5v9p2e95ltmu
IP 104.110.14.59:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerDigiCert Inc
Subject*.etoro.com
Fingerprint05:6D:D1:FC:B5:BD:38:38:23:90:06:35:FB:0C:F0:DE:AB:53:EA:4B
ValiditySun, 26 Feb 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /B12300_A72681_TClick.aspx&click_id=wcfvj0ln86qf5v9p2e95ltmu HTTP/1.1
Host: med.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://content.etoro.com/lp/practice_account/?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Request-Context: appId=cid-v1:b8570f0d-4fc0-4802-ba0c-4a0bac7882b8
X-Robots-Tag: noindex
Expires: Thu, 08 Jun 2023 15:49:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jun 2023 15:49:15 GMT
Connection: keep-alive
Set-Cookie: AffiliateWizAffiliateID=AffiliateID=72681&ClickBannerID=12300&SubAffiliateID=&Custom=&ClickDateTime=2023-06-08T15%3A49%3A15.4321561Z&UserUniqueIdentifier=d6923851-3049-45bb-a9a2-a73f405c11f9; domain=.etoro.com; expires=Mon, 07 Aug 2023 15:49:15 GMT; path=/
Attribution=eyJBZmZpbGlhdGVJZCI6NzI2ODEsIkJhbm5lcklkIjoxMjMwMCwiQ2xpY2tEYXRlVGltZSI6IjIwMjMtMDYtMDhUMTU6NDk6MTUuNDMyMTY5N1oiLCJDbGlja0NvcnJlbGF0aW9uSWQiOiJkNjkyMzg1MS0zMDQ5LTQ1YmItYTlhMi1hNzNmNDA1YzExZjkifQ; expires=Mon, 07 Aug 2023 15:49:15 GMT; domain=.etoro.com; path=/
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Content-Length: 616
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 58140bae25b00b99d2db746b9cc8d0b4
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Content-Length: 988
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 252aefe592de1d3b1588b1a07845e9d2
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.64.133.2200 OK 7.4 kB IP 172.64.133.2:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerGoogle Trust Services LLC
Subject*.tzegilo.com
FingerprintDF:12:8C:B5:F2:22:D6:BE:72:F3:C6:9A:FA:DD:9E:1F:4E:58:63:1E
ValidityTue, 11 Apr 2023 10:11:54 GMT - Mon, 10 Jul 2023 10:11:53 GMT
File type ASCII text, with very long lines (17479), with no line terminators
Hash dd2f9f2bb1e1c74b905556d0a7bc5545
0c831c8c56da8167b9e2dfd1d3eb3288348da85d
63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:59 GMT
etag: W/"646736cf-4447"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5858
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXRpcjmrwwCcuABSXkXgZSzWnzdp4VSsFnOihn8mxtYT2l9GdDBXidTSYAN7lwxf4pFa5M6QwT8hP9fIBpB%2F75rQFBd7ix%2FyeidqOjrWRBQXGJj4eNediZ5gutpvjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4248a25b9575d5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Content-Length: 625
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 2305e1a51a302a3ea4bf5478e17687f5
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
File type JSON data\012- , ASCII text
Hash 738be9027f8456406a2c5a98d564464c
3294fae97b2d1f0b52ab6ddf7459553ecead6e81
68a7f0e11174275b48a05b4895b8800e307d22951c493e80a01854ffeaa5ca20
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Content-Length: 675
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 43752b535a2069da140d7345a16cb3fe
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
niwooghu.com/500/5904249?excludes=&oaid=4b9235541ffc42ee9d7fb57c156c3b88&var=zd_6003257&ymid=690700424564711669&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL OPTIONS HTTP/2 niwooghu.com/500/5904249?excludes=&oaid=4b9235541ffc42ee9d7fb57c156c3b88&var=zd_6003257&ymid=690700424564711669&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5904249?excludes=&oaid=4b9235541ffc42ee9d7fb57c156c3b88&var=zd_6003257&ymid=690700424564711669&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://rewardarium.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash a786b64dcfe8ec30a5c3533c3e34e56c
86966bb07af72c834171b2b784a2a00322234f45
f716f873c7b6777ea6b2eff039d0810826e2ac0f889d0d3c26bf3c2aa4fee7b0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Jun 2023 15:49:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Jun 2023 05:19:53 GMT
Expires: Thu, 15 Jun 2023 05:19:52 GMT
Etag: "86966bb07af72c834171b2b784a2a00322234f45"
Cache-Control: max-age=567915,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d4248a24d520afa-OSL
rewardarium.com/sw.js
188.114.97.1200 OK 6.2 kB IP 188.114.97.1:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectrewardarium.com
Fingerprint48:99:E8:1A:96:D8:47:A0:32:D0:2B:88:85:BD:1D:F8:C4:E5:47:0F
ValiditySun, 04 Jun 2023 18:05:58 GMT - Sat, 02 Sep 2023 18:05:57 GMT
File type ASCII text, with very long lines (5235)
Hash 809c8f2863e519babd2dc405af277aa0
7a0f43bd8f81ef944627a6d83ced615d0eda962f
ecbb19ecba66133221ec0f3d6db1932b0507cc76f224b175768134f393e2033d
GET /sw.js HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
DNT: 1
Connection: keep-alive
Cookie: _ga_F0JFDXF7TQ=GS1.1.1686239354.1.0.1686239354.0.0.0; _ga=GA1.1.1732892067.1686239355
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"ca2bad6cb20023661b53ea682a457ede"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siXrp5lmyxMZWi%2BsHvosFprxbQJMRVgKcM2XFSGU1Odi0hIoO8jnaQkKMbZBVFe%2F2SKLahHdWGvqbq45bxmTtCzfYffpLrreChsarwd7k%2BB1YhcDGddabpetOW%2B6kS8Y%2Bq4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 2534
server: cloudflare
cf-ray: 7d4248a34d8efac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
datatechonert.com/log/add?cid=4fdc95c9-9001-4768-aac8-c1886405d3a9
37.48.68.71200 OK 12 B URL POST HTTP/1.1 datatechonert.com/log/add?cid=4fdc95c9-9001-4768-aac8-c1886405d3a9
IP 37.48.68.71:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerSectigo Limited
Subjectdatatechonert.com
Fingerprint6F:17:15:C2:7F:CC:16:6C:9D:C0:AD:C3:EE:DA:69:61:8C:77:0B:5B
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=4fdc95c9-9001-4768-aac8-c1886405d3a9 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1505
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 08 Jun 2023 15:49:15 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://rewardarium.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
offerimage.com/www/images/98ed61d31ada31b21d7863111789ac6a.jpg
172.67.22.216200 OK 13 kB URL GET HTTP/2 offerimage.com/www/images/98ed61d31ada31b21d7863111789ac6a.jpg
IP 172.67.22.216:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 98ed61d31ada31b21d7863111789ac6a
f0a75b3d6fad9b6922ffc89eb6c947a1de0b409e
1b4a058a3df7d319c4daaf544c6da4278eadb32919ced9b0fc610403ae0e3977
GET /www/images/98ed61d31ada31b21d7863111789ac6a.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: image/jpeg
content-length: 13438
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6426a55c-347e"
expires: Fri, 09 Jun 2023 12:34:59 GMT
last-modified: Fri, 31 Mar 2023 09:18:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 11656
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4248a64b7a1c0e-OSL
X-Firefox-Spdy: h2
marketing.etorostatic.com/landingpages/runtime-es2015.ea3976afd37c47e073ff.js
23.38.201.117200 OK 2.8 kB URL GET HTTP/2 marketing.etorostatic.com/landingpages/runtime-es2015.ea3976afd37c47e073ff.js
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (4832), with no line terminators
Hash 0112b19fafb6add57d42120fd3d90763
59f94d54d775f9d4dc9231b9c53d97e8e4d316ba
36e9cd5174b4411658fbb62ecef3fa241d57bd374f17f60a08bd005008cefa9c
GET /landingpages/runtime-es2015.ea3976afd37c47e073ff.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.etoro.com
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: +rwN867cZGc2TAXhDTDhHd5Ov6Vlg3PKjT7E46LrBKvtH5rX3cGgR1Zkj9FCJYcd7elkhI92dng=
x-amz-request-id: SMT79SNR0FMPSAV1
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 08 Jun 2023 07:07:41 GMT
etag: "0112b19fafb6add57d42120fd3d90763"
x-amz-server-side-encryption: AES256
x-amz-version-id: zj75F6gnZRKP2dmqhlzjs4NjaGnj3Q.T
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 08 Jun 2023 15:54:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
content-length: 2762
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
rewardarium.com/favicon.ico
188.114.97.1200 OK 26 kB URL GET HTTP/3 rewardarium.com/favicon.ico
IP 188.114.97.1:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectrewardarium.com
