| thubanoa.com/12?rnd=3541666941&z=7339052&b=20222250&c=7889033&var=&varid=0&d=https://kubiks.store/click?key=2c0d7f6ff4352dc902d3&zoneid={zoneid}&campaignid={campaignid}&device={device}&browser={browser}&os={os}&osversion={osversion}&country={country}&language={language}&isp={isp}&user_activity={user_activity}&cost={cost}&visitor_id=${SUBID}&cln=1&btp=7&rb=699R4IGHiT39CBa03sDt4ldERAnC4IRoOMY1BQbXIZNzcENf5EoUrpxzjvuu0vvX3L1F-cI5h8HeCc5VkZhA_RENxBGBwh_72lfoLnINio3HvHJydWpRbGmEVJ7UFE6PRYeaNf1ndZrqUJJ_Nebj0EKyhbN1FhxBmQLNqrS6ce5mGYFtnakh_2_kg4hgwKZ8xodqlmKVa_D2FbfIB_YRDyhD9PdBHinS_Ui7PFCqVEIpZsh3oR6OaZ0yBkuW70QOc4mnVt3-3TExE8eck9PvDhrV3V9LjM0MUpcTGb63M2m_OSl0j-mIUjxjSylo-nRiHwKkDDxatvmcVVT59s4Nl1GYg7SxQWPSnsXsjD-td-tPfTPOMXZyCZbMltgwSDUyDVI7tr3447FB-jp48jcJowDLQ_PFgwPnwcFE9h9VRp4B2BHC2_5ae2cT7scToih8kL0xEM4AOb2Rtew-feeloNMazG8oVWvprjSIQKGGBQFFuqwl2g_VhhcRkIJsi18Th4z1t-Bk4CegJhaTKGbSPwGXTDUdxRAJNesNz4ND12dD0qMipb4RPmoA1rJmFpfz-RvijrU1OvshkUmruWwUPYnB3Trzv7CWwh8RhPesPxlOfhHSQL7EFm21MuYQAqywhvs3JJv1DItwKHujwwrsF4J0QAI7xnhpArwnITBQ15lSIuptgkZoRw==&bag=9k3cCIOK913DWBAfv2PpmA==&ruid=287bcc16-c5e6-482b-bf49-e1a0b46bab5c&os=android&os_version=14&android_model=2201123G&browser_version=81.5.4292.78980&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=393&sh=873&pl=https://speci4leagle.com/spstream3.php?player=desktop&live=hdchnl6&wy=0&wx=0&ww=393&wh=762&cw=948&wiw=948&wih=1868&wfc=1&sah=873&drf=https://www.sports-stream.pro/&hil=1&ist=1&os=android&os_version=14&android_model=2201123G&browser_version=81.5.4292.78980&tbc=0 | 139.45.197.242 | 302 Found | 0 B |
URL User Request GET HTTP/2thubanoa.com/12?rnd=3541666941&z=7339052&b=20222250&c=7889033&var=&varid=0&d=https://kubiks.store/click?key=2c0d7f6ff4352dc902d3&zoneid={zoneid}&campaignid={campaignid}&device={device}&browser={browser}&os={os}&osversion={osversion}&country={country}&language={language}&isp={isp}&user_activity={user_activity}&cost={cost}&visitor_id=${SUBID}&cln=1&btp=7&rb=699R4IGHiT39CBa03sDt4ldERAnC4IRoOMY1BQbXIZNzcENf5EoUrpxzjvuu0vvX3L1F-cI5h8HeCc5VkZhA_RENxBGBwh_72lfoLnINio3HvHJydWpRbGmEVJ7UFE6PRYeaNf1ndZrqUJJ_Nebj0EKyhbN1FhxBmQLNqrS6ce5mGYFtnakh_2_kg4hgwKZ8xodqlmKVa_D2FbfIB_YRDyhD9PdBHinS_Ui7PFCqVEIpZsh3oR6OaZ0yBkuW70QOc4mnVt3-3TExE8eck9PvDhrV3V9LjM0MUpcTGb63M2m_OSl0j-mIUjxjSylo-nRiHwKkDDxatvmcVVT59s4Nl1GYg7SxQWPSnsXsjD-td-tPfTPOMXZyCZbMltgwSDUyDVI7tr3447FB-jp48jcJowDLQ_PFgwPnwcFE9h9VRp4B2BHC2_5ae2cT7scToih8kL0xEM4AOb2Rtew-feeloNMazG8oVWvprjSIQKGGBQFFuqwl2g_VhhcRkIJsi18Th4z1t-Bk4CegJhaTKGbSPwGXTDUdxRAJNesNz4ND12dD0qMipb4RPmoA1rJmFpfz-RvijrU1OvshkUmruWwUPYnB3Trzv7CWwh8RhPesPxlOfhHSQL7EFm21MuYQAqywhvs3JJv1DItwKHujwwrsF4J0QAI7xnhpArwnITBQ15lSIuptgkZoRw==&bag=9k3cCIOK913DWBAfv2PpmA==&ruid=287bcc16-c5e6-482b-bf49-e1a0b46bab5c&os=android&os_version=14&android_model=2201123G&browser_version=81.5.4292.78980&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=393&sh=873&pl=https://speci4leagle.com/spstream3.php?player=desktop&live=hdchnl6&wy=0&wx=0&ww=393&wh=762&cw=948&wiw=948&wih=1868&wfc=1&sah=873&drf=https://www.sports-stream.pro/&hil=1&ist=1&os=android&os_version=14&android_model=2201123G&browser_version=81.5.4292.78980&tbc=0 IP139.45.197.242:443
