| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/11.png | 172.67.189.240 | 200 OK | 4.2 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/11.png IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typePNG image data, 531 x 531, 4-bit colormap, non-interlaced Hasha37a23b2a0618413adef70fb8204160b 77ea62ed00de2374e9680384a0f0ac2c119c6875 e036e6f8908a87aa0e5189b8096ed0e4faed461b17eb7646c9e48011d2b27b5c
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/11.png HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: image/png
content-length: 4220
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: "6401edbf-107c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r8MoyT%2B4Y82mZjXGahZf2eE6qIfsG0hatVT71oPryQqwUfSKckMt35GFN0MX4mXCtwHT7IgWRi5NiJfX%2FM5HH5HNQbfP0fXmnZl8AOwB0rCcBCxfHru7HgBE3F84bB4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee6ea156b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/spin.png | 172.67.189.240 | 200 OK | 9.4 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/spin.png IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typePNG image data, 136 x 137, 8-bit/color RGBA, non-interlaced Hash7b5a73affea89f7a61cf02447cd8b28f aac3bbde34f52de14d589c9e1f1eaff0d2c86050 661a42f28393a654900c07858bc59ef1c608420765e93788aa3f58dcd8c84bc1
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/spin.png HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: image/png
content-length: 9424
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: "6401edbf-24d0"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ASiiR9lvE3RUIvvmLqQCpHQAJHmRyzi93jzIsqEjz6tIWO3PD3sXCbzibnNRBD8eFsAoQg71fdjk2CLnX6445vtL9e4mZ4UA5k%2BHhLy8f78btBIDs%2BAf8Bjjx1XJ3KU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee6ea456b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/1.png | 172.67.189.240 | 200 OK | 20 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/1.png IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hash72af383b6e6785cc96323a7fad263c75 aa5b65f777efa7ab5aa38c65c212341f2971da78 a14c6e3749c84f8be26a39f0bc5850d78749909e9026827ef771e135a47042ed
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/1.png HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: image/png
content-length: 20401
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: "6401edbf-4fb1"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KO3TDYRpW5DSGg6A1odeBgqsw5WQ863vsMMcSnVePTihdQSBWD51S3rVc1M7icE9TO2I9kfAnREURJeKHJgLMhdn3A8LezA6ot50rIUIbQUrfO%2FqGqBr24Q7r0n2S8U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee6ea656b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/5.png | 172.67.189.240 | 200 OK | 6.0 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/5.png IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hash8b6ae9d5f0edaeb043509b63f0798466 b4173bc837da393ce683d5c0021dd7e541d32947 1fbb172f707cf016e445c0febaa6e10ec9d68f5c10de845eb8b100632664a054
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/5.png HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: image/png
content-length: 5996
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: "6401edbf-176c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0616J%2Bj9HOYvFIcNU8p6uFeJC%2BJrfXKJ0maqfS8ya6FegyYz85o2vEKJyYJ1TEpUVnI96IsqhwT4a2c76m7pK41svRtXgOxGlcKRR0No6KQ2KOj0ptp5v2Kvnonyfow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee6eb456b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/6.png | 172.67.189.240 | 200 OK | 7.7 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/6.png IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hashd0c785a1000318f01a3004ba52bb6bed fc2b30f76884e8a493353d53ca608da556479349 eb2ee47bfa12e0b29d440f20470f10e4eae63ade8cabbfbe1bed8b3b27adc67b
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/6.png HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: image/png
content-length: 7713
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: "6401edbf-1e21"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7u4mW05sVA9S0r4CiNhOTLuGMFrRc9DrUcbSZAzu4o9l8oeLO2UyddhwuzDVn%2FlPR48w68uOELNHO8VZdPX4MFylTS%2BvMsEBJZwi3rl58DOHJW%2FWBB50ci4FVRxuqQ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee6eb656b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/7.png | 172.67.189.240 | 200 OK | 8.1 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/7.png IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hash26958d2dfdbb2b9c702128456dfa9b63 c3852725dd934e0df8c21a16a4ca1784ac24cc91 cf36393abf98f448205bb15c4ce13fc73ecce186513f83a15b29dd01a7dfe617