Fingerprint48:99:E8:1A:96:D8:47:A0:32:D0:2B:88:85:BD:1D:F8:C4:E5:47:0F
ValiditySun, 04 Jun 2023 18:05:58 GMT - Sat, 02 Sep 2023 18:05:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2309)
Hash f6750ddaf1a2233b2348f1b475a09221
154b33cc755e0990f095a01ef04afb09c8a7b832
34e86493f21dbca249a99943f636b471da2333b566630b2ad321a4d05cd51d8a
GET /favicon.ico HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBcfUEkz89rqd20AwbfRD%2FJ8d0S%2FcdpLrpbOlV1lin6D3tsREsfsppgTdMQ4CiaYn5vxBWzw0AJMtaR7kejCDqH%2Bn%2FA7dfZoPweQaNSur2PYxOLqLn2TZsyVo72yrXC%2BOS8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 3052
server: cloudflare
cf-ray: 7d4248a5ef73fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
marketing.etorostatic.com/landingpages/polyfills-es2015.da05e9de7feea0b06b19.js
23.38.201.117200 OK 31 kB URL GET HTTP/2 marketing.etorostatic.com/landingpages/polyfills-es2015.da05e9de7feea0b06b19.js
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash d9e8974f4f55d4707a29e093b57f1198
844e13a279978bcb5d93a9352e9d06e191e814b8
820c6d45272146fb76ad12287bb5db969512d5e0a4449d28175ae110d42f274f
GET /landingpages/polyfills-es2015.da05e9de7feea0b06b19.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.etoro.com
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: 0uksY/nb0dbRAukGE7pz0DuT40c/qKrIqbvuSZZX8Iuysp/kSaN+UZzhBhFH2pOrpa+3UZrDFxE=
x-amz-request-id: EKDGTESNX1ZRTY2X
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 30 Apr 2023 11:00:00 GMT
etag: "d9e8974f4f55d4707a29e093b57f1198"
x-amz-server-side-encryption: AES256
x-amz-version-id: kaEXSAwAi1a1KoRvJgGzUiBDJlflqYrB
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 08 Jun 2023 15:54:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
content-length: 31217
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
niwooghu.com/impression/3Y8gkMk1dUiVhQohB2mu-n2hy6n4T6mzL1zBtB6vvX6b_8BCCHdQz_IpmepobwA3aft10QCvClmcq-XP9gk6PHyCntpdr7PR5o6lKwrl3mlODPkuEafa8Ma077s5vBii-pDl3LdD9oFcGHZUGi1uPrU0hMgQgYSegNF50rlexg_xa67qD-6CekMDFpYTnMRMqQPoCVWb9WI0HljrdCM6M98T5DCu1oJsHwjQz6ALsKH3Lnmexk0W7xgZAJcA9Fyv0gtFZDC75dNnqDU9tX1Oo5C_gu87caQPJ1gMLfisnyfpPvhV8g3V3Cs-I5I2twSf0WM_ATQ1P4Yw1d71btP7cRfhf5GrzUMaPWhGuPXpGsf-0qVN0mIZqLR7o2x-rPDsTT3IMtY5OXfI5VQFRXUnIllHgtltBryNBQE3njk-xfLm0jkeSLungm5HmRmELMYabVQNJLMnMfJQ8BR_6JS6sMQNV3pnVj-s93a_DQK1lwH0RPVuhhKesRreZ98z2Brwld5fbGDLNyxjWQdlRbJZxlwc5p4bAbAwznDkgKVApHHjIY-sXLBKOqG2BFU2AStUpKbT1dlfCn2E33HQ5hQKcKK0xzHGTUAOv9L_azRIswhISBQIWEhMn2KnxavnToW8?_z=5904249&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL GET HTTP/2 niwooghu.com/impression/3Y8gkMk1dUiVhQohB2mu-n2hy6n4T6mzL1zBtB6vvX6b_8BCCHdQz_IpmepobwA3aft10QCvClmcq-XP9gk6PHyCntpdr7PR5o6lKwrl3mlODPkuEafa8Ma077s5vBii-pDl3LdD9oFcGHZUGi1uPrU0hMgQgYSegNF50rlexg_xa67qD-6CekMDFpYTnMRMqQPoCVWb9WI0HljrdCM6M98T5DCu1oJsHwjQz6ALsKH3Lnmexk0W7xgZAJcA9Fyv0gtFZDC75dNnqDU9tX1Oo5C_gu87caQPJ1gMLfisnyfpPvhV8g3V3Cs-I5I2twSf0WM_ATQ1P4Yw1d71btP7cRfhf5GrzUMaPWhGuPXpGsf-0qVN0mIZqLR7o2x-rPDsTT3IMtY5OXfI5VQFRXUnIllHgtltBryNBQE3njk-xfLm0jkeSLungm5HmRmELMYabVQNJLMnMfJQ8BR_6JS6sMQNV3pnVj-s93a_DQK1lwH0RPVuhhKesRreZ98z2Brwld5fbGDLNyxjWQdlRbJZxlwc5p4bAbAwznDkgKVApHHjIY-sXLBKOqG2BFU2AStUpKbT1dlfCn2E33HQ5hQKcKK0xzHGTUAOv9L_azRIswhISBQIWEhMn2KnxavnToW8?_z=5904249&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/3Y8gkMk1dUiVhQohB2mu-n2hy6n4T6mzL1zBtB6vvX6b_8BCCHdQz_IpmepobwA3aft10QCvClmcq-XP9gk6PHyCntpdr7PR5o6lKwrl3mlODPkuEafa8Ma077s5vBii-pDl3LdD9oFcGHZUGi1uPrU0hMgQgYSegNF50rlexg_xa67qD-6CekMDFpYTnMRMqQPoCVWb9WI0HljrdCM6M98T5DCu1oJsHwjQz6ALsKH3Lnmexk0W7xgZAJcA9Fyv0gtFZDC75dNnqDU9tX1Oo5C_gu87caQPJ1gMLfisnyfpPvhV8g3V3Cs-I5I2twSf0WM_ATQ1P4Yw1d71btP7cRfhf5GrzUMaPWhGuPXpGsf-0qVN0mIZqLR7o2x-rPDsTT3IMtY5OXfI5VQFRXUnIllHgtltBryNBQE3njk-xfLm0jkeSLungm5HmRmELMYabVQNJLMnMfJQ8BR_6JS6sMQNV3pnVj-s93a_DQK1lwH0RPVuhhKesRreZ98z2Brwld5fbGDLNyxjWQdlRbJZxlwc5p4bAbAwznDkgKVApHHjIY-sXLBKOqG2BFU2AStUpKbT1dlfCn2E33HQ5hQKcKK0xzHGTUAOv9L_azRIswhISBQIWEhMn2KnxavnToW8?_z=5904249&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Cookie: OAID=4b9235541ffc42ee9d7fb57c156c3b88
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:16 GMT
content-type: image/gif
content-length: 43
x-trace-id: 91c57407e11f8d0b833115709451901c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/general_images/logos/etoro-logo-new-green.svg
23.38.201.117200 OK 985 B URL GET HTTP/2 etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/general_images/logos/etoro-logo-new-green.svg
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2351), with no line terminators
Hash 2f81173921eb7c27be1f465a830404f0
098a293a598373cf5c6ee81f56d4ddc8e8e7f126
d326e618548d8ac6892a1e8c5ce11d39016d58264d4bae8a252730a0d130e5e8
GET /studio/content/lp/cache_1/etoro-lps/general_images/logos/etoro-logo-new-green.svg HTTP/1.1
Host: etoro-cdn.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: PwA+7IVlB+ByBhpxbxYWskL2olteVcBbqdRFv1m5NB+sRPs0wAHA1I7BM8O/kisMUs6Oqlyd328=
x-amz-request-id: MN2M7MMVSV3HJ5GY
x-amz-replication-status: COMPLETED
last-modified: Wed, 23 Feb 2022 08:30:20 GMT
etag: "2f81173921eb7c27be1f465a830404f0"
x-amz-meta-sha256: d326e618548d8ac6892a1e8c5ce11d39016d58264d4bae8a252730a0d130e5e8
x-amz-meta-s3b-last-modified: 20220223T082909Z
x-amz-version-id: OwOa4OVeQCkctL2IgpC4LODkH.61JBgU
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Thu, 15 Jun 2023 15:49:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
content-length: 985
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
niwooghu.com/500/5904249?excludes=&oaid=4b9235541ffc42ee9d7fb57c156c3b88&var=zd_6003257&ymid=690700424564711669&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 156 kB URL OPTIONS HTTP/2 niwooghu.com/500/5904249?excludes=&oaid=4b9235541ffc42ee9d7fb57c156c3b88&var=zd_6003257&ymid=690700424564711669&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
File type gzip compressed data, max speed, from Unix\012- data
Size 156 kB (156219 bytes)
Hash bc3ae2c66b4d0d456769f915234c9ed3
a6e67d601737570816b26013a39661f83fc46236
7f52636451191058b6ff195e9a8a9183f8b67226f9f221ae2f77177900811c0e
GET /500/5904249?excludes=&oaid=4b9235541ffc42ee9d7fb57c156c3b88&var=zd_6003257&ymid=690700424564711669&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Cookie: OAID=696a2343021c4664b9804648c9171135
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: application/javascript
x-trace-id: 9ba1f6537dac77ad5dfffc5518796e1f
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://rewardarium.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=4b9235541ffc42ee9d7fb57c156c3b88; expires=Fri, 07 Jun 2024 15:49:15 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 80f2a1dce942b4e7775c0b4d2f4c8643
d80996b4c48f4ef6dd34ea4cec8c40703cd27c73
13015b01b1376556f8ba35e5a73734c76c474d04f37667c0a47af771b738a3e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Jun 2023 15:49:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
etoro-cdn.etorostatic.com/web-client/fonts/opensans/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
23.38.201.117200 OK 16 kB URL GET HTTP/2 etoro-cdn.etorostatic.com/web-client/fonts/opensans/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 16080, version 1.6554\012- data
Hash f3515b8fcce21d4bbb0da28b297495ed
808769b38614943b5116b559ac7528386b7cb020
efdf47ca1d1eee9ad503d589c6931daf40228fcac1817eb13e6559750ef830b8
GET /web-client/fonts/opensans/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: etoro-cdn.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.etoro.com
DNT: 1
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: IyNgB46QF9lTndlq0U0nC+00SDIae1eyKMIbe5YFHksRDdpZsnBbft0xZK48a3FZitXfSnm7sL8=
x-amz-request-id: MW48XEZXQ2AR34H5
x-amz-replication-status: COMPLETED
last-modified: Tue, 03 Jan 2017 13:10:06 GMT
etag: "f3515b8fcce21d4bbb0da28b297495ed"
x-amz-meta-cb-modifiedtime: Tue, 03 Jan 2017 13:09:21 GMT
x-amz-version-id: otYh1Ncyl7G3ih0ct3Y9fsdhm4R1ysiw
accept-ranges: bytes
content-type: application/octet-stream
content-length: 16080
server: AmazonS3
cache-control: max-age=2592000
expires: Sat, 08 Jul 2023 15:49:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/practice-account/images/background/tiles-virtual-watchlist.jpg