CertificateIssuerLet's Encrypt Subjectthubanoa.com FingerprintE0:CA:81:9D:74:D7:4D:52:6F:8D:5F:17:DE:B6:0D:43:1A:DC:79:0D ValidityFri, 09 Feb 2024 21:20:33 GMT - Thu, 09 May 2024 21:20:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /12?rnd=3541666941&z=7339052&b=20222250&c=7889033&var=&varid=0&d=https://kubiks.store/click?key=2c0d7f6ff4352dc902d3&zoneid={zoneid}&campaignid={campaignid}&device={device}&browser={browser}&os={os}&osversion={osversion}&country={country}&language={language}&isp={isp}&user_activity={user_activity}&cost={cost}&visitor_id=${SUBID}&cln=1&btp=7&rb=699R4IGHiT39CBa03sDt4ldERAnC4IRoOMY1BQbXIZNzcENf5EoUrpxzjvuu0vvX3L1F-cI5h8HeCc5VkZhA_RENxBGBwh_72lfoLnINio3HvHJydWpRbGmEVJ7UFE6PRYeaNf1ndZrqUJJ_Nebj0EKyhbN1FhxBmQLNqrS6ce5mGYFtnakh_2_kg4hgwKZ8xodqlmKVa_D2FbfIB_YRDyhD9PdBHinS_Ui7PFCqVEIpZsh3oR6OaZ0yBkuW70QOc4mnVt3-3TExE8eck9PvDhrV3V9LjM0MUpcTGb63M2m_OSl0j-mIUjxjSylo-nRiHwKkDDxatvmcVVT59s4Nl1GYg7SxQWPSnsXsjD-td-tPfTPOMXZyCZbMltgwSDUyDVI7tr3447FB-jp48jcJowDLQ_PFgwPnwcFE9h9VRp4B2BHC2_5ae2cT7scToih8kL0xEM4AOb2Rtew-feeloNMazG8oVWvprjSIQKGGBQFFuqwl2g_VhhcRkIJsi18Th4z1t-Bk4CegJhaTKGbSPwGXTDUdxRAJNesNz4ND12dD0qMipb4RPmoA1rJmFpfz-RvijrU1OvshkUmruWwUPYnB3Trzv7CWwh8RhPesPxlOfhHSQL7EFm21MuYQAqywhvs3JJv1DItwKHujwwrsF4J0QAI7xnhpArwnITBQ15lSIuptgkZoRw==&bag=9k3cCIOK913DWBAfv2PpmA==&ruid=287bcc16-c5e6-482b-bf49-e1a0b46bab5c&os=android&os_version=14&android_model=2201123G&browser_version=81.5.4292.78980&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=393&sh=873&pl=https://speci4leagle.com/spstream3.php?player=desktop&live=hdchnl6&wy=0&wx=0&ww=393&wh=762&cw=948&wiw=948&wih=1868&wfc=1&sah=873&drf=https://www.sports-stream.pro/&hil=1&ist=1&os=android&os_version=14&android_model=2201123G&browser_version=81.5.4292.78980&tbc=0 HTTP/1.1
Host: thubanoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 18 Apr 2024 08:00:14 GMT
content-length: 0
location: https://kubiks.store/click?key=2c0d7f6ff4352dc902d3
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 23bf243c323a67373c2fcdb30b174519
access-control-expose-headers: X-Sc
x-sc: AwteyfNN6GpakHmoCu9bnPkP81ZM566VFqf7jt-vYKeQYuQ4fN7inKMLPMnzk7kUTLJuhWmAAo59dbWTLzAEVw==
set-cookie: oaidcc=1; expires=Fri, 18 Apr 2025 08:00:14 GMT; secure; SameSite=None
CNT=2_dcdfa0182e2d4e85bfc16e6c20f34ad9-counters; expires=Thu, 18 Apr 2024 09:00:14 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| kubiks.store/click?key=2c0d7f6ff4352dc902d3 | 23.106.56.41 | 307 Temporary Redirect | 0 B |
URL User Request GET HTTP/2kubiks.store/click?key=2c0d7f6ff4352dc902d3 IP23.106.56.41:443 ASN#205544 Leaseweb Uk Limited
CertificateIssuerLet's Encrypt Subjectkubiks.store Fingerprint14:FA:D7:FB:2A:41:70:63:6D:18:9D:56:0A:C0:25:19:C2:AF:73:35 ValidityTue, 02 Apr 2024 09:59:45 GMT - Mon, 01 Jul 2024 09:59:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?key=2c0d7f6ff4352dc902d3 HTTP/1.1
Host: kubiks.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Thu, 18 Apr 2024 08:00:14 GMT
location: https://wabotot.com/click?key=f5ace223b998c6407053&partnerid=3&clickid=cogd63labvlc73dhheug&pubid=2&sourceid=1&sub1=&sub2={sub_2}&sub3={sub_3}&sub4={sub_4}&sub5={sub_5}&sub6={sub_6}&operatorName={operatorName}
server: Caddy
set-cookie: uclick=mr6MwlZVb4o11eeiamCYtJyUAiXJC7zm3X4hl8Y1yHmE+CgklRhqr9TOb/+a/bml/HyjhfM=; Max-Age=31536000; SameSite=Lax
bcid=cogd63labvlc73dhheug; Max-Age=31536000; SameSite=Lax
cid=cogd63labvlc73dhheug; Max-Age=31536000; SameSite=Lax