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/7.png HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: image/png
content-length: 8061
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: "6401edbf-1f7d"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h2eXH2BHUAoUpJ4Qt3RsnUorqjy3gronLcxu90Kygk9QH4bXjQS%2BkFwvxonZdWz647XgxqvH%2FFd8omnYXojlTNmvEtjmdVYHT9%2FYAWKylnPbbZzTlIXtDOP%2BpJfexAQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee7eb756b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/translate_24dp.png | 172.67.189.240 | 200 OK | 846 B |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/translate_24dp.png IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typePNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced Hashe9cd262114358f26b7608b56905185dc 6dbde0a96deaab2b529723ce26c62043cf9180ab 5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/translate_24dp.png HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: image/png
content-length: 846
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: "6401edbf-34e"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FLte6ySOUZusYoy96vstqO3MFY7Ye6JlgMhyDC%2BgKDILMFJJeqiPPMBGP3TAPNdTgXKd%2FevWcJa7poOg4JHgncwe63zZFhH6Df5O7PaA%2BsUHgzMRPO4HXlfuePzlh%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee7ec856b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/2.png | 172.67.189.240 | 200 OK | 20 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/2.png IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hash29e59d546ce5ae8ef7dba842b2a93cb6 ad6fa56bc8b02f5c697f3f9c457e4cefcf3b088e 7282399c604f5d63aa3a3ccb461a7b89964b39fae7d9d6319d711725515c12c3
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/2.png HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: image/png
content-length: 20427
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: "6401edbf-4fcb"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O4TAJU%2BUMRr1o4W6OUGt%2FCb8xYdlqUvkl8BREosovvqqtqM9MPBPUnslJZNLRdHbXHNHtpRQ5HgeWell6DedHP4IGkxtoxyKAkFs%2FxVOWARKyRPSsHx7wCV%2BxlIZZX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee6ea756b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/4.png | 172.67.189.240 | 200 OK | 21 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/4.png IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hash934c63c3e8976cc9027841f7ce2882ac 2ac18b90d4fc9db479b8b81d8794830b3c4cc925 9a7be3a1c85923f27bae697630751463b35225e043a2a2fdb5d40425b23eb2d0
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/4.png HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: image/png
content-length: 20738
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: "6401edbf-5102"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vY0xw9bEiBVgHepVJECopisSyGLMQ%2F42GMSJqo7RdVXKfpPU0Zz5EvD2lazkUrcYNeBC2NQWlwh2uJDXGcjmaBzOXTlXZztMD7wjd9Qv7m1SfhxQXcL5AI3jr130HgY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee6eaf56b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/8.png | 172.67.189.240 | 200 OK | 22 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/8.png IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hash9634b826e90a6e95ed9e94979a94c7d1 5c870a8212826fdde281a72c17f36bdec5ebe18d 324942873b96e25417a34702624cbf95d3642add9a38b42a1d88c5498e3888db
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/8.png HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: image/png
content-length: 21765
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: "6401edbf-5505"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JL7Ku6AINEdj3B3gRuHVErsMb4TpnnWqKJQh7NhVR%2BemMvKXvNfB0wQGa84eiOq%2FCbXUL4%2BMVAAshR%2FH3efczAdTDnxfVLOMo%2FIZv2MMPw%2FNI%2BhXuw4lgCyAf9Gt33E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee7ec756b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/3.png | 172.67.189.240 | 200 OK | 21 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/3.png IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hash3f1d16a48e13d4ec00c13d4822b37c8f 757621298ffb8b44eabae9966db367fd505a9f24 49cf854f9509eff14d9af023bdc0a4d5f6ef8d535ba65fc2a3e6f576935250c1
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/3.png HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: image/png
content-length: 21081
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: "6401edbf-5259"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bm6RDOr9JR8wNeA%2Bw2DBjtvYbNzy%2FjUoCPfFcmUwYp2joiqG09x%2BzrzPHe0KZHOGUF0MWVjPq6y9%2BAtim3zeN%2F4MqmRxkDQdH7ZjlJKIgFbd%2BhTSFJxBKX4BDMCm5XA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee6eab56b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| push-sdk.net/f/sdk.js?z=1169213 | 178.63.248.56 | 200 OK | 15 kB |