23.38.201.117200 OK 379 kB URL GET HTTP/2 etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/practice-account/images/background/tiles-virtual-watchlist.jpg
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1912x975, components 3\012- data
Size 379 kB (379017 bytes)
Hash 444db7330e5f6c6174dd99517d426901
caa3955e521aeea7c64d4047aa79dc4e655f3612
6634917012d16e2ea2c3ef7377aea5d218ba44aec83ba0234190721867e788bd
GET /studio/content/lp/cache_1/etoro-lps/practice-account/images/background/tiles-virtual-watchlist.jpg HTTP/1.1
Host: etoro-cdn.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: zEIWYTEmf1PF+1dj/lU871tVPWmtVZRmjgXZDx+AYV3CIzWY2TsEVVl1GN4e+BZzJjVibHR8AYA=
x-amz-request-id: G36VTHATEVRBMG8H
x-amz-replication-status: COMPLETED
last-modified: Sun, 21 Apr 2019 08:43:33 GMT
etag: "444db7330e5f6c6174dd99517d426901"
x-amz-meta-s3b-last-modified: 20190417T112337Z
x-amz-version-id: wSGGDjjTkxo89gmM615DGwzx7J9Na0NG
accept-ranges: bytes
content-type: image/jpeg
server: AmazonS3
content-length: 379017
cache-control: max-age=604800
expires: Thu, 15 Jun 2023 15:49:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
etoro-cdn.etorostatic.com/web-client/fonts/opensans/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
23.38.201.117200 OK 16 kB URL GET HTTP/2 etoro-cdn.etorostatic.com/web-client/fonts/opensans/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 16212, version 1.6554\012- data
Hash aa21f9964cd88c7d6a03b32c11e6bf3e
14a380d9ddfdee7aecf38c241c450bfe813d94e5
30427ab021a9d28d0f9724a8565c2463ee5a3938417dd0750d58ab79ac07cf12
GET /web-client/fonts/opensans/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: etoro-cdn.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.etoro.com
DNT: 1
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: tk21VJGuue4wpX19OmEddxD0J//URAQorcuQUEX2bNHwngx5HA/1uNEq9FrO9Oy8U0fn+lMqTXI=
x-amz-request-id: GX1E2T5Q1DKXJ7M4
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 03 Jan 2017 13:10:06 GMT
etag: "aa21f9964cd88c7d6a03b32c11e6bf3e"
x-amz-meta-cb-modifiedtime: Tue, 03 Jan 2017 13:09:02 GMT
x-amz-version-id: MkWGLAQn6l9OArJd9xvShnWsj3x_Qdqn
accept-ranges: bytes
content-type: application/octet-stream
server: AmazonS3
content-length: 16212
cache-control: max-age=2592000
expires: Sat, 08 Jul 2023 15:49:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
marketing.etorostatic.com/landingpages/0-es2015.9ef51401f00e021631dc.js
23.38.201.117200 OK 11 kB URL GET HTTP/2 marketing.etorostatic.com/landingpages/0-es2015.9ef51401f00e021631dc.js
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (41907), with no line terminators
Hash 9508894ecb581f9aa0910320a03ed9ca
3b1df3a1585dd14e94c7a22d2160c072b9eba16c
7f22e00d4deb870ca0835132b496b3e9053db4d1bf3d1727b6b00d38cce59d93
GET /landingpages/0-es2015.9ef51401f00e021631dc.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 8Z6CWWBS3pyZqezDNi5sdFasdk5rSYr0IxY6sAnkLLb0ufJOma6W80r09i6NfrmW11atBeWjsbo=
x-amz-request-id: 5G58XNX25RM4ZXGX
x-amz-replication-status: COMPLETED
last-modified: Tue, 30 May 2023 09:12:23 GMT
etag: "9508894ecb581f9aa0910320a03ed9ca"
x-amz-server-side-encryption: AES256
x-amz-version-id: J1a8uNXcrKv90MLEfg23IEnabUOkCYBk
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 08 Jun 2023 15:54:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
content-length: 11282
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
marketing.etorostatic.com/landingpages/1-es2015.595aaf0e5219862f74ab.js
23.38.201.117200 OK 3.2 kB URL GET HTTP/2 marketing.etorostatic.com/landingpages/1-es2015.595aaf0e5219862f74ab.js
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (9287), with no line terminators
Hash 02069d8556246355c5ac7bfbe728f620
aa9bd16b9dc1276833a09915b067354ccccfa930
4e3396962ae9ac54e184d6c4ee088a20a030a98e6a4b0d171f9afc7ddc381620
GET /landingpages/1-es2015.595aaf0e5219862f74ab.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: fRnFhA2eth5nSfzsHiEA1bOe/7Si1LRrpm9jNoTzIMNxIdF4+26IwuDykkXIMyqP5Vg508sWsFM=
x-amz-request-id: 466043QYXHZXT3WM
x-amz-replication-status: COMPLETED
last-modified: Sun, 30 Apr 2023 10:59:58 GMT
etag: "02069d8556246355c5ac7bfbe728f620"
x-amz-server-side-encryption: AES256
x-amz-version-id: _f7mmkpLn.ZxBAOZuwEBFWS2jb7m2fEH
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 08 Jun 2023 15:54:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
content-length: 3170
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 80f2a1dce942b4e7775c0b4d2f4c8643
d80996b4c48f4ef6dd34ea4cec8c40703cd27c73
13015b01b1376556f8ba35e5a73734c76c474d04f37667c0a47af771b738a3e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Jun 2023 15:49:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marketing.etorostatic.com/landingpages/3-es2015.0ff7ad6f934da6cdf3aa.js
23.38.201.117200 OK 4.2 kB URL GET HTTP/2 marketing.etorostatic.com/landingpages/3-es2015.0ff7ad6f934da6cdf3aa.js
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (22489), with no line terminators
Hash 176003e58a85f3783c4c42d917c36f97
01eb36294540a47e5d1f45d5b0927d0fb36fcd4e
2e1add78cc67d569882badbd653cbdab7700d15603b1f97282984a8a5c69ce3a
GET /landingpages/3-es2015.0ff7ad6f934da6cdf3aa.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: kV9NSaJcBIqPb3m0AqrM3G55+N01ENvyTHBpURDg04T/WOsVCI9mSVm6JCMyr7CH8Q9zoBuuAVQ=
x-amz-request-id: C568YCYRKY3CD2EV
x-amz-replication-status: COMPLETED
last-modified: Wed, 17 May 2023 11:48:50 GMT
etag: "176003e58a85f3783c4c42d917c36f97"
x-amz-server-side-encryption: AES256
x-amz-version-id: zXs08OZenNF9sKdP7s_9PsLW.gvXX7tJ
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 08 Jun 2023 15:54:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
content-length: 4192
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
142.250.74.3200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
IP 142.250.74.3:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 15572, version 1.6554\012- data
Hash e64cab167bbdc04807429d10873901a0
afc44700053c9a28f9ab26f6aec4862ac1d0795d
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
GET /s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.etoro.com
DNT: 1
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15572
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Jun 2023 00:57:27 GMT
expires: Fri, 07 Jun 2024 00:57:27 GMT
cache-control: public, max-age=31536000
age: 53509
last-modified: Mon, 27 Apr 2015 23:46:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
marketing.etorostatic.com/landingpages/2-es2015.f687237f61adb5c558c5.js
23.38.201.117200 OK 23 kB URL GET HTTP/2 marketing.etorostatic.com/landingpages/2-es2015.f687237f61adb5c558c5.js
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash b218ca0d8d157fe7c50943cd7ba4e01e
1f89f638cf6943fe5214cb2ba0dc6a5c9d2aea1f
d623b4bd2721d85b151aa1c555c95d44dc95d0b3e644ab5527c4d9eeaba4f6dd
GET /landingpages/2-es2015.f687237f61adb5c558c5.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 9pKaVIrE0q7Yto/Mlq7JynwwyBmhs/Gf2O0Yu8GfWBTAae4yEml4CAvZ9jMVW0M+nVdotNM0JVw=
x-amz-request-id: XTFM008FEEWS09A3
x-amz-replication-status: COMPLETED
last-modified: Tue, 30 May 2023 09:12:24 GMT
etag: "b218ca0d8d157fe7c50943cd7ba4e01e"
x-amz-server-side-encryption: AES256
x-amz-version-id: e8g9xYn72_pkuZL4wmzLZbz65FMhnYIM
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 08 Jun 2023 15:54:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
content-length: 23442
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
marketing.etorostatic.com/landingpages/71-es2015.f40e76e70ffe9e9a7942.js
23.38.201.117200 OK 7.1 kB URL GET HTTP/2 marketing.etorostatic.com/landingpages/71-es2015.f40e76e70ffe9e9a7942.js
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (27369), with no line terminators
Hash fca8b351a868fd35cc0328351c0fb961
f4cc4dde8742fe24e703db80c15ac7891387bdfb
78831d5cc78629c6dfea059ad745e0f32d8e66c82f34ca373cdb1ca769aebb9e
GET /landingpages/71-es2015.f40e76e70ffe9e9a7942.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ejCzknR8ROpUvvdyRlQjNwQwI63nFTu079UFqPYTQLsoS+gtV40wT0i1lJ1xsj5b4y95c6j4i6Q=
