| protectingapplication.com/landers/for_mac_1/1/assets/css | 136.243.81.51 | 200 OK | 11 kB |
URL GET HTTP/2protectingapplication.com/landers/for_mac_1/1/assets/css IP136.243.81.51:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 CertificateIssuerLet's Encrypt Subjectprotectingapplication.com FingerprintA2:A2:D3:41:8B:E4:06:76:44:B2:A3:35:41:94:56:D7:4C:95:7A:4A ValidityThu, 04 Apr 2024 10:47:33 GMT - Wed, 03 Jul 2024 10:47:32 GMT
Hash5454cc941676226534a07ec5f8f6e888 55ff7c865d4dcd418dab3affe4521d64bbfe4f95 707f86fb8e996ca33be3a2871034cae28d069e3c42803d04c368465c668c409c
GET /landers/for_mac_1/1/assets/css HTTP/1.1
Host: protectingapplication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615
Cookie: uclick=q5xs8ra2ir; uclickhash=q5xs8ra2ir-q5xs8ra2ir-52a2-0-gxp2bl-fvb7fe-uotwvr-612467
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:24:21 GMT
content-type: application/octet-stream
content-length: 10732
last-modified: Fri, 15 Mar 2024 12:57:55 GMT
etag: "65f445d3-29ec"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: img-src https: data:; upgrade-insecure-requests
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| loadingscripts.com/progress_p/pwa_links/default_scripts/notification.js | 194.63.143.61 | 200 OK | 2.8 kB |
URL GET HTTP/1.1loadingscripts.com/progress_p/pwa_links/default_scripts/notification.js IP194.63.143.61:443 ASN#50113 NTX Technologies s.r.o.
Requested byhttps://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 CertificateIssuerLet's Encrypt Subjectloadingscripts.com Fingerprint68:58:92:29:16:78:CF:4C:B7:14:6E:86:39:61:E2:B9:E7:53:BF:D9 ValiditySun, 21 Apr 2024 06:35:52 GMT - Sat, 20 Jul 2024 06:35:51 GMT
File typeJavaScript source, ASCII text, with very long lines (2801), with no line terminators Hash01a2c61eb40ce8e341a0801f78da7735 1cb39b0674bc20c3208c16c53c131e74704759ed 03d593cbf7b72d3c70caedac0c0259330ce8b1a45b708e92e3f19245b6ca9929
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /progress_p/pwa_links/default_scripts/notification.js HTTP/1.1
Host: loadingscripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://protectingapplication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Tue, 07 May 2024 20:24:21 GMT
Content-Type: application/javascript
Content-Length: 2801
Last-Modified: Fri, 24 Mar 2023 17:31:52 GMT
Connection: keep-alive
Keep-Alive: timeout=10
ETag: "641dde88-af1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/style.css | 194.63.143.61 | 200 OK | 1.1 kB |
URL GET HTTP/1.1loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/style.css IP194.63.143.61:443 ASN#50113 NTX Technologies s.r.o.
Requested byhttps://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 CertificateIssuerLet's Encrypt Subjectloadingscripts.com Fingerprint68:58:92:29:16:78:CF:4C:B7:14:6E:86:39:61:E2:B9:E7:53:BF:D9 ValiditySun, 21 Apr 2024 06:35:52 GMT - Sat, 20 Jul 2024 06:35:51 GMT
Hash90cabd7a8ba3c5f17aa8041325222afd 18dddf46f9becdd62df462659c3949d34f1b6652 a5176431b7248a5c3a9314209c30b5ddc518043159c98190f97640df3c88682b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /progress_p/pwa_links/main/vpn/ios-widget-black/1/style.css HTTP/1.1
Host: loadingscripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://protectingapplication.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Tue, 07 May 2024 20:24:21 GMT
Content-Type: text/css
Last-Modified: Thu, 03 Aug 2023 09:24:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
ETag: W/"64cb7248-110e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
|
|
| loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/pwa_custom.js | 194.63.143.61 | 200 OK | 1.2 kB |
URL GET HTTP/1.1loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/pwa_custom.js IP194.63.143.61:443 ASN#50113 NTX Technologies s.r.o.