URL GET HTTP/2push-sdk.net/f/sdk.js?z=1169213 IP178.63.248.56:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectpush-sdk.net FingerprintEF:07:FF:9E:FF:54:65:75:76:5D:48:DC:E3:45:59:45:0B:9A:86:95 ValiditySun, 14 Apr 2024 03:34:59 GMT - Sat, 13 Jul 2024 03:34:58 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (53344), with no line terminators Hashdf17f9793d0bbfbec3c9285f3dcc6200 12f0459f4095371bee63e6dd5f04ea9451cff933 1c60c387936024b9abb1b2514bba07be7725ffad25903c7faf23eecb61e222d7
GET /f/sdk.js?z=1169213 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Angie
date: Fri, 10 May 2024 08:37:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 14884
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F | 172.67.189.240 | 200 OK | 90 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: application/octet-stream
content-length: 89501
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: "6401edbf-15d9d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rQsCHEMc6xX74wnpyXTjuEmcQgrULllx7KZOdlaalRbZ9px1biSnovoKwsu9E2y5Dw3vBkrNYmR37bVuEfoQnoJO3tFhhdFFHga6Qe9TVqDRcG6gITfO6LKgpcjaFsI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88189aee5e9256b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/arprize.png | 172.67.189.240 | 200 OK | 58 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/arprize.png IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typePNG image data, 212 x 186, 8-bit/color RGBA, non-interlaced Hash5f80643811b2ab458d3f36cc2dac2e66 eeaee9e449dd2964bdc0d65e9193791de6410225 a5d88103e55770fdcc60f24e509d65f4ebf2b85949b0e8f420e63afa60df9562
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/arprize.png HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: image/png
content-length: 58151
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: "6401edbf-e327"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YlbQ10XhvffmVY6ABvc7pb2sf7dViDz7iznDm3iaoKYV%2B8T5W8UWRNJyla3h1SfC%2FHpl0xW0WqYUSiwfLB0hPd3zHPLDKz4IVhY0v%2FDZ5XvYQq6MW22%2B6TIh3zW%2BRYw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee6ea556b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/aespinner.png | 172.67.189.240 | 200 OK | 126 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/aespinner.png IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typePNG image data, 567 x 567, 8-bit/color RGBA, non-interlaced Size126 kB (126108 bytes) Hashe5f969c1532c1f9aac059f8a531db3c7 1b0798cfb4aa87c49deeaff3b2b846a6b687b5d7 c1d88f2a0c42fc191f0d11324143c441fd6bc7dadc004894d03d5f13d01f6482
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/aespinner.png HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: image/png
content-length: 126108
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: "6401edbf-1ec9c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Thb9b4dL3SKEHWp9m66TaR022dkTuHBpKcDwNzVfaGDtgP5CoAcywsQdj56AeMUHej%2Bi44d956ThGY%2FSV1HV9lyLcx3se4KuM%2BM9XFC3wd3TcXWwEkxRpn0%2Br%2FemHyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee6ea256b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bujerdaz.com/zone?&pub=0&zone_id=6229059&is_mobile=false&domain=blitropit.ru&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=43f50b14-cab3-4288-8898-88e0a27c2c8b&action=prerequest | 139.45.197.250 | 200 OK | 0 B |
URL POST HTTP/2bujerdaz.com/zone?&pub=0&zone_id=6229059&is_mobile=false&domain=blitropit.ru&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=43f50b14-cab3-4288-8898-88e0a27c2c8b&action=prerequest IP139.45.197.250:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectbujerdaz.com Fingerprint0C:8C:A0:AE:3A:F2:8E:BC:C9:F8:38:17:34:12:6E:06:46:3D:35:A3 ValidityMon, 15 Apr 2024 05:19:24 GMT - Sun, 14 Jul 2024 05:19:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6229059&is_mobile=false&domain=blitropit.ru&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=43f50b14-cab3-4288-8898-88e0a27c2c8b&action=prerequest HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blitropit.ru
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:37:04 GMT
content-length: 0
x-trace-id: a841c2fe9e4a9271cd24ce82ff650696
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://blitropit.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| push-sdk.net/event?z=1169213 | 178.63.248.56 | 200 OK | 0 B |
URL POST HTTP/2push-sdk.net/event?z=1169213 IP178.63.248.56:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectpush-sdk.net FingerprintEF:07:FF:9E:FF:54:65:75:76:5D:48:DC:E3:45:59:45:0B:9A:86:95 ValiditySun, 14 Apr 2024 03:34:59 GMT - Sat, 13 Jul 2024 03:34:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event?z=1169213 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 83