x-amz-request-id: Y4JXZZW7Z84V8X1P
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 May 2023 10:28:54 GMT
etag: "fca8b351a868fd35cc0328351c0fb961"
x-amz-server-side-encryption: AES256
x-amz-version-id: 22wbXHjcpfKIucz2nDF7snqsiWJ7YD27
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 08 Jun 2023 15:54:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
content-length: 7079
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
niwooghu.com/500/5904249?excludes=17967860&oaid=4b9235541ffc42ee9d7fb57c156c3b88&var=zd_6003257&ymid=690700424564711669&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL OPTIONS HTTP/2 niwooghu.com/500/5904249?excludes=17967860&oaid=4b9235541ffc42ee9d7fb57c156c3b88&var=zd_6003257&ymid=690700424564711669&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5904249?excludes=17967860&oaid=4b9235541ffc42ee9d7fb57c156c3b88&var=zd_6003257&ymid=690700424564711669&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:16 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://rewardarium.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v13/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
142.250.74.3200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v13/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
IP 142.250.74.3:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 16276, version 1.6554\012- data
Hash 73437ad44345f889f45e27c428d618d8
578d7b5ff3816f7f666984e303364c81be0771d0
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48
GET /s/opensans/v13/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.etoro.com
DNT: 1
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 03:17:27 GMT
expires: Sun, 02 Jun 2024 03:17:27 GMT
cache-control: public, max-age=31536000
age: 477109
last-modified: Mon, 27 Apr 2015 23:45:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 80f2a1dce942b4e7775c0b4d2f4c8643
d80996b4c48f4ef6dd34ea4cec8c40703cd27c73
13015b01b1376556f8ba35e5a73734c76c474d04f37667c0a47af771b738a3e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Jun 2023 15:49:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
go.etoro.com/assets/i18n/general/en-gb.json?disableClientId=true
104.110.14.59200 OK 26 kB URL GET HTTP/2 go.etoro.com/assets/i18n/general/en-gb.json?disableClientId=true
IP 104.110.14.59:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etoro.com
Fingerprint05:6D:D1:FC:B5:BD:38:38:23:90:06:35:FB:0C:F0:DE:AB:53:EA:4B
ValiditySun, 26 Feb 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65282), with no line terminators
Hash d172b2ad2e5eea4338e6421b41c2979e
e8a4a31dfb38bc01bc48194b081f54131107eacd
26fb5f0c415eb7857ccf58761e42aaa9af417bc0fecd86ef05c20ea66591a790
GET /assets/i18n/general/en-gb.json?disableClientId=true HTTP/1.1
Host: go.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Request-Id: |89b10ca899c24a629c67ee0c782b13ae.12328a9dc1284d3a
traceparent: 00-89b10ca899c24a629c67ee0c782b13ae-12328a9dc1284d3a-01
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Cookie: __cf_bm=NOicBYhBQ0JdEPC70wmrHf6AtSdNusQ1phg.wvBMxKg-1686239355-0-AV2a4dkkjGbTzOmOYP/CVtxWPQ21Q6FuYYGKTm4WTG7TC82HnFM3Wju3uEnmGI7rw2a7qPTdTLmNFC32VkQWnhjMvTTrjSHYrMcSal9+2y3D; __cfruid=d81c1d9266e3bd62efb8cd8354422e10ede7db08-1686239355; ai_user=Q4snM5JSKeXVjwP5TOMFkx|2023-06-08T15:49:15.701Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
request-context: appId=cid-v1:35936646-66d4-4f8d-a033-e97456c4c9a7
x-powered-by: Express
accept-ranges: bytes
last-modified: Thu, 08 Jun 2023 07:02:38 GMT
etag: W/"1afab-18899d07eb0"
content-encoding: gzip
content-length: 26110
expires: Thu, 08 Jun 2023 15:49:16 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Jun 2023 15:49:16 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
go.etoro.com/assets/i18n/practiceAccount/en-gb.json?disableClientId=true
104.110.14.59200 OK 161 B URL GET HTTP/2 go.etoro.com/assets/i18n/practiceAccount/en-gb.json?disableClientId=true
IP 104.110.14.59:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etoro.com
Fingerprint05:6D:D1:FC:B5:BD:38:38:23:90:06:35:FB:0C:F0:DE:AB:53:EA:4B
ValiditySun, 26 Feb 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 4d7b5343b18b66af32ad04df3af0f141
e48d9cf3fe26179965bb67651ce10681cbc5e4f0
a226c2d50f701f61dc7e94c18696e5b61ee5e54e4e6e45cf636676b143a46086
GET /assets/i18n/practiceAccount/en-gb.json?disableClientId=true HTTP/1.1
Host: go.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Request-Id: |89b10ca899c24a629c67ee0c782b13ae.0f1c5c7db1d54a32
traceparent: 00-89b10ca899c24a629c67ee0c782b13ae-0f1c5c7db1d54a32-01
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Cookie: __cf_bm=NOicBYhBQ0JdEPC70wmrHf6AtSdNusQ1phg.wvBMxKg-1686239355-0-AV2a4dkkjGbTzOmOYP/CVtxWPQ21Q6FuYYGKTm4WTG7TC82HnFM3Wju3uEnmGI7rw2a7qPTdTLmNFC32VkQWnhjMvTTrjSHYrMcSal9+2y3D; __cfruid=d81c1d9266e3bd62efb8cd8354422e10ede7db08-1686239355; ai_user=Q4snM5JSKeXVjwP5TOMFkx|2023-06-08T15:49:15.701Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 161
request-context: appId=cid-v1:35936646-66d4-4f8d-a033-e97456c4c9a7
x-powered-by: Express
accept-ranges: bytes
last-modified: Thu, 08 Jun 2023 07:02:38 GMT
etag: W/"a1-18899d07eb0"
expires: Thu, 08 Jun 2023 15:49:16 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Jun 2023 15:49:16 GMT
X-Firefox-Spdy: h2
offerimage.com/www/images/98ed61d31ada31b21d7863111789ac6a.jpg
172.67.22.216200 OK 13 kB URL GET HTTP/2 offerimage.com/www/images/98ed61d31ada31b21d7863111789ac6a.jpg
IP 172.67.22.216:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 98ed61d31ada31b21d7863111789ac6a
f0a75b3d6fad9b6922ffc89eb6c947a1de0b409e
1b4a058a3df7d319c4daaf544c6da4278eadb32919ced9b0fc610403ae0e3977
GET /www/images/98ed61d31ada31b21d7863111789ac6a.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Jun 2023 15:49:16 GMT
content-type: image/jpeg
content-length: 13438
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6426a55c-347e"
expires: Fri, 09 Jun 2023 12:34:59 GMT
last-modified: Fri, 31 Mar 2023 09:18:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 11657
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4248aae8861c0e-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-N7SQ5DP
142.250.74.40200 OK 102 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-N7SQ5DP
IP 142.250.74.40:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (35213)
Size 102 kB (102040 bytes)
Hash 03423d6b41e773208fb2d759ffa19208
88045aa35e1cc640e39354b06119c80485999e41
02b50ec4111c774f72eb3879d3e62c3961f1a7d3ab640889dda99c99ff4e9f0c
GET /gtm.js?id=GTM-N7SQ5DP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Jun 2023 15:49:16 GMT
expires: Thu, 08 Jun 2023 15:49:16 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Jun 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102040
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
offerimage.com/www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg
172.67.22.216200 OK 9.4 kB URL GET HTTP/2 offerimage.com/www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg
IP 172.67.22.216:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash b5f73ce42127f4d8c5bfab96f57ecde2
686013156c0356f659f2f36284ecff5356a0e097
554f56616073200065c6c4690f8edfadf16c2e67450e625eaaa4386452afecfd
GET /www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Jun 2023 15:49:16 GMT
content-type: image/jpeg
content-length: 9380
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62807d8b-24a4"
expires: Fri, 09 Jun 2023 01:52:06 GMT
last-modified: Sun, 15 May 2022 04:11:55 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 50230
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4248ab291f1c0e-OSL
X-Firefox-Spdy: h2
marketing.etorostatic.com/others/general/js/seo.js
23.38.201.117200 OK 2.2 kB URL GET HTTP/2 marketing.etorostatic.com/others/general/js/seo.js
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type C source, ASCII text, with very long lines (366), with CRLF line terminators
Hash bb01557076c5f1cc6976325a60a0be7c
b58fd85d40531f38437cf336e87ad9a06abc6125