x-request-id: 016708d7-81a3-4c77-bc2e-ea8fffd608df
content-length: 0
X-Firefox-Spdy: h2
|
|
| wabotot.com/click?key=f5ace223b998c6407053&partnerid=3&clickid=cogd63labvlc73dhheug&pubid=2&sourceid=1&sub1=&sub2={sub_2}&sub3={sub_3}&sub4={sub_4}&sub5={sub_5}&sub6={sub_6}&operatorName={operatorName} | 188.114.97.1 | 307 Temporary Redirect | 0 B |
URL User Request GET HTTP/2wabotot.com/click?key=f5ace223b998c6407053&partnerid=3&clickid=cogd63labvlc73dhheug&pubid=2&sourceid=1&sub1=&sub2={sub_2}&sub3={sub_3}&sub4={sub_4}&sub5={sub_5}&sub6={sub_6}&operatorName={operatorName} IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectwabotot.com FingerprintB5:E5:28:8D:EE:F1:36:4D:5D:11:0E:D2:92:C8:94:26:38:62:20:3C ValiditySat, 23 Mar 2024 02:53:05 GMT - Fri, 21 Jun 2024 02:53:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?key=f5ace223b998c6407053&partnerid=3&clickid=cogd63labvlc73dhheug&pubid=2&sourceid=1&sub1=&sub2={sub_2}&sub3={sub_3}&sub4={sub_4}&sub5={sub_5}&sub6={sub_6}&operatorName={operatorName} HTTP/1.1
Host: wabotot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Thu, 18 Apr 2024 08:00:14 GMT
content-length: 0
location: https://trankingo.com/?utm_campaign=796&bclickid=cogd4kavrftc73a0bnf0&pclickid=cogd63labvlc73dhheug&partnerid=3&pubid=2&sourceid=1&sub1=&sub2={sub_2}&sub3={sub_3}&sub4={sub_4}&sub5={sub_5}&sub6={sub_6}
set-cookie: uclick=kb2Nkgteb9g11ODxbWCY4BUWrECOlf11CjV1hXomAEwJlSz3uEGySnJ0M+q1t06wdToSOhP3; Max-Age=31536000; SameSite=Lax
bcid=cogd4kavrftc73a0bnf0; Max-Age=31536000; SameSite=Lax
cid=cogd4kavrftc73a0bnf0; Max-Age=31536000; SameSite=Lax
x-request-id: 1eb36e1d-6b1f-44f7-aec0-61dfd92da4bd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OY8PC4xToPaR6xF5roOAUb%2BhBK7mtN%2BpTfjqVQUCBrpbypGsKtHKVubWY0LqQAQLObEpK4HWzxLZBqs7RruLnZaj28ixNiyTgOsUnlBVv2HWAGVl2irGQwCist6sZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87631eba3b5556ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.0.min.js | 151.101.130.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.0.min.js IP151.101.130.137:443
Requested byhttps://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6} CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tammashalands.com
DNT: 1
Connection: keep-alive
Referer: https://tammashalands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 08:00:15 GMT
age: 5884835
x-served-by: cache-lga21931-LGA, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 22, 98524
x-timer: S1713427215.383172,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/fonts/Roboto-Bold.woff2 | 188.114.96.1 | 200 OK | 66 kB |
URL GET HTTP/3tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/fonts/Roboto-Bold.woff2 IP188.114.96.1:443
Requested byhttps://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6} CertificateIssuerGoogle Trust Services LLC Subjecttammashalands.com FingerprintFA:97:D5:7F:79:D8:96:75:F8:5B:3E:82:14:76:BB:02:19:96:B2:C2 ValidityThu, 14 Mar 2024 04:13:21 GMT - Wed, 12 Jun 2024 04:13:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 65972, version 1.0 Hashf3a02e2578bee50e620e515912278bc9 168e9a9e4690ec3437a6a3087dd2f76fadc47888 4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741
GET /edc/general/cz/qwe/lp6_tr_nbfoit/fonts/Roboto-Bold.woff2 HTTP/1.1