Origin: https://blitropit.ru
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Angie
date: Fri, 10 May 2024 08:37:04 GMT
content-length: 0
access-control-allow-origin: https://blitropit.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/style_1.css | 172.67.189.240 | 200 OK | 504 B |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/style_1.css IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
Hashaeeab2630c39a71f8e1eee99a5656447 a2bc41036e95a6fea805f21bb1bc4fb1c85f0da6 6d48264f8f970c6af2611d5244238cdbd602c1c1b714d4f16b9940a3a470d49b
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/style_1.css HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 10 May 2024 08:37:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=360bDvhb9hbc%2F3JVToy0WzvZ68pQli%2Bn8j22oYTiUhe5oc2k%2BCnI35hYHGtMWNIw6%2Bvlzj%2F6Cp4hyeY26dyzQYFHQJMSAklsgeHLp%2FzlaW7toWpiPp6133TdVX1mhDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee6ea056b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/sweetalert.css | 172.67.189.240 | 200 OK | 4.1 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/sweetalert.css IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
Hash2c192b2dd454462bc2b603c4ca2acff8 6d9682def497402ff0aac4f4bd996023cd8c08e5 428853c65b817995a479a49ab30c7ab7b6c15e689bcd2041d3632b4213e48f72
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/sweetalert.css HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: text/css
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: W/"6401edbf-5065"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PVxGG0XSKNSQQko%2FDs4sVNvu6T8RwlivzC5nvsAIhExSF%2BXSjK%2F63igDJNDwMFrMF6P%2BtarpKwAbYf9u7iCrXJzoiax0b23yeObYiqHvkzpErjVBaA2bqBXyu631PKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee5e9b56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 505
Origin: https://blitropit.ru
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:37:04 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 91a27be18fe12ea82853a4900e0996a9
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://blitropit.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 507
Origin: https://blitropit.ru
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:37:04 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 172d59b1076514ba3797ee4c76338297
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://blitropit.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 508
Origin: https://blitropit.ru
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:37:04 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 2ce458830ba1a79a4386ffd1f74a3457
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://blitropit.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://blitropit.ru/
Origin: https://blitropit.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:37:04 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://blitropit.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashb4b0ccd3218711ffb85eaa69a2af11de 0e10e4005cd6865986716846ce1f18687b897547 4e648a81f9c01382788436d44441dbc7848c8eabe5be4b82e74120fabeb81234
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blitropit.ru/
Content-Type: application/json
Content-Length: 1130
Origin: https://blitropit.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:37:04 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://blitropit.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| blitropit.ru/landers/lpz/lpfiles/cassandra/Binomo/NewVariation/vvloq33mfjb.jpg | 172.67.189.240 | 200 OK | 176 B |
URL GET HTTP/3blitropit.ru/landers/lpz/lpfiles/cassandra/Binomo/NewVariation/vvloq33mfjb.jpg IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
Hash3d324030158c955af355fb439e31561c 1902704d65c95eb4d58484878b5613ca98bde567 ec7aed1830cc988b4605ad38717a7388b37af85ace6818b533ffe6b76cde3a0a
GET /landers/lpz/lpfiles/cassandra/Binomo/NewVariation/vvloq33mfjb.jpg HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 10 May 2024 08:37:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VPf5qyouABrrHa6Brf%2BKdETSaxD4Irv%2FX0Cgi6hL5PQwUE%2Bm3b8y1i5eekRViNcJ4ZnTNILyWF8mTvjBbH10sG5PeDGiVuwteGgsSYEg6GczV56DO%2FvwRtK5eKPJX%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189af0198b56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.163 | 200 OK | 1.8 kB |
URL GET HTTP/2www.gstatic.com/images/branding/product/2x/translate_24dp.png IP142.250.74.163:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 06:54:36 GMT