f4e583d9e9f125cea8f31880c54bf2e576ce90ba6755e89ca46a3fcf04ea70bd
GET /others/general/js/seo.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: IbCrnl2jHtt3ARkbdDtJdY1t/iT+eA6L1pkPIeISKQrHurrfYzN0CE54ZOlbBo/E9qrm76WQ/M0=
x-amz-request-id: 69QVGW75ZMC6VK3N
x-amz-replication-status: COMPLETED
last-modified: Tue, 10 Jan 2017 14:31:16 GMT
etag: "bb01557076c5f1cc6976325a60a0be7c"
x-amz-meta-s3b-last-modified: 20170110T142820Z
x-amz-version-id: SSqunX8tv_w4z_1vK9cbzCWNqGZTmd8y
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 08 Jun 2023 15:54:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
content-length: 2209
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-B0NS054E7V&l=dataLayer&cx=c
142.250.74.40200 OK 71 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-B0NS054E7V&l=dataLayer&cx=c
IP 142.250.74.40:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (2444)
Hash 7334e432bdff7cceac482664370e263e
8a3c23d60a9ab54cf3e8c97f6aad9e25fbc3cbda
f20d4c91b0f400d2857b37841c4139ec8b2cda0faf4e755713e8b1e830b9d952
GET /gtag/js?id=G-B0NS054E7V&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Jun 2023 15:49:16 GMT
expires: Thu, 08 Jun 2023 15:49:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70872
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sc-static.net/scevent.min.js
54.230.82.240200 OK 15 kB URL GET HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerAmazon
Subjectsc-static.net
Fingerprint87:A3:D4:61:E0:AE:FC:1D:D3:A2:D8:C4:87:CE:9B:A2:FA:36:32:AC
ValidityFri, 20 Jan 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (36219), with no line terminators
Hash ae0706429a60b2d79e949c8d6e8574f3
8b694397bdcf57f6160245699f7baa379e024ea7
83c94e966b557546af43e134a1419db503a92be96d147de79eedcf6c81c961bf
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 15419
server: CloudFront
date: Thu, 08 Jun 2023 15:49:16 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Fri, 09 Jun 2023 14:31:26 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IS_KiN0uRrMioeD8Bb3fHprUrBb0u06g7vKAn3yWfOfknTn8k8f_tg==
X-Firefox-Spdy: h2
status.thawte.com/
192.229.221.95 471 B IP 192.229.221.95:0
Hash 0eb29f10f475588c2ea4b049036b602a
624e2e2cf054fb786c9a032fcdede65cc5dfc917
1c2f655b579ad3444345ec5a6ff15cd6bebdc0e4eaae74211ce5cc235a2d6c12
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 211
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Thu, 08 Jun 2023 15:49:17 GMT
Last-Modified: Thu, 08 Jun 2023 15:45:46 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
c0.adalyser.com/adalyser.js?cid=etoro
34.251.24.70200 OK 12 kB URL GET HTTP/2 c0.adalyser.com/adalyser.js?cid=etoro
IP 34.251.24.70:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.adalyser.com
Fingerprint4D:63:74:26:EF:3E:32:8D:99:4E:EE:B2:E2:73:A7:EF:A6:BD:FC:3A
ValidityFri, 10 Jun 2022 00:00:00 GMT - Tue, 11 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (31834)
Hash 9c5c8bea169d7e1136642443f4de3f41
60b9cf4ef4ac6dab5294025f3c443ba3cca92451
c1b356f3f76ac3ce3f19997f63fa181cb9d05cd531eb1ee612ce69a2a57fa56f
GET /adalyser.js?cid=etoro HTTP/1.1
Host: c0.adalyser.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 08 Jun 2023 15:49:17 GMT
content-type: application/javascript
content-length: 12183
x-powered-by: Express
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="ADMa OUR IND DSP NON COR"
etag: "60b9cf4ef4ac6dab5294025f3c443ba3cca92451"
cache-control: public, max-age=21600
content-encoding: gzip
X-Firefox-Spdy: h2
c0.adalyser.com/tracking/track/v3/p?stm=1686239356604&e=lce1&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D12300%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&cid=etoro&p=%7B%22et%22%3A1686239356585%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Unknown%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%2272681%22%2C%22me%22%3A%22Networks%22%2C%22ca%22%3A%22(not%20set)%22%2C%22co%22%3A%2212300%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A1%2C%22sid%22%3A%22bce5ae47-33da-4b24-9a27-46738b2399eb%22%2C%22duid%22%3A%2206c9f600-7fe4-4564-9459-97e6641c3700%22%2C%22cw%22%3A1686239356585%7D&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&domain=go.etoro.com
34.251.24.70200 OK 43 B URL GET HTTP/2 c0.adalyser.com/tracking/track/v3/p?stm=1686239356604&e=lce1&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D12300%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&cid=etoro&p=%7B%22et%22%3A1686239356585%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Unknown%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%2272681%22%2C%22me%22%3A%22Networks%22%2C%22ca%22%3A%22(not%20set)%22%2C%22co%22%3A%2212300%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A1%2C%22sid%22%3A%22bce5ae47-33da-4b24-9a27-46738b2399eb%22%2C%22duid%22%3A%2206c9f600-7fe4-4564-9459-97e6641c3700%22%2C%22cw%22%3A1686239356585%7D&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&domain=go.etoro.com
IP 34.251.24.70:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.adalyser.com
Fingerprint4D:63:74:26:EF:3E:32:8D:99:4E:EE:B2:E2:73:A7:EF:A6:BD:FC:3A
ValidityFri, 10 Jun 2022 00:00:00 GMT - Tue, 11 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /tracking/track/v3/p?stm=1686239356604&e=lce1&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D12300%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&cid=etoro&p=%7B%22et%22%3A1686239356585%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Unknown%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%2272681%22%2C%22me%22%3A%22Networks%22%2C%22ca%22%3A%22(not%20set)%22%2C%22co%22%3A%2212300%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A1%2C%22sid%22%3A%22bce5ae47-33da-4b24-9a27-46738b2399eb%22%2C%22duid%22%3A%2206c9f600-7fe4-4564-9459-97e6641c3700%22%2C%22cw%22%3A1686239356585%7D&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&domain=go.etoro.com HTTP/1.1
Host: c0.adalyser.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Jun 2023 15:49:17 GMT
content-type: image/gif
content-length: 43
x-powered-by: Express
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="ADMa OUR IND DSP NON COR"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
etag: W/"2b-B//0C13UlayirE4cP7xgqg"
X-Firefox-Spdy: h2
dc.services.visualstudio.com/v2/track
52.236.186.218200 OK 0 B URL POST HTTP/2 dc.services.visualstudio.com/v2/track
IP 52.236.186.218:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerMicrosoft Corporation
Subjectin.applicationinsights.azure.com
FingerprintC9:AF:73:5B:59:C7:CE:FC:A1:2C:A1:09:6D:1A:AB:23:46:51:D0:AC
ValidityFri, 21 Apr 2023 07:14:50 GMT - Mon, 15 Apr 2024 07:14:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Referer: https://go.etoro.com/
Origin: https://go.etoro.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Thu, 08 Jun 2023 15:49:16 GMT
content-length: 0
X-Firefox-Spdy: h2
dc.services.visualstudio.com/v2/track
52.236.186.218200 OK 96 B URL POST HTTP/2 dc.services.visualstudio.com/v2/track
IP 52.236.186.218:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerMicrosoft Corporation
Subjectin.applicationinsights.azure.com
FingerprintC9:AF:73:5B:59:C7:CE:FC:A1:2C:A1:09:6D:1A:AB:23:46:51:D0:AC
ValidityFri, 21 Apr 2023 07:14:50 GMT - Mon, 15 Apr 2024 07:14:50 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 04433ec1ff671159abfc4515498ce810
912c15f4f6359fcc1a830cea7feecb50b0096695
90d4582122c25303fff98bc5bb393a6545d9c4a872225587978be8e0c234bcef
POST /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Sdk-Context: appId
Content-Length: 3554
Origin: https://go.etoro.com
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-ms-session-id: 790C1151-C942-43D0-ABF4-ED6C71B254B7
strict-transport-security: max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Thu, 08 Jun 2023 15:49:16 GMT
content-length: 96
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintC6:94:6C:D5:87:F6:E9:11:E4:40:13:7F:80:49:D3:4C:A0:04:89:C7
ValidityThu, 16 Feb 2023 03:47:45 GMT - Wed, 16 Aug 2023 03:47:45 GMT
File type Unicode text, UTF-8 text, with very long lines (41435), with no line terminators
Hash 12b0721aebdc9816a2a99bcce751c1b3