Host: tammashalands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/css/style.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:00:15 GMT
content-type: application/octet-stream
content-length: 65972
last-modified: Tue, 20 Feb 2024 16:57:41 GMT
etag: "65d4da05-101b4"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3sNZHT4WrT9spVWp1qypSvj3XqnW8qdKBEz2qibI23TcOyom%2FByqF5SzsnuUhXOBKrj%2Fbxc7kNN%2ByIPLjW3WSICnmTPUjm9UZ1f00GJI0ad7NtJkZX%2B8qMCFTREfzgesSOS8Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87631ec02fcfb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/fonts/Roboto-Medium.woff2 | 188.114.96.1 | 200 OK | 67 kB |
URL GET HTTP/3tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/fonts/Roboto-Medium.woff2 IP188.114.96.1:443
Requested byhttps://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6} CertificateIssuerGoogle Trust Services LLC Subjecttammashalands.com FingerprintFA:97:D5:7F:79:D8:96:75:F8:5B:3E:82:14:76:BB:02:19:96:B2:C2 ValidityThu, 14 Mar 2024 04:13:21 GMT - Wed, 12 Jun 2024 04:13:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 66792, version 1.0 Hash50d01d3e6c994995bcaf829e63d53d1a c78884cb32e7b020971ffae746fe21d90502bcae 998b049e731114e2fa35d65f23fc6e6e153249a4ef328912e3c7c49546e2d207
GET /edc/general/cz/qwe/lp6_tr_nbfoit/fonts/Roboto-Medium.woff2 HTTP/1.1
Host: tammashalands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/css/style.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:00:15 GMT
content-type: application/octet-stream
content-length: 66792
last-modified: Tue, 20 Feb 2024 16:57:41 GMT
etag: "65d4da05-104e8"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXnpJT3yx%2F0PgqqtTJepP78yEsGMBco7nIeYu5%2FOveGz9Yk6yMwKR3aD%2BEhUz%2FI0KawlWtWmx3J9NRx3hrTGpltFcZxkD7%2FSvsoB6NkQDyCSeyhBghyM7yJBY%2BQL5df3WVcpzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87631ec01fccb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/fonts/Roboto-Light.woff2 | 188.114.96.1 | 200 OK | 66 kB |
URL GET HTTP/3tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/fonts/Roboto-Light.woff2 IP188.114.96.1:443
Requested byhttps://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6} CertificateIssuerGoogle Trust Services LLC Subjecttammashalands.com FingerprintFA:97:D5:7F:79:D8:96:75:F8:5B:3E:82:14:76:BB:02:19:96:B2:C2 ValidityThu, 14 Mar 2024 04:13:21 GMT - Wed, 12 Jun 2024 04:13:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 65512, version 1.0 Hashed4b08d2702fa26acc324ef1e89ae837 8237523ff588300ff5d2da67a20bce60701a14b8 b7647a0d506e3254bb9329e259cf95630bdc9795052c8ff8badaa428c5e9d7cb
GET /edc/general/cz/qwe/lp6_tr_nbfoit/fonts/Roboto-Light.woff2 HTTP/1.1
Host: tammashalands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/css/style.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:00:15 GMT
content-type: application/octet-stream
content-length: 65512
last-modified: Tue, 20 Feb 2024 16:57:41 GMT
etag: "65d4da05-ffe8"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cj2oa%2BzgqKKXGh6C63ZM5wybS58SJPIBJL2wWK2CBXOb3N9FcLiFu3NL6CuOmVp5VzRgq0QB7sVTgttb26z2swf5hH1gdBrihIUnw%2F4FDaGYgAnOFVQho7OgXU84PPkKxAZDuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87631ec02fd4b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/img/favicon.png | 188.114.96.1 | 200 OK | 803 B |
URL GET HTTP/3tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/img/favicon.png IP188.114.96.1:443