expires: Wed, 07 May 2025 06:54:36 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 265349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=888249&sid=332970&dm=blitropit.ru&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st | 31.204.132.207 | 200 OK | 0 B |
URL GET HTTP/2rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=888249&sid=332970&dm=blitropit.ru&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st IP31.204.132.207:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectrtb.pushdom.co Fingerprint12:C4:C5:EF:24:BE:28:31:C7:C1:45:E0:0F:F3:7E:9C:7F:5E:3E:30 ValidityMon, 01 Apr 2024 18:28:04 GMT - Sun, 30 Jun 2024 18:28:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pb/st?sctp=content-locker&m=ht&pid=888249&sid=332970&dm=blitropit.ru&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st HTTP/1.1
Host: rtb.pushdom.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Fri, 10 May 2024 08:37:05 GMT
content-type: text/html;charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2
|
|
| blitropit.ru/favicon.ico | 172.67.189.240 | 200 OK | 5.4 kB |
IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typeMS Windows icon resource - 1 icon, 39x34, 32 bits/pixel Hashdb884d3fed3f81d59e95e27707047c53 fd991a514b1284506bbbd229f4b067c3c7cc3ceb aab68489204839b0f8e37065417c542695e914b959927d0e3afd0d325e3787bc
GET /favicon.ico HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:05 GMT
content-type: image/x-icon
last-modified: Thu, 30 Aug 2018 21:25:42 GMT
etag: W/"5b8860d6-1606"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fr%2FVd6CAukdaEPf294ErxcLqfYru3OWdNpM6Q2mVHewpfh%2BK7AsLmPEFln8OzrK2MdEAV6NstVAb8JHvbiMH1hEFsSc1NauSmUkDSAgN4u7df%2FbGNOqFnUPcDsHKM%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189af31e7d56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=888249&siteid=332970&niche=llkkk | 5.200.15.239 | 200 OK | 97 kB |
URL GET HTTP/2richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=888249&siteid=332970&niche=llkkk IP5.200.15.239:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectrichinfo.co Fingerprint25:29:37:EE:41:C6:34:D2:D5:4C:10:A7:3F:D7:C5:E4:2E:7D:3B:2D ValidityMon, 25 Mar 2024 13:05:17 GMT - Sun, 23 Jun 2024 13:05:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /richpartners/push/js/rp-cl-ob.js?pubid=888249&siteid=332970&niche=llkkk HTTP/1.1
Host: richinfo.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Fri, 10 May 2024 08:37:04 GMT
content-type: application/x-javascript
x-amz-id-2: XOKkbn23Lp739fssoNkqLKEo0lPnpSFLC+N56CbQ5gi4TxCoJD6b0FNhLWRaez2XbL87XIvolvg=
x-amz-request-id: T7F09Q9QBW32KH6A
last-modified: Thu, 02 May 2024 10:22:54 GMT
etag: W/"48e0c66e13f063ffe401a275add23665"
x-amz-server-side-encryption: AES256
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} | 172.67.189.240 | 200 OK | 91 kB |
URL User Request GET HTTP/2blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} IP172.67.189.240:443
CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: text/html; charset=utf-8
set-cookie: uclick=9lzwb7a7wj; expires=Sat, 11-May-2024 08:37:04 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413; expires=Sat, 11-May-2024 08:37:04 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDWzSSNpr2KynB8OsgBfGrJG6Q2uckXxju7BDq5MreSRk7tzk2csy6nKOtLKn4fLEWc1OCuYMFYPQAoPcnLsx2aQdb9VAktrHmFafFERI%2FTiuDDABHV1nIvDQJz4L0A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88189aebbb0c5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| blitropit.ru/sw-check-permissions-5389c.js?zoneId=6229059 | 172.67.189.240 | 200 OK | 566 B |
URL GET HTTP/3blitropit.ru/sw-check-permissions-5389c.js?zoneId=6229059 IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typeASCII text, with very long lines (605), with no line terminators Hash758a0822d872e8669d2c36246b176efc 28eadf5d00be56d675c15a270ad4bcc14bcb0b6c 2f3e136a12ff17da63d8b51e906a188785a750374579e29be17b77eebf43a55b
GET /sw-check-permissions-5389c.js?zoneId=6229059 HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:05 GMT
content-type: application/javascript
last-modified: Thu, 17 Aug 2023 15:41:27 GMT
etag: W/"64de3fa7-236"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HpDaMWlt%2BDyj7jehIukEMmkfnQqdZBLYeme4cavE%2BrnTN1HiKhfMHqdUeZoF77gapBNJ%2FFgh2sNyoSrZyKsoe9ojG%2B0Dw8Jybj6XlGcr%2BgajQ1BFJMzYbKCNvL1bA%2FM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189af509ad56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,cyrillic-ext | 142.250.74.170 | 200 OK | 6.5 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,cyrillic-ext IP142.250.74.170:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (6710), with no line terminators Hash27d70578abc4b475d01cd56c519518ee aadd0e3953f365073c72f2b3f4765d383b2c18cf cec935fc767c70963d562bac50a1d13e2718663510b997b0138cf4fbd98e661c