6f01d33b811a39a95dbf0ada288306e1376099e1
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 12183
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ranges: bytes
etag: "80df77953384d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E0E403E454DA4F27BA34304D2DB5C3FF Ref B: OSL30EDGE0406 Ref C: 2023-06-08T15:49:17Z
date: Thu, 08 Jun 2023 15:49:16 GMT
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
87.248.119.251200 OK 6.2 kB IP 87.248.119.251:443
ASN #203220 Yahoo! UK Services Limited
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
FingerprintC0:4A:61:1C:48:51:BB:C4:D5:75:88:D6:2F:7A:BE:2C:56:1E:7B:80
ValidityMon, 22 May 2023 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (18034), with no line terminators
Hash 62d9fe1cc1697022ba0fe2a4d038b308
8616f2f7a67576c426ad8f873f259f0a9e6677b8
e4164edd6af46ad5e9c02a482bdcd2a9c3e9eb199cee06bcd12cc751ce73de87
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: bcHSBr7B7IFNJ50zbmne3VgGEHX5CYvNg/Oiub6Ug4nfFA8DKzUhekSbwSCyG4I3ML70B9QkyZg=
x-amz-request-id: GSSE9VXZ5FGVNFQ9
date: Thu, 08 Jun 2023 15:48:48 GMT
last-modified: Wed, 07 Jun 2023 11:01:50 GMT
x-amz-expiration: expiry-date="Fri, 12 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "62d9fe1cc1697022ba0fe2a4d038b308-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: pM_8Podf2LG1oYqe3ugSKxJX2zCnEaDh
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 30
content-encoding: gzip
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10118123.json
87.248.119.251200 OK 46 B URL GET HTTP/2 s.yimg.com/wi/config/10118123.json
IP 87.248.119.251:443
ASN #203220 Yahoo! UK Services Limited
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
FingerprintC0:4A:61:1C:48:51:BB:C4:D5:75:88:D6:2F:7A:BE:2C:56:1E:7B:80
ValidityMon, 22 May 2023 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 21e2ae430121102daa2c1810b5cf910b
ffef080cc2eacc942a9bcb67561f790c34ed3fb0
a44e6042de416123c90209eb39d7fdbe79665819ffbb07646cc939bb2dfa84e0
GET /wi/config/10118123.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.etoro.com
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: Mlg4cT1xx0+hBgxdD2mrFTExaQldrZ/HcqlHuO3sxv9+m9+qOZ8k4y0Ctk8Nai+eYNQC29DcnSg=
x-amz-request-id: 37KAPWTMKBK3WDSD
date: Thu, 08 Jun 2023 15:48:58 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Thu, 13 Oct 2022 22:00:29 GMT
x-amz-expiration: expiry-date="Sat, 18 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "21e2ae430121102daa2c1810b5cf910b"
x-amz-server-side-encryption: AES256
x-amz-version-id: PPtAZrGHQpA8i..pPqBYS_TW.49B0pC2
accept-ranges: bytes
content-type: application/json
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
age: 20
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bat.bing.com/p/action/19002254.js
204.79.197.200204 No Content 0 B URL GET HTTP/2 bat.bing.com/p/action/19002254.js
IP 204.79.197.200:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintC6:94:6C:D5:87:F6:E9:11:E4:40:13:7F:80:49:D3:4C:A0:04:89:C7
ValidityThu, 16 Feb 2023 03:47:45 GMT - Wed, 16 Aug 2023 03:47:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/19002254.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E68529A3562540EBA769588F31C67F4A Ref B: OSL30EDGE0406 Ref C: 2023-06-08T15:49:17Z
date: Thu, 08 Jun 2023 15:49:16 GMT
X-Firefox-Spdy: h2
niwooghu.com/impression/BAJZKNdBD2jBEjnsED04dJWkXzSbcMGKktsZwKREx_J5XA2XQ6BdKgJhvI-rveVu6JmcLSubMLCXER1uVTSDFbVkZ56lwRBYOK7WC85giQa1G5fbr-oLFLmUnAJONjgI6sUva6_xXX3UxzItcVLvCPuM8Ki6XpCvzQRmG45fnUAZ2b2hg37DSG3aA6C5eimAEJMbx5QRYH7U2TQnwj5UbCg-5rXcSNLrYPmMizYa28uhNOw02ZaYgjvBkpsGAesGavsW__f6N5BTdpL4dgt1nif-nVGQA7pwO6itNVMI2QArKSgTJdZJpOFPAiXbmHzl5puYY-idFuNRTaELAvqJkg3wSpkjr0e5U9bvLCk3Frbiy599BkDZVXN8lBC1rHYTPE61IGU3wVe09j-fN6QzZQLM5AAXHNUHNyQoIqcY5A29FHG95BWX50Vk9mwkqF3tw6kifqD1ZLNN56EgxtCwRzZCX_cpQefc1xKk6ef8Mq2T-Bej1UWUjqZjX8qqyb1YAs1bSc7g4FA0u5_CpD7yMSsqFkUFBmN_T4oqKGgVM0hyCcOgmwXHWEg7kV-cFhkk1lvuO-d9UBUTmF_meQ00YIgFhVvPUJgsEi50mNAzDsd-oK8GHj2fe5fn-x_7rrQT?_z=5904249&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL GET HTTP/2 niwooghu.com/impression/BAJZKNdBD2jBEjnsED04dJWkXzSbcMGKktsZwKREx_J5XA2XQ6BdKgJhvI-rveVu6JmcLSubMLCXER1uVTSDFbVkZ56lwRBYOK7WC85giQa1G5fbr-oLFLmUnAJONjgI6sUva6_xXX3UxzItcVLvCPuM8Ki6XpCvzQRmG45fnUAZ2b2hg37DSG3aA6C5eimAEJMbx5QRYH7U2TQnwj5UbCg-5rXcSNLrYPmMizYa28uhNOw02ZaYgjvBkpsGAesGavsW__f6N5BTdpL4dgt1nif-nVGQA7pwO6itNVMI2QArKSgTJdZJpOFPAiXbmHzl5puYY-idFuNRTaELAvqJkg3wSpkjr0e5U9bvLCk3Frbiy599BkDZVXN8lBC1rHYTPE61IGU3wVe09j-fN6QzZQLM5AAXHNUHNyQoIqcY5A29FHG95BWX50Vk9mwkqF3tw6kifqD1ZLNN56EgxtCwRzZCX_cpQefc1xKk6ef8Mq2T-Bej1UWUjqZjX8qqyb1YAs1bSc7g4FA0u5_CpD7yMSsqFkUFBmN_T4oqKGgVM0hyCcOgmwXHWEg7kV-cFhkk1lvuO-d9UBUTmF_meQ00YIgFhVvPUJgsEi50mNAzDsd-oK8GHj2fe5fn-x_7rrQT?_z=5904249&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/BAJZKNdBD2jBEjnsED04dJWkXzSbcMGKktsZwKREx_J5XA2XQ6BdKgJhvI-rveVu6JmcLSubMLCXER1uVTSDFbVkZ56lwRBYOK7WC85giQa1G5fbr-oLFLmUnAJONjgI6sUva6_xXX3UxzItcVLvCPuM8Ki6XpCvzQRmG45fnUAZ2b2hg37DSG3aA6C5eimAEJMbx5QRYH7U2TQnwj5UbCg-5rXcSNLrYPmMizYa28uhNOw02ZaYgjvBkpsGAesGavsW__f6N5BTdpL4dgt1nif-nVGQA7pwO6itNVMI2QArKSgTJdZJpOFPAiXbmHzl5puYY-idFuNRTaELAvqJkg3wSpkjr0e5U9bvLCk3Frbiy599BkDZVXN8lBC1rHYTPE61IGU3wVe09j-fN6QzZQLM5AAXHNUHNyQoIqcY5A29FHG95BWX50Vk9mwkqF3tw6kifqD1ZLNN56EgxtCwRzZCX_cpQefc1xKk6ef8Mq2T-Bej1UWUjqZjX8qqyb1YAs1bSc7g4FA0u5_CpD7yMSsqFkUFBmN_T4oqKGgVM0hyCcOgmwXHWEg7kV-cFhkk1lvuO-d9UBUTmF_meQ00YIgFhVvPUJgsEi50mNAzDsd-oK8GHj2fe5fn-x_7rrQT?_z=5904249&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fz%3D5904237%26p%3D5904254%26ipp%3D5904249%26pez%3D5982883%26rv%3D5982989%26ext%3D6026300%26var%3Dzd_6003257%26ar%3D1%26ymid%3D690700424564711669%26source%3D426377%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9828&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Cookie: OAID=4b9235541ffc42ee9d7fb57c156c3b88
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:18 GMT
content-type: image/gif
content-length: 43
x-trace-id: 41bfdd8a636a8e435affd429fce458c6
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
offerimage.com/www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg
172.67.22.216200 OK 9.4 kB URL GET HTTP/2 offerimage.com/www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg
IP 172.67.22.216:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash b5f73ce42127f4d8c5bfab96f57ecde2
686013156c0356f659f2f36284ecff5356a0e097
554f56616073200065c6c4690f8edfadf16c2e67450e625eaaa4386452afecfd
GET /www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Jun 2023 15:49:18 GMT
content-type: image/jpeg
content-length: 9380
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62807d8b-24a4"
expires: Fri, 09 Jun 2023 01:52:06 GMT
last-modified: Sun, 15 May 2022 04:11:55 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 50232
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4248b73e901c0e-OSL
X-Firefox-Spdy: h2
etorologsapi.etoro.com/api/v2/monitoring?applicationIdentifier=etoro-landing-pages
20.54.209.212200 OK 0 B URL POST HTTP/2 etorologsapi.etoro.com/api/v2/monitoring?applicationIdentifier=etoro-landing-pages
IP 20.54.209.212:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert, Inc.
Subject*.etoro.com
FingerprintC8:F0:F1:4C:11:D8:F7:C5:F7:F9:06:CB:52:7E:6A:8C:44:3F:A5:18
ValidityMon, 18 Jul 2022 00:00:00 GMT - Tue, 18 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/monitoring?applicationIdentifier=etoro-landing-pages HTTP/1.1
Host: etorologsapi.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://go.etoro.com/
Origin: https://go.etoro.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 08 Jun 2023 15:49:21 GMT
server: Kestrel
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://go.etoro.com
access-control-max-age: 3600
vary: Origin
request-context: appId=cid-v1:fd70748c-8efd-4b7f-a0f0-36ea0c443ced
X-Firefox-Spdy: h2
etorologsapi.etoro.com/api/v2/monitoring?applicationIdentifier=etoro-landing-pages
20.54.209.212200 OK 0 B URL POST HTTP/2 etorologsapi.etoro.com/api/v2/monitoring?applicationIdentifier=etoro-landing-pages
IP 20.54.209.212:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert, Inc.
Subject*.etoro.com
FingerprintC8:F0:F1:4C:11:D8:F7:C5:F7:F9:06:CB:52:7E:6A:8C:44:3F:A5:18
ValidityMon, 18 Jul 2022 00:00:00 GMT - Tue, 18 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/monitoring?applicationIdentifier=etoro-landing-pages HTTP/1.1
Host: etorologsapi.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1077
Origin: https://go.etoro.com
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Jun 2023 15:49:21 GMT
content-length: 0
server: Kestrel
access-control-allow-origin: https://go.etoro.com
cache-control: private, max-age=0, must-revalidate=true, noCache=true, noStore=true
vary: Origin, Origin
request-context: appId=cid-v1:fd70748c-8efd-4b7f-a0f0-36ea0c443ced
X-Firefox-Spdy: h2
dc.services.visualstudio.com/v2/track
52.236.186.218200 OK 49 B URL POST HTTP/2 dc.services.visualstudio.com/v2/track
IP 52.236.186.218:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerMicrosoft Corporation
Subjectin.applicationinsights.azure.com
FingerprintC9:AF:73:5B:59:C7:CE:FC:A1:2C:A1:09:6D:1A:AB:23:46:51:D0:AC
ValidityFri, 21 Apr 2023 07:14:50 GMT - Mon, 15 Apr 2024 07:14:50 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 5cc3c2fb5dbe3f353cdeea1d72f34814
665018d8fd33758e1a2e143d1346f4f12c627b96
2d4e6fc4cc086cf99949cb1d9c45ece2336d1a1b457fe7eb3136377bdf285aa2
POST /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=utf-8
Content-Length: 2435
Origin: https://go.etoro.com
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-ms-session-id: BA2C6440-1D32-4FE1-AD8C-9C736F9C4AAA
strict-transport-security: max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Thu, 08 Jun 2023 15:49:28 GMT
content-length: 49
X-Firefox-Spdy: h2
rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
188.114.97.1200 OK 27 kB URL User Request GET HTTP/2 rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
IP 188.114.97.1:443
Certificate IssuerLet's Encrypt
Subjectrewardarium.com
Fingerprint48:99:E8:1A:96:D8:47:A0:32:D0:2B:88:85:BD:1D:F8:C4:E5:47:0F
ValiditySun, 04 Jun 2023 18:05:58 GMT - Sat, 02 Sep 2023 18:05:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828 HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdntechone.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 08 Jun 2023 15:49:14 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkEPl41NNI%2BtYspHVgipa%2FcQiacpT8avkynearWjHxc8UUaS1VdjdVj2O%2B9eA2WWm6pQw0lwcXthf13dzA%2FOG2%2FKTBGjjrNMlkmGKN8nxBv5i%2FNnESnEGxpNoNkU0gJn6hg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d42489cdc981c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=5776812&ymid=690700424564711669&var=zd_6003257&var3=426377
139.45.197.250200 OK 15 kB URL GET HTTP/2 stootsou.net/pfe/current/tag.min.js?z=5776812&ymid=690700424564711669&var=zd_6003257&var3=426377
IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type C source, ASCII text, with very long lines (14679), with no line terminators
Hash a638f334f18bf9bef5435cdffe56f9f0
503868073788922413ff3cad1d6404928280acce
79956329e90a4e4abfdf9c3a4d69d4c78e32b8b1d9f602add95d9e9d0cc32b29
GET /pfe/current/tag.min.js?z=5776812&ymid=690700424564711669&var=zd_6003257&var3=426377 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:14 GMT
content-type: application/javascript
last-modified: Fri, 02 Jun 2023 13:08:32 GMT
etag: W/"6479e9d0-3957"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
172.64.202.8200 OK 18 kB URL GET HTTP/2 cdntechone.com/stattag.js
IP 172.64.202.8:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (17871)
Hash 0fdff67feab23cc69ecfb6800fc54cb7
eb84c650e6d27e290795207b1f37dd7b67f2aa06
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 08 Jun 2023 15:49:14 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:53 GMT
etag: W/"646736c9-4859"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6388
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu4p5E17KNwpRsavYIrDK8RByGc3%2FtJT53S2bjbhAhKUCNzIxmrgXQ3CCnEbQsgQKCYdwzpS9nanGI9ls0s%2BbgizWHDyowOlH7x%2BX6ts%2BKSi2UUamCPGtL%2BcoaDuQU8FcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d42489f8acb772f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/slider/etoro_loader_cyc.png
23.38.201.117200 OK 1.2 kB URL GET HTTP/2 etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/slider/etoro_loader_cyc.png
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash dfe88860b37800e402465e2ba8fcda23
267e494006dcd2f90cde9b773c2edd73bd230f98
222a7f68e4b9ac4a8b7db1596bcc4c4ae259f7b5b35ed398acd2c3af8064de90
GET /studio/content/lp/cache_1/etoro-lps/slider/etoro_loader_cyc.png HTTP/1.1
Host: etoro-cdn.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: XztXF6j4BO9k/Dguby0SDZF1KGVhbc7s/sO8DgZypG035OXggqUJ2IWsok7bTIxZ3hKJcdq0M7g=
x-amz-request-id: SJ5X9YQT4YEN8WF9
x-amz-replication-status: COMPLETED
last-modified: Mon, 04 Jun 2018 04:50:25 GMT
etag: "dfe88860b37800e402465e2ba8fcda23"
x-amz-meta-s3b-last-modified: 20180411T105754Z
x-amz-version-id: QRygE2XwGUU0V_sJeR79ocSaxLTx2E9F
accept-ranges: bytes
content-type: image/png
content-length: 1243
server: AmazonS3
cache-control: max-age=604800
expires: Thu, 15 Jun 2023 15:49:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=19002254&tm=gtm002&Ver=2&mid=f372fdf6-0e08-41eb-a9b8-19f4d7f26cfa&sid=063f3c70061411eebb3dcbf395c8b5a4&vid=063f3880061411ee97b5ed60128154d1&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=eToro%20practice%20account&p=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D12300%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&r=<=1562&evt=pageLoad&ifm=1&sv=1&rn=592636
204.79.197.200204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=19002254&tm=gtm002&Ver=2&mid=f372fdf6-0e08-41eb-a9b8-19f4d7f26cfa&sid=063f3c70061411eebb3dcbf395c8b5a4&vid=063f3880061411ee97b5ed60128154d1&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=eToro%20practice%20account&p=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D12300%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&r=<=1562&evt=pageLoad&ifm=1&sv=1&rn=592636
IP 204.79.197.200:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintC6:94:6C:D5:87:F6:E9:11:E4:40:13:7F:80:49:D3:4C:A0:04:89:C7
ValidityThu, 16 Feb 2023 03:47:45 GMT - Wed, 16 Aug 2023 03:47:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=19002254&tm=gtm002&Ver=2&mid=f372fdf6-0e08-41eb-a9b8-19f4d7f26cfa&sid=063f3c70061411eebb3dcbf395c8b5a4&vid=063f3880061411ee97b5ed60128154d1&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=eToro%20practice%20account&p=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D12300%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&r=<=1562&evt=pageLoad&ifm=1&sv=1&rn=592636 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1BACB68F38AD6B9E3D4EA5A539FA6A06; domain=.bing.com; expires=Tue, 02-Jul-2024 15:49:17 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3CC8B2CAB6374EE5913C7ECB2B454E25 Ref B: OSL30EDGE0406 Ref C: 2023-06-08T15:49:17Z
date: Thu, 08 Jun 2023 15:49:16 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/landingpages/main-es2015.0e165bc087beafe79807.js
23.38.201.117200 OK 523 kB URL GET HTTP/2 marketing.etorostatic.com/landingpages/main-es2015.0e165bc087beafe79807.js
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 523 kB (522656 bytes)
Hash 828a48398a0a558ba9f4c48e90ad76ba
a5bec75b83181f252f0238c6ce2f174968c90286
175cf0b959b4b85e248b133c143abe35169063c770924f7a03d303805043c53b
GET /landingpages/main-es2015.0e165bc087beafe79807.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.etoro.com
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: eDb1st8dR22OORkQRE6axEDfyICSu21pVGFyrbVus4pEfaxUKmq746tkP1cTGxu0JdoDLuWe9zY=
x-amz-request-id: NS7VKRTEZHKA00J1
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 May 2023 10:28:55 GMT
etag: "828a48398a0a558ba9f4c48e90ad76ba"
x-amz-server-side-encryption: AES256
x-amz-version-id: YjMcunnk5fQxvx0Yh455NPhIbjwO.ynT
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 08 Jun 2023 15:54:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/fonts/madera/Madera-Medium.ttf
23.38.201.117200 OK 156 kB URL GET HTTP/2 etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/fonts/madera/Madera-Medium.ttf
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 42 names, Macintosh, Copyright \251 2018-2020 Monotype Imaging Inc. All rights reserved.Madera MediumRegularMonotype \012- data
Size 156 kB (155544 bytes)
Hash d5888614c5b3d758ef59fa6600e7425e
54d7e0b237e2412592dcc4b9b11fe0d7e0e26752
d144af5ebf9f2ce2c4e6eca89b38e8fc5961014e66d4d76ea46e832be3d6f959
GET /studio/content/lp/cache_1/etoro-lps/fonts/madera/Madera-Medium.ttf HTTP/1.1
Host: etoro-cdn.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.etoro.com
DNT: 1
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: nblT89t0u5uwevTGLaU+eog/wH9xflAljrdcDrqCcjA1Zvspu4vaMAZfVa9+65eN/1JBbSNznbs=
x-amz-request-id: MN2THFD78W4RQFT5
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 16 Jan 2022 07:07:48 GMT
etag: "d5888614c5b3d758ef59fa6600e7425e"
x-amz-meta-sha256: d144af5ebf9f2ce2c4e6eca89b38e8fc5961014e66d4d76ea46e832be3d6f959
x-amz-meta-s3b-last-modified: 20220116T070301Z
x-amz-version-id: YMg5tZdevSXydv6Mb5hXds7Amba8krCd
accept-ranges: bytes
content-type: application/x-font-ttf
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Thu, 15 Jun 2023 15:49:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
marketing.etorostatic.com/landingpages/styles.4790a78ce9e0c36032e3.css