Requested byhttps://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6} CertificateIssuerGoogle Trust Services LLC Subjecttammashalands.com FingerprintFA:97:D5:7F:79:D8:96:75:F8:5B:3E:82:14:76:BB:02:19:96:B2:C2 ValidityThu, 14 Mar 2024 04:13:21 GMT - Wed, 12 Jun 2024 04:13:20 GMT
File typePNG image data, 12 x 16, 8-bit/color RGBA, non-interlaced Hash8ffed92ca432fd387f7e20cd780a0ef1 0697a68c6daa43ed0ef36e3411fb9a5f42f6b474 ef17bb5fb786296dbdf9da62b493552a4324e5a0eace6a625b086f01728077a5
GET /edc/general/cz/qwe/lp6_tr_nbfoit/img/favicon.png HTTP/1.1
Host: tammashalands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:00:15 GMT
content-type: image/png
content-length: 803
last-modified: Tue, 20 Feb 2024 16:57:40 GMT
etag: "65d4da04-323"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s2f8gVw8Ed8ahS9jDsX1pVgEO3L2bbhBS2DKuLslyHN%2FHDUIFok8SONeHhAQmBqcHcUk0xI5hJXk4XWcrri2MGzhKC9fdEavUTLBphUTU4MYNrc2DY5a0HW6F8RWMKetOJo8jg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87631ec0986eb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| trankingo.com/?utm_campaign=796&bclickid=cogd4kavrftc73a0bnf0&pclickid=cogd63labvlc73dhheug&partnerid=3&pubid=2&sourceid=1&sub1=&sub2={sub_2}&sub3={sub_3}&sub4={sub_4}&sub5={sub_5}&sub6={sub_6} | 104.21.52.175 | 302 Found | 9.0 kB |
URL User Request GET HTTP/2trankingo.com/?utm_campaign=796&bclickid=cogd4kavrftc73a0bnf0&pclickid=cogd63labvlc73dhheug&partnerid=3&pubid=2&sourceid=1&sub1=&sub2={sub_2}&sub3={sub_3}&sub4={sub_4}&sub5={sub_5}&sub6={sub_6} IP104.21.52.175:443
CertificateIssuerLet's Encrypt Subjecttrankingo.com Fingerprint6E:C7:3A:21:2D:C0:F3:6E:B1:4E:80:94:D9:22:9D:90:2D:1A:C8:7F ValidityTue, 02 Apr 2024 01:30:04 GMT - Mon, 01 Jul 2024 01:30:03 GMT
Hashac5df6abba703fced6eccd27f0d847fb fa499cc9bb75c17b8fd0a846ee6353661313fa37 7f6c9e4ce0fa4753047689e2f5a3cfb0444daf6306134d614746cc6248170fc1
GET /?utm_campaign=796&bclickid=cogd4kavrftc73a0bnf0&pclickid=cogd63labvlc73dhheug&partnerid=3&pubid=2&sourceid=1&sub1=&sub2={sub_2}&sub3={sub_3}&sub4={sub_4}&sub5={sub_5}&sub6={sub_6} HTTP/1.1
Host: trankingo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 18 Apr 2024 08:00:14 GMT
content-type: text/html; charset=UTF-8
location: https://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2Fd9HeJBTfF5jo3OfpmUXO3Q71GgftpGX0DmR5xgKKdVAZ3JKwYHveCQR20yly7OERZpaimKwe%2BRV%2FIfGlp4NdzqhtStVHjnpEPCiTmthK869610OveQRMCMiCLU6af7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87631ebb2bdeb518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tammashalands.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3tammashalands.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP188.114.96.1:443
Requested byhttps://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6} CertificateIssuerGoogle Trust Services LLC Subjecttammashalands.com FingerprintFA:97:D5:7F:79:D8:96:75:F8:5B:3E:82:14:76:BB:02:19:96:B2:C2 ValidityThu, 14 Mar 2024 04:13:21 GMT - Wed, 12 Jun 2024 04:13:20 GMT
File typeHTML document, ASCII text, with very long lines (1271), with no line terminators Hash40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: tammashalands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:00:15 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 08:31:34 GMT