Requested byhttps://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 CertificateIssuerLet's Encrypt Subjectloadingscripts.com Fingerprint68:58:92:29:16:78:CF:4C:B7:14:6E:86:39:61:E2:B9:E7:53:BF:D9 ValiditySun, 21 Apr 2024 06:35:52 GMT - Sat, 20 Jul 2024 06:35:51 GMT
Hashf256ce864a814c15fe64303e0547592c 11fbcd921242131d3c6038149b7b3d301d6121eb 9f35b32d1443ad83c8615ca12eee6ee6a4593d90a26838337855e1acc363f2a8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /progress_p/pwa_links/main/vpn/ios-widget-black/1/pwa_custom.js HTTP/1.1
Host: loadingscripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://protectingapplication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Tue, 07 May 2024 20:24:21 GMT
Content-Type: application/javascript
Content-Length: 1191
Last-Modified: Tue, 05 Sep 2023 13:38:20 GMT
Connection: keep-alive
Keep-Alive: timeout=10
ETag: "64f72f4c-4a7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/bg_GIF.gif | 104.21.92.120 | 200 OK | 108 kB |
URL GET HTTP/3aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/bg_GIF.gif IP104.21.92.120:443
Requested byhttps://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 CertificateIssuerGoogle Trust Services LLC Subjectaureatedreams.com FingerprintF7:C0:A5:CD:BE:46:06:17:F5:FC:C8:D6:0C:59:8A:A9:8D:66:3A:4F ValidityTue, 19 Mar 2024 06:38:27 GMT - Mon, 17 Jun 2024 06:38:26 GMT
File typeGIF image data, version 89a, 720 x 300 Size108 kB (108273 bytes) Hasha6b212fa77f857e28d6c6818f0f835af 498dd97ca14ebbe60c14d92b42f19dea9002bf5d cbb959f194e072a173ee27e20aff979766b86fa16d0a8bf588677606979bc7ca
GET /downloadapp/vpn/default/video-player/1/assets/bg_GIF.gif HTTP/1.1
Host: aureatedreams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://protectingapplication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 20:24:21 GMT
content-type: image/gif
content-length: 108273
last-modified: Thu, 16 Nov 2023 10:02:48 GMT
etag: "6555e8c8-1a6f1"
cache-control: max-age=28800
cf-cache-status: HIT
age: 3076
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Woy4a7p7C33usOA2km8%2FANtq0oTkviX5NpA1BhJFElqJdkMaOBN2Tj4Kl3bSgYB52Fvi8X7OJemsxYZPNUcKDcGbk4u1T5oYhRBG8YYzw8T7s4Tp8gPgDx59M4eDZQtGU4ixOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803eee08ce9b4f7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/more.png | 194.63.143.61 | 200 OK | 1.7 kB |
URL GET HTTP/1.1loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/more.png IP194.63.143.61:443 ASN#50113 NTX Technologies s.r.o.
Requested byhttps://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 CertificateIssuerLet's Encrypt Subjectloadingscripts.com Fingerprint68:58:92:29:16:78:CF:4C:B7:14:6E:86:39:61:E2:B9:E7:53:BF:D9 ValiditySun, 21 Apr 2024 06:35:52 GMT - Sat, 20 Jul 2024 06:35:51 GMT
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hash0151c0d5cb6897fa5e55777e139e5c90 51beaa6c5ad3334eb134789a1e83e3e01481337d 16e6097a93e5dcd6061b6fedce354d7ec8dd8aaf02820b6a656443e7edcca1b7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /progress_p/pwa_links/main/vpn/ios-widget-black/1/more.png HTTP/1.1
Host: loadingscripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://protectingapplication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Tue, 07 May 2024 20:24:21 GMT
Content-Type: image/png
Content-Length: 1724
Last-Modified: Tue, 01 Aug 2023 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=10
ETag: "64c90777-6bc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/close.png | 194.63.143.61 | 200 OK | 13 kB |
URL GET HTTP/1.1loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/close.png IP194.63.143.61:443 ASN#50113 NTX Technