| ww16.best-targeted-traffic.com/img.sedoparking.com/images/js_preloader.gif | 64.190.63.136 | | 0 B |
URL ww16.best-targeted-traffic.com/img.sedoparking.com/images/js_preloader.gif IP64.190.63.136:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img.sedoparking.com/images/js_preloader.gif HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww16.best-targeted-traffic.com/checkin.php?unq=10r42441227aomuska&version=1.7&pais=Unknown&sub1=20240505-0731-197b-810e-d9807abebbbe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 441 No Reason Phrase
date: Sat, 04 May 2024 22:04:48 GMT
server: NginX
content-length: 0
X-Firefox-Spdy: h2
|
|
| ww16.best-targeted-traffic.com/search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTcxNDg2MDI4NzM4YWVlM2I1NzQ4N2E1MjlkMWFiZTI4YmRlNDVlZmIz&crc=e8a2c19604411612bca495d990d1ff35a80640b1&cv=1 | 64.190.63.136 | | 0 B |
URL ww16.best-targeted-traffic.com/search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTcxNDg2MDI4NzM4YWVlM2I1NzQ4N2E1MjlkMWFiZTI4YmRlNDVlZmIz&crc=e8a2c19604411612bca495d990d1ff35a80640b1&cv=1 IP64.190.63.136:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTcxNDg2MDI4NzM4YWVlM2I1NzQ4N2E1MjlkMWFiZTI4YmRlNDVlZmIz&crc=e8a2c19604411612bca495d990d1ff35a80640b1&cv=1 HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww16.best-targeted-traffic.com/checkin.php?unq=10r42441227aomuska&version=1.7&pais=Unknown&sub1=20240505-0731-197b-810e-d9807abebbbe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 22:04:48 GMT
server: NginX
x-cache-miss-from: parking-7cbf88ff6b-tlz7g
x-powered-by: PHP/8.1.17
content-length: 0
X-Firefox-Spdy: h2
|
|
| ww16.best-targeted-traffic.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DfSxREHkHVFE_0&v=NzllM2I1YzQ0ODE1NTJjZjc3ODkzMDJiNDE0YzVhZjgJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM2YjBmZjI0Y2M5MS45MzIwNTEyMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM2YjBmZjI0Y2Y3Ni45MDIyNzYzNgkxNzE0ODYwMjg3CWFkXzYzXzA%3D&l=OAlkNzYzMDRlOTMzZDBlMDIwNWU0ZWQ3OTBjOWY3ZTFlNwkwCTM1CTAJYzM0MTYyMTFjNjEwOWJlODFjNTQxOTgyYWRjYTUxODkJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNzE0ODYwMjg3CTYuN0UtNQlOCTAJMQkxNTEyCTEyMDUJMjY1MTA2NjMJOTEuOTAuNDIuMTU0CTE%253D | 64.190.63.136 | 302 Found | 0 B |
URL User Request GET HTTP/2ww16.best-targeted-traffic.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DfSxREHkHVFE_0&v=NzllM2I1YzQ0ODE1NTJjZjc3ODkzMDJiNDE0YzVhZjgJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM2YjBmZjI0Y2M5MS45MzIwNTEyMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM2YjBmZjI0Y2Y3Ni45MDIyNzYzNgkxNzE0ODYwMjg3CWFkXzYzXzA%3D&l=OAlkNzYzMDRlOTMzZDBlMDIwNWU0ZWQ3OTBjOWY3ZTFlNwkwCTM1CTAJYzM0MTYyMTFjNjEwOWJlODFjNTQxOTgyYWRjYTUxODkJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNzE0ODYwMjg3CTYuN0UtNQlOCTAJMQkxNTEyCTEyMDUJMjY1MTA2NjMJOTEuOTAuNDIuMTU0CTE%253D IP64.190.63.136:443