etag: W/"661ce5e6-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YfwwIAvQm7a94R9OdufDQ4fu6tka7ShZemCdje0212agaqUnZ%2BSsRKhHB4rZstPkKXfHIdh%2FDCycAPef%2BXIx1fSzgQtc88jwGJ0KAeAraMaOjhbZZl2oPHpAM%2BIEoKXTW1AomA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87631ebf9eedb4fa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 20 Apr 2024 08:00:15 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/js/ajax-support.js | 188.114.96.1 | 200 OK | 1.8 kB |
URL GET HTTP/3tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/js/ajax-support.js IP188.114.96.1:443
Requested byhttps://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6} CertificateIssuerGoogle Trust Services LLC Subjecttammashalands.com FingerprintFA:97:D5:7F:79:D8:96:75:F8:5B:3E:82:14:76:BB:02:19:96:B2:C2 ValidityThu, 14 Mar 2024 04:13:21 GMT - Wed, 12 Jun 2024 04:13:20 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (1928), with no line terminators Hashad874e73ae7c662bfdaff5e442ca5a3b 1c20a9645a11ff4c005d0feb036ca9d42034300d 3ac71327a272511c37c3d80f2e5494170bbeaafd1d632624ed1a88ba8e42d6a6
GET /edc/general/cz/qwe/lp6_tr_nbfoit/js/ajax-support.js HTTP/1.1
Host: tammashalands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:00:15 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 16:57:39 GMT
vary: Accept-Encoding
etag: W/"65d4da03-6fc"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W59yXYmD8n8jwXxt0UEMiwPZUoZBPuNXZKFAaNgkyJJZuFD%2FXn1zKEClqHq25Ci5fP5QkOHHm2jo1Njiv%2Fbs0jGaM4GUeuFmpep%2F6GuF%2BHH3lGG5v1eQp4FRM%2BMoQhJaUUbEfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87631ebfaef5b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/css/style.min.css | 188.114.96.1 | 200 OK | 5.4 kB |
URL GET HTTP/3tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/css/style.min.css IP188.114.96.1:443
Requested byhttps://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6} CertificateIssuerGoogle Trust Services LLC Subjecttammashalands.com FingerprintFA:97:D5:7F:79:D8:96:75:F8:5B:3E:82:14:76:BB:02:19:96:B2:C2 ValidityThu, 14 Mar 2024 04:13:21 GMT - Wed, 12 Jun 2024 04:13:20 GMT
File typeASCII text, with very long lines (5390), with no line terminators Hash870f94b0ff7d45f32d25762db6985b4d 0234c3162713771a04ad2f09f86f375b9e64c3b9 b0f02a9fd47d5ad607899a1ed53cbc53595bcb09353c8c123010e3e38a225aa3
GET /edc/general/cz/qwe/lp6_tr_nbfoit/css/style.min.css HTTP/1.1
Host: tammashalands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:00:15 GMT
content-type: text/css
last-modified: Tue, 20 Feb 2024 16:57:37 GMT
vary: Accept-Encoding
etag: W/"65d4da01-1508"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lpGFIq4M0wXn8SL6Bhfw5BV1ucEsUjfkHXYFEECKj%2FVm%2FjLL0qLiPx4zh7SsQNSJ%2B7nLU%2F94VSFRIIKYL2d9fSWQcIYGa2oW0m3pDHxUSxSJBrZeZe4m%2Firjy4UMqRg4x89Vrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87631ebf9eebb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/js/getUrlParams.js | 188.114.96.1 | 200 OK | 927 B |
URL GET HTTP/3tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/js/getUrlParams.js IP188.114.96.1:443
Requested byhttps://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6} CertificateIssuerGoogle Trust Services LLC Subjecttammashalands.com FingerprintFA:97:D5:7F:79:D8:96:75:F8:5B:3E:82:14:76:BB:02:19:96:B2:C2 ValidityThu, 14 Mar 2024 04:13:21 GMT - Wed, 12 Jun 2024 04:13:20 GMT
File typeJavaScript source, ASCII text, with very long lines (1095), with no line terminators Hash30b6918102e24387fdf452d1f8f6fef6 cb527b9db3708d8de97302a867f2e60870f4d2f6 2acf5508511a2793fcba7361609fc72fc7168617a0baba4309b974a0c3541e8f
GET /edc/general/cz/qwe/lp6_tr_nbfoit/js/getUrlParams.js HTTP/1.1
Host: tammashalands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:00:15 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 16:57:39 GMT
vary: Accept-Encoding
etag: W/"65d4da03-39f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=06n9X7hpJxzqzEjqld87LvV6wHs3JwQRL266XW0k8nhq22QlJqPAUoDQ07grivCBxqxP5UJIKb0BXot1u%2BLz1wE1ZhnOT128s68CLNczLwsxPrnr26X7KD1mwgiPbRgjZYgM5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87631ebf9eecb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/js/ajax.min.js | 188.114.96.1 | 200 OK | 1.1 kB |
URL GET HTTP/3tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/js/ajax.min.js IP188.114.96.1:443
Requested byhttps://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6} CertificateIssuerGoogle Trust Services LLC Subjecttammashalands.com FingerprintFA:97:D5:7F:79:D8:96:75:F8:5B:3E:82:14:76:BB:02:19:96:B2:C2 ValidityThu, 14 Mar 2024 04:13:21 GMT - Wed, 12 Jun 2024 04:13:20 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (1178), with no line terminators Hash75cef6d4ad5dc82f8a56ff98fde2216e 0ad55c7c0d92d613aad70eea1e87ee80aae6bedd 9610a1ffea83689d4facb0d3d79222d69d7bdd37a489d6cc6369ab8cb1371dc9
GET /edc/general/cz/qwe/lp6_tr_nbfoit/js/ajax.min.js HTTP/1.1
Host: tammashalands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:00:15 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 16:57:38 GMT
vary: Accept-Encoding
etag: W/"65d4da02-474"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3W%2FaVLES9DI%2FhW8sOvjSOveJ2oCBEuF0ntc5qvsaJCV43FxBMh5QVJMouH4FO4u2XQjR%2BmxsgxmPvYwoncwQ3Kp0gCoxE81Q0LItdOJnTo13nyQX%2BAtM%2FxjjD%2BdqEgPeqROIBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87631ebfaef6b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6} | 188.114.96.1 | 200 OK | 5.5 kB |
URL User Request GET HTTP/2tammashalands.com/edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6} IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjecttammashalands.com FingerprintFA:97:D5:7F:79:D8:96:75:F8:5B:3E:82:14:76:BB:02:19:96:B2:C2 ValidityThu, 14 Mar 2024 04:13:21 GMT - Wed, 12 Jun 2024 04:13:20 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5759), with no line terminators Hash8f9d0fb9096a7e8c4652edac40df3685 43142bdde41d709d07eb5cd29b6e3ff97eff92d0 e156862df538a1ecef902a66d5cc50714b2aebaef4fdbe145773129f6786ae0a
GET /edc/general/cz/qwe/lp6_tr_nbfoit/?clickid=jc0wtq&trackingid=cogd4kavrftc73a0bnf0&affclickid=cogd63labvlc73dhheug&sub1=2&sub4={sub_3}&sub5={sub_4}&ssid={sub_6} HTTP/1.1
Host: tammashalands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 08:00:15 GMT
content-type: text/html
last-modified: Tue, 20 Feb 2024 16:57:37 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uMz2QGnhZEp00iSUnkVJdZbkr7oi0mvL3eYkLvjZLyLKEJT7gaTWYfQ6KsZ1W%2Fgk2GFE8Itv%2FmPU%2FVSWGP1GHuV4Zfrvn31%2BIPNplaA%2FvUuL7KUNUuu8Dj4F%2FQeQBFK1F17p2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87631ebdaf7db4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|