GET /css?family=Roboto:400,300,700&subset=latin,cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 08:37:04 GMT
date: Fri, 10 May 2024 08:37:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/translateelement.css | 172.67.189.240 | 200 OK | 19 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/translateelement.css IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typeASCII text, with very long lines (18670) Hashda1ba9d9082da8ca5ed15d88b2e91fd8 c6f0b19f70b5e81eaba5e2d55c51602289053105 d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/translateelement.css HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: text/css
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: W/"6401edbf-4924"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HiJ60FkBehbpB1Pm%2BGgA9TrOv555uoWrMIGXR6e0Jl1y9eKAaL9oOUt599Q%2Bj%2BH1p9kmdS1XvnNJYeTzQJezyQ5Tysu6%2BjP%2Fasd78hzqpMCwWu2fxMFM9c%2Bp8AdJrDk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee5e8b56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/order_me.min.css | 172.67.189.240 | 200 OK | 4.4 kB |
URL GET HTTP/3blitropit.ru/landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/order_me.min.css IP172.67.189.240:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectblitropit.ru Fingerprint3F:B2:19:F3:75:0E:1D:81:7A:D5:0C:69:EC:19:D8:A1:D2:54:77:C2 ValiditySun, 14 Apr 2024 00:20:36 GMT - Sat, 13 Jul 2024 00:20:35 GMT
File typeASCII text, with very long lines (4419), with no line terminators Hash43b962de056d73c87b8088806c1651f9 8060857b86143778364bcb89beb10b2769c695ff aa2015a3ae6875552a351d2502d3705afd447cd7fe2842038e8a8bb97e77e1a7
GET /landers/forex_app_v5new_ht/v5/v5new/Congratulations!_files/order_me.min.css HTTP/1.1
Host: blitropit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=9lzwb7a7wj; uclickhash=9lzwb7a7wj-9lzwb7a7wj-175mbl-0-h9a9i4-g5myfe-g5scdz-e7c413
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 08:37:04 GMT
content-type: text/css
last-modified: Fri, 03 Mar 2023 12:53:19 GMT
etag: W/"6401edbf-1141"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2oRrJ9W%2B82jYdfDej7VYz6xwGKDTYwCRuqga08JPLvbkxB1nYT6NWFwBY%2BYIHJh27K4TALnNWekr7CaEzRARzWwVdhAODTxmIpYduCb1kJvK7JQChisKKOdo6hFAjK8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88189aee5e9956b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| s3.eu-west-2.amazonaws.com/doplay/lp_images_design/prelps_LPCreator/giftbox_game/like.png | 52.95.149.16 | 200 OK | 175 B |
URL GET HTTP/1.1s3.eu-west-2.amazonaws.com/doplay/lp_images_design/prelps_LPCreator/giftbox_game/like.png IP52.95.149.16:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerAmazon Subject*.s3.eu-west-2.amazonaws.com Fingerprint57:F8:7D:73:9D:60:C9:98:62:89:08:AE:C0:82:1D:70:41:3B:6B:90 ValidityThu, 25 Apr 2024 00:00:00 GMT - Mon, 21 Apr 2025 23:59:59 GMT
File typePNG image data, 13 x 12, 4-bit colormap, non-interlaced Hash7f5f867f5a1cc4c7f1bee43696ea4af9 2dfcae77833aa29271c69009dc617688fcfbea0e 2afc36927f6530f2e793065e7e077ddba745cf85dd81eedf5633025ba80924bd
GET /doplay/lp_images_design/prelps_LPCreator/giftbox_game/like.png HTTP/1.1
Host: s3.eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: mKY55xeltk1rOrs9SBAq3G1ehLqAl9Whz5VjE/Iao+SoKYGUnLB/84lyE1IWcNjNB0lJHdLIlKE=
x-amz-request-id: T9T1N8D7DVH0XFMW
Date: Fri, 10 May 2024 08:37:05 GMT
Last-Modified: Tue, 20 Nov 2018 15:26:43 GMT
ETag: "7f5f867f5a1cc4c7f1bee43696ea4af9"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 175
|
|
| bujerdaz.com/pfe/current/micro.tag.min.js?z=6229059&sw=/sw-check-permissions-5389c.js | 139.45.197.250 | 200 OK | 37 kB |
URL GET HTTP/2bujerdaz.com/pfe/current/micro.tag.min.js?z=6229059&sw=/sw-check-permissions-5389c.js IP139.45.197.250:443
Requested byhttps://blitropit.ru/click.php?key=x3f3vvxzj64ekrvpar8s&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectbujerdaz.com Fingerprint0C:8C:A0:AE:3A:F2:8E:BC:C9:F8:38:17:34:12:6E:06:46:3D:35:A3 ValidityMon, 15 Apr 2024 05:19:24 GMT - Sun, 14 Jul 2024 05:19:23 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?z=6229059&sw=/sw-check-permissions-5389c.js HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blitropit.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:37:04 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:53 GMT
etag: W/"662a3515-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|