CertificateIssuerDigiCert Inc Subjectww16.best-targeted-traffic.com FingerprintCA:2F:D5:7E:14:60:28:CB:D2:9B:F8:10:84:0E:FA:23:F3:D2:72:A9 ValidityThu, 22 Feb 2024 00:00:00 GMT - Sat, 22 Feb 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DfSxREHkHVFE_0&v=NzllM2I1YzQ0ODE1NTJjZjc3ODkzMDJiNDE0YzVhZjgJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM2YjBmZjI0Y2M5MS45MzIwNTEyMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM2YjBmZjI0Y2Y3Ni45MDIyNzYzNgkxNzE0ODYwMjg3CWFkXzYzXzA%3D&l=OAlkNzYzMDRlOTMzZDBlMDIwNWU0ZWQ3OTBjOWY3ZTFlNwkwCTM1CTAJYzM0MTYyMTFjNjEwOWJlODFjNTQxOTgyYWRjYTUxODkJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNzE0ODYwMjg3CTYuN0UtNQlOCTAJMQkxNTEyCTEyMDUJMjY1MTA2NjMJOTEuOTAuNDIuMTU0CTE%253D HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww16.best-targeted-traffic.com/checkin.php?unq=10r42441227aomuska&version=1.7&pais=Unknown&sub1=20240505-0731-197b-810e-d9807abebbbe
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 22:04:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat, 04 May 2024 22:04:48 GMT
location: /search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DfSxREHkHVFE_0&v=NzllM2I1YzQ0ODE1NTJjZjc3ODkzMDJiNDE0YzVhZjgJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM2YjBmZjI0Y2M5MS45MzIwNTEyMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM2YjBmZjI0Y2Y3Ni45MDIyNzYzNgkxNzE0ODYwMjg3CWFkXzYzXzA%3D&l=OAlkNzYzMDRlOTMzZDBlMDIwNWU0ZWQ3OTBjOWY3ZTFlNwkwCTM1CTAJYzM0MTYyMTFjNjEwOWJlODFjNTQxOTgyYWRjYTUxODkJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNzE0ODYwMjg3CTYuN0UtNQlOCTAJMQkxNTEyCTEyMDUJMjY1MTA2NjMJOTEuOTAuNDIuMTU0CTE%253D
pragma: no-cache
server: NginX
x-cache-miss-from: parking-7cbf88ff6b-w8ldc
x-powered-by: PHP/8.1.17
content-length: 0
X-Firefox-Spdy: h2
|
|
| ww16.best-targeted-traffic.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DfSxREHkHVFE_0&v=NzllM2I1YzQ0ODE1NTJjZjc3ODkzMDJiNDE0YzVhZjgJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM2YjBmZjI0Y2M5MS45MzIwNTEyMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM2YjBmZjI0Y2Y3Ni45MDIyNzYzNgkxNzE0ODYwMjg3CWFkXzYzXzA%3D&l=OAlkNzYzMDRlOTMzZDBlMDIwNWU0ZWQ3OTBjOWY3ZTFlNwkwCTM1CTAJYzM0MTYyMTFjNjEwOWJlODFjNTQxOTgyYWRjYTUxODkJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNzE0ODYwMjg3CTYuN0UtNQlOCTAJMQkxNTEyCTEyMDUJMjY1MTA2NjMJOTEuOTAuNDIuMTU0CTE%253D | 64.190.63.136 | 302 Found | 313 B |
URL User Request GET HTTP/2ww16.best-targeted-traffic.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DfSxREHkHVFE_0&v=NzllM2I1YzQ0ODE1NTJjZjc3ODkzMDJiNDE0YzVhZjgJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM2YjBmZjI0Y2M5MS45MzIwNTEyMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM2YjBmZjI0Y2Y3Ni45MDIyNzYzNgkxNzE0ODYwMjg3CWFkXzYzXzA%3D&l=OAlkNzYzMDRlOTMzZDBlMDIwNWU0ZWQ3OTBjOWY3ZTFlNwkwCTM1CTAJYzM0MTYyMTFjNjEwOWJlODFjNTQxOTgyYWRjYTUxODkJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNzE0ODYwMjg3CTYuN0UtNQlOCTAJMQkxNTEyCTEyMDUJMjY1MTA2NjMJOTEuOTAuNDIuMTU0CTE%253D IP64.190.63.136:443
CertificateIssuerDigiCert Inc Subjectww16.best-targeted-traffic.com FingerprintCA:2F:D5:7E:14:60:28:CB:D2:9B:F8:10:84:0E:FA:23:F3:D2:72:A9 ValidityThu, 22 Feb 2024 00:00:00 GMT - Sat, 22 Feb 2025 23:59:59 GMT
File typeHTML document, ASCII text Hash39703ec6b61bed04d62226906657d323 0560b7f2ec4f94304cefd1cb441fb99956fa3dfe 6cc4f5b1f1c6c52162716f1e871ebd4809a9c751f95cba81ea38efb1a3480c18
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DfSxREHkHVFE_0&v=NzllM2I1YzQ0ODE1NTJjZjc3ODkzMDJiNDE0YzVhZjgJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM2YjBmZjI0Y2M5MS45MzIwNTEyMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM2YjBmZjI0Y2Y3Ni45MDIyNzYzNgkxNzE0ODYwMjg3CWFkXzYzXzA%3D&l=OAlkNzYzMDRlOTMzZDBlMDIwNWU0ZWQ3OTBjOWY3ZTFlNwkwCTM1CTAJYzM0MTYyMTFjNjEwOWJlODFjNTQxOTgyYWRjYTUxODkJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNzE0ODYwMjg3CTYuN0UtNQlOCTAJMQkxNTEyCTEyMDUJMjY1MTA2NjMJOTEuOTAuNDIuMTU0CTE%253D HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww16.best-targeted-traffic.com/checkin.php?unq=10r42441227aomuska&version=1.7&pais=Unknown&sub1=20240505-0731-197b-810e-d9807abebbbe
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 22:04:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat, 04 May 2024 22:04:48 GMT
location: https://xml.sedodna.com/click?i=fSxREHkHVFE_0
pragma: no-cache
server: NginX
x-cache-miss-from: parking-7cbf88ff6b-tlmzd
x-powered-by: PHP/8.1.17
X-Firefox-Spdy: h2
|
|
| recode.pw/ad?id=23970&impid=171486028736932&rkey=0&u=4158 | 66.232.112.84 | 302 Found | 81 B |
URL User Request GET HTTP/1.1recode.pw/ad?id=23970&impid=171486028736932&rkey=0&u=4158 IP66.232.112.84:443
CertificateIssuerGandi Subjectrecode.pw FingerprintC8:8F:EC:AA:B1:2F:FC:4D:94:CB:6C:4F:78:BA:BA:EC:FE:B2:FB:B4 ValiditySun, 26 Nov 2023 00:00:00 GMT - Tue, 26 Nov 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash8400dd3b0e497b28ff3d9a65549d4341 85b0620c47222640d8362efac8ec0d8fcc5475c0 d73e0aede66f19145ac1404e6417f892c4fb8889cd33d4a7cfdd00622dada8a8
GET /ad?id=23970&impid=171486028736932&rkey=0&u=4158 HTTP/1.1
Host: recode.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 22:04:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 81
Connection: keep-alive
Location: https://xml.yellow-resultsbidder.com/click?i=9thYGjsffmM_0
|
|
| xml.yellow-resultsbidder.com/click?i=9thYGjsffmM_0 | 198.134.116.29 | 302 Found | 0 B |
URL User Request GET HTTP/1.1xml.yellow-resultsbidder.com/click?i=9thYGjsffmM_0 IP198.134.116.29:443 ASN#27257 WEBAIR-INTERNET
CertificateIssuerLet's Encrypt Subjectyellow-resultsbidder.com FingerprintBC:AE:5D:E8:4C:F1:C3:73:17:2A:0B:3D:1E:B1:E7:9E:D7:3E:A8:9E ValidityMon, 29 Apr 2024 06:58:09 GMT - Sun, 28 Jul 2024 06:58:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=9thYGjsffmM_0 HTTP/1.1
Host: xml.yellow-resultsbidder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 22:04:49 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=619244&siteid=4158&cost=0.0006&conversion=qC8goHPddB0
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hashbcb5e2030839d617426a718327574572 4b36898b266b0f402ba560a4e0a92ec3b9342df3 98595a61ceeb5fa442b60001a7a283bef94219fe0e8872ac2ac8b63d92e399c5
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 22:04:50 GMT
Server: ECAcc (amb/6B61)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tvfc2uKQEPhZGdalVQvLJ4p9tbIanaYAIXUm2kKo9GwAfhWH0oIbrQ==
|
|
| track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=619244&siteid=4158&cost=0.0006&conversion=qC8goHPddB0 | 143.204.55.107 | 302 Found | 0 B |
URL User Request GET HTTP/2track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=619244&siteid=4158&cost=0.0006&conversion=qC8goHPddB0 IP143.204.55.107:443
CertificateIssuerAmazon Subjecttrack.jajaloop.com FingerprintB2:8B:F7:DA:FA:DB:BD:98:DB:88:6D:5F:F8:30:A6:60:19:63:73:FE ValidityWed, 17 Apr 2024 00:00:00 GMT - Fri, 16 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=619244&siteid=4158&cost=0.0006&conversion=qC8goHPddB0 HTTP/1.1
Host: track.jajaloop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
location: https://www.linkbux.com/track/b5b20v1WkH7yi3TVxNZSP_bZiP8BiX_bmVlpBSmwsA0XJAnB4zpMQWeZu6ygAKfBA4KJDLBkXLkA_c_c?url=http%3A%2F%2Fwww.dyrekassen.no&uid=w9karfobe6acfe2131vg6t9c&uid2=6354964
date: Sat, 04 May 2024 22:04:50 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: 717a0983-e961-4ed5-98dc-35fbb30c40f8-v4=eZoNlCyRRIp3bwPkTEiTBLxvxd93eMkQ4v_3nVumRIE; Max-Age=86400; Expires=Sun, 05-May-2024 22:04:50 GMT; Domain=track.jajaloop.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22w9karfobe6acfe2131vg6t9c%22%2C%22caid%22%3A%22717a0983-e961-4ed5-98dc-35fbb30c40f8%22%7D; Max-Age=31536000; Expires=Sun, 04-May-2025 22:04:50 GMT; Domain=track.jajaloop.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EXmyA-x7wjVu54AM_7HWKBwLF-a7VLfBMTta_EEsZZY2UYHBI6BWFA==
X-Firefox-Spdy: h2
|
|
| status.rapidssl.com/ | 192.229.221.95 | | 471 B |
IP192.229.221.95:0
Hash18f7ca4a281e08381291da6f23e3121b c11e0b6a35b2da1ee9583e76d7928b857b378a78 8fe774a744c4a8447e51765a8bad474b56a8248857d807714468a6c0ca935320
POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3562
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Sat, 04 May 2024 22:04:50 GMT
Last-Modified: Sat, 04 May 2024 21:05:28 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
|
|
| www.linkbux.com/track/b5b20v1WkH7yi3TVxNZSP_bZiP8BiX_bmVlpBSmwsA0XJAnB4zpMQWeZu6ygAKfBA4KJDLBkXLkA_c_c?url=http%3A%2F%2Fwww.dyrekassen.no&uid=w9karfobe6acfe2131vg6t9c&uid2=6354964 | 163.181.1.230 | 200 OK | 551 B |
URL User Request GET HTTP/1.1www.linkbux.com/track/b5b20v1WkH7yi3TVxNZSP_bZiP8BiX_bmVlpBSmwsA0XJAnB4zpMQWeZu6ygAKfBA4KJDLBkXLkA_c_c?url=http%3A%2F%2Fwww.dyrekassen.no&uid=w9karfobe6acfe2131vg6t9c&uid2=6354964 IP163.181.1.230:443 ASN#24429 Zhejiang Taobao Network Co.,Ltd
CertificateIssuerDigiCert Inc Subject*.linkbux.com Fingerprint85:43:2D:A8:86:CB:B4:03:47:26:A7:87:5A:80:9D:1E:E1:55:C2:92 ValidityWed, 26 Jul 2023 00:00:00 GMT - Thu, 08 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text Hashf9bc45aaf3fd2310b3c895cff32f2f80 aa01e7d51be006393042a4b3c433149ecf3c6c2b f196c1af6a8e390afb205c9520e7db496ee3f62ce55571b5ad0ba0773fb43083
GET /track/b5b20v1WkH7yi3TVxNZSP_bZiP8BiX_bmVlpBSmwsA0XJAnB4zpMQWeZu6ygAKfBA4KJDLBkXLkA_c_c?url=http%3A%2F%2Fwww.dyrekassen.no&uid=w9karfobe6acfe2131vg6t9c&uid2=6354964 HTTP/1.1
Host: www.linkbux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 04 May 2024 22:04:50 GMT
Vary: Accept-Encoding
Set-Cookie: discuz_2132_saltkey=7oXof16C; expires=Mon, 03-Jun-2024 22:04:50 GMT; Max-Age=2592000; path=/; httponly
discuz_2132_lang=en; path=/
discuz_2132_lang=en; path=/
Content-Encoding: gzip
Via: cache37.l2us2[234,0], cache4.ru6[409,0]
Timing-Allow-Origin: *
EagleId: a3b5019817148602906774400e
|
|
| r.secprf.com/v1/redirect?url=http%3A%2F%2Fwww.dyrekassen.no&api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_4ziev61 | 63.33.119.172 | 403 Forbidden | 64 B |
URL User Request GET HTTP/2r.secprf.com/v1/redirect?url=http%3A%2F%2Fwww.dyrekassen.no&api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_4ziev61 IP63.33.119.172:443
CertificateIssuerLet's Encrypt Subjectlinksprf.com FingerprintFB:04:66:40:AF:53:56:65:25:C8:A3:54:2D:ED:20:75:A5:4C:EB:58 ValidityThu, 02 May 2024 08:32:50 GMT - Wed, 31 Jul 2024 08:32:49 GMT
Hash2cf2762c7678e63f365f102480deb859 4abcd8714f51ccfbfce3950b762f597c224c3bbc 901e1690e4a61824a7b8f5be4893d469e17b2f0b3706eef73142a5fe07c0c8ac
GET /v1/redirect?url=http%3A%2F%2Fwww.dyrekassen.no&api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_4ziev61 HTTP/1.1
Host: r.secprf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkbux.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Sat, 04 May 2024 22:04:51 GMT
content-type: application/json
content-length: 64
set-cookie: ykuid=c908374259464fee9f52057d49fba1fa; Path=/; Secure; Domain=.secprf.com; Max-Age=31536000; SameSite=None
JSESSIONID=5D42B570736DCC5FE299D75D0E5F8322; Path=/; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| xml.sedodna.com/click?i=fSxREHkHVFE_0 | 173.239.53.32 | 302 Found | 1.3 kB |
URL User Request GET HTTP/1.1xml.sedodna.com/click?i=fSxREHkHVFE_0 IP173.239.53.32:443 ASN#27257 WEBAIR-INTERNET
CertificateIssuerGlobalSign nv-sa Subject*.sedodna.com Fingerprint78:18:D6:75:22:5D:AC:2E:48:3D:D4:A3:BD:61:5D:01:30:A2:B3:72 ValidityWed, 27 Mar 2024 09:07:28 GMT - Mon, 28 Apr 2025 09:07:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=fSxREHkHVFE_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww16.best-targeted-traffic.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 22:04:48 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: http://recode.pw/ad?id=23970&impid=171486028736932&rkey=0&u=4158
|
|