23.38.201.117200 OK 128 kB URL GET HTTP/2 marketing.etorostatic.com/landingpages/styles.4790a78ce9e0c36032e3.css
IP 23.38.201.117:443
Requested by https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
Certificate IssuerDigiCert Inc
Subject*.etorostatic.com
Fingerprint51:58:BB:6B:D2:A4:49:31:5D:65:E6:5B:AC:9A:39:22:3F:30:33:EE
ValiditySun, 26 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 128 kB (128432 bytes)
Hash a1a5645b0fa378578544aa0cd1c083db
403315293f2a73445b70f5cfc9477100bf67d716
e32b811efa56d7b1954310de1321358439285dad2fee2e5e39372a530df9ab08
GET /landingpages/styles.4790a78ce9e0c36032e3.css HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: qWj9khezOWGUK5WZ1pGrYwDzdLTMGi5ENxaDCoehHIv+gjiL4kMTlFGv17J2EelbyN+90atnfBY=
x-amz-request-id: K4VS1TC4GBESY5FV
x-amz-replication-status: COMPLETED
last-modified: Tue, 30 May 2023 09:12:26 GMT
etag: "a1a5645b0fa378578544aa0cd1c083db"
x-amz-server-side-encryption: AES256
x-amz-version-id: 3tCxZiRjPy2R0rsASYaEVUog859nG0fd
accept-ranges: bytes
content-type: text/css
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 08 Jun 2023 15:54:16 GMT
date: Thu, 08 Jun 2023 15:49:16 GMT
content-length: 15928
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.438
139.45.197.250200 OK 103 kB URL GET HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.438
IP 139.45.197.250:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 103 kB (103263 bytes)
Hash 88abe13cd309c4d0ebbf8a298e5bdffe
f40d8541f2f56659251117a14e336aecf7eecb4a
d3df0432dffd1232981b9d981cd6c4618f56ae992502729c36dd2e25be41b642
GET /pfe/current/universal.min.js?v=3.1.438 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: application/javascript
last-modified: Fri, 02 Jun 2023 13:08:32 GMT
etag: W/"6479e9d0-1935f"
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
psaudous.com/4/5904237/?ymid=690700424564711669&var=zd_6003257&var3=426377
139.45.197.239200 OK 2.1 kB URL GET HTTP/2 psaudous.com/4/5904237/?ymid=690700424564711669&var=zd_6003257&var3=426377
IP 139.45.197.239:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectpsaudous.com
Fingerprint74:1B:0B:1B:1B:A5:B9:16:B3:8D:1B:39:D1:7D:7D:00:8A:53:AB:D0
ValidityThu, 23 Mar 2023 05:13:48 GMT - Wed, 21 Jun 2023 05:13:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2155), with no line terminators
Hash 3791f6333d34f9f3a1a7c0a55773fcc7
47ea3c47f16d5e50fb3699e1c3a037c0706fe302
1a7858442ade20ed7bf406f23bcfe8bc067be6032dc1e6e488423d01adec8eb8
GET /4/5904237/?ymid=690700424564711669&var=zd_6003257&var3=426377 HTTP/1.1
Host: psaudous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: text/html; charset=utf8
x-trace-id: ca2372f239691eb4a501d23b69270645
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://selymer-sperts.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
access-control-allow-credentials: true
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=a15b8e1ef460480f9056232a772ad68f; expires=Fri, 07 Jun 2024 15:49:15 GMT; path=/; secure; SameSite=None
oaidts=1686239355; expires=Fri, 07 Jun 2024 15:49:15 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *, *
access-control-allow-methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, Accept, Content-Type, Content-Length, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
content.etoro.com/lp/practice_account/?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
104.18.35.149301 Moved Permanently 24 kB URL GET HTTP/2 content.etoro.com/lp/practice_account/?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
IP 104.18.35.149:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerDigiCert, Inc.
Subject*.etoro.com
FingerprintC8:F0:F1:4C:11:D8:F7:C5:F7:F9:06:CB:52:7E:6A:8C:44:3F:A5:18
ValidityMon, 18 Jul 2022 00:00:00 GMT - Tue, 18 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lp/practice_account/?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term= HTTP/1.1
Host: content.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 08 Jun 2023 15:49:15 GMT
content-type: text/html; charset=UTF-8
location: https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
set-cookie: __cf_bm=NOicBYhBQ0JdEPC70wmrHf6AtSdNusQ1phg.wvBMxKg-1686239355-0-AV2a4dkkjGbTzOmOYP/CVtxWPQ21Q6FuYYGKTm4WTG7TC82HnFM3Wju3uEnmGI7rw2a7qPTdTLmNFC32VkQWnhjMvTTrjSHYrMcSal9+2y3D; path=/; expires=Thu, 08-Jun-23 16:19:15 GMT; domain=.etoro.com; HttpOnly; Secure; SameSite=None
__cfruid=d81c1d9266e3bd62efb8cd8354422e10ede7db08-1686239355; path=/; domain=.etoro.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7d4248a439b9b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
104.110.14.59200 OK 24 kB URL GET HTTP/2 go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term=
IP 104.110.14.59:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerDigiCert Inc
Subject*.etoro.com
Fingerprint05:6D:D1:FC:B5:BD:38:38:23:90:06:35:FB:0C:F0:DE:AB:53:EA:4B
ValiditySun, 26 Feb 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (20659)
Hash dd9e40080f73245f80b9c0ac73d9ad2d
89eadceb1a4f4d7fa99dcadff240a17fd5f69723
28eba0089c3aab70c0dc91e65bdfe0b1d3307517272429f22d9b66ea23e1c58f
GET /en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=12300&utm_serial=&utm_campaign=&utm_term= HTTP/1.1
Host: go.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=NOicBYhBQ0JdEPC70wmrHf6AtSdNusQ1phg.wvBMxKg-1686239355-0-AV2a4dkkjGbTzOmOYP/CVtxWPQ21Q6FuYYGKTm4WTG7TC82HnFM3Wju3uEnmGI7rw2a7qPTdTLmNFC32VkQWnhjMvTTrjSHYrMcSal9+2y3D; __cfruid=d81c1d9266e3bd62efb8cd8354422e10ede7db08-1686239355
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
request-context: appId=cid-v1:35936646-66d4-4f8d-a033-e97456c4c9a7
x-powered-by: Express
etag: W/"5e71-ierc6xpPTX+pncrf8kChf9X2lyM"
content-encoding: gzip
content-length: 3741
expires: Thu, 08 Jun 2023 15:49:15 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Jun 2023 15:49:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
biward.com/favicon.ico?isReturn=https://psaudous.com/4/6026300/?ymid=690700424564711669&var=zd_6003257&var3=426377
188.114.97.1200 OK 15 kB URL GET HTTP/2 biward.com/favicon.ico?isReturn=https://psaudous.com/4/6026300/?ymid=690700424564711669&var=zd_6003257&var3=426377
IP 188.114.97.1:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectbiward.com
FingerprintB2:08:61:BA:13:07:7E:2A:68:D9:D3:31:08:C3:00:4B:1A:79:71:1A
ValiditySat, 29 Apr 2023 19:15:30 GMT - Fri, 28 Jul 2023 19:15:29 GMT
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b4b59c441458d60d043cfcbb8d130a26
5e0b564efdeae97f485445040b32c1fc1e8cbc00
c47c5ef61cd213ff9e0985933bf2e27fc4cf22aada47346e3e2964749e8e48b7
GET /favicon.ico?isReturn=https://psaudous.com/4/6026300/?ymid=690700424564711669&var=zd_6003257&var3=426377 HTTP/1.1
Host: biward.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 08 Jun 2023 15:49:14 GMT
content-type: image/x-icon
last-modified: Thu, 08 Jun 2023 12:33:30 GMT
etag: W/"6481ca9a-3aee"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sorhWjOj3MjciMdYcCv02h5XHdILf61178x2ErF3Xp6ItNw2%2Bz7r8OdFSsgXybp5mXc2Sdrjgu15smKYYkh1KK839tmivQUSoiygFNveZzc0q3zlGO1f1mYc9%2Bw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d42489f1ad8b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rewardarium.com/lightning.svg
188.114.97.1200 OK 558 B URL GET HTTP/3 rewardarium.com/lightning.svg
IP 188.114.97.1:443
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerLet's Encrypt
Subjectrewardarium.com
Fingerprint48:99:E8:1A:96:D8:47:A0:32:D0:2B:88:85:BD:1D:F8:C4:E5:47:0F
ValiditySun, 04 Jun 2023 18:05:58 GMT - Sat, 02 Sep 2023 18:05:57 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (603), with no line terminators
Hash 9c0ef0f4019464092e924742904d75ea
33ed4dae960a9bfc33b63882d39e47ec431ec46d
2b810d0b2fb0339bca96276a4646b209804b992d8dbffb6e0d62651e48d97e83
GET /lightning.svg HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 08 Jun 2023 15:49:14 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"9cbec3ef22e57179a0901d90b7b6e2fd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpQpBOFvDdK%2BoTU1VOGw4MJcVcW0ADzCZvxq6lrZXi3NbUQshNi8Ws0G2vDf%2BzSYkZtmHSOJbpZLXlM2I%2BE7FLYkXA9q6a%2FwLIaKpiW7R2fhsJ%2B25gwQKXTzbxRad997NKJGXrmiqMxerEFWjZg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 3834
server: cloudflare
cf-ray: 7d42489e9a32fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
i.th61.com/watch?zone=5904237&var=zd_6003257&ymid=690700424564711669&s=3
0.0.0.0 0 B URL POST i.th61.com/watch?zone=5904237&var=zd_6003257&ymid=690700424564711669&s=3
IP 0.0.0.0:0
Requested by https://rewardarium.com/?z=5904237&p=5904254&ipp=5904249&pez=5982883&rv=5982989&ext=6026300&var=zd_6003257&ar=1&ymid=690700424564711669&source=426377&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9828
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint80:B8:25:47:ED:82:D4:A7:46:25:E7:D0:EF:21:B6:EE:31:E1:D5:63
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /watch?zone=5904237&var=zd_6003257&ymid=690700424564711669&s=3 HTTP/1.1
Host: i.th61.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Thu, 08 Jun 2023 15:49:27 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=um0jYrom%2ButEVPBkVdq23D%2FtDlAkcvwgIEKZdqWSvVlwVdzI5ov39ZpmXd5nZLObtEExCyL3Az1YN3Z5G9XoXUeBIQxmo2mRp1GKhPuA8QEcMWoMwaEU0Ii2VnYD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d42489efe3c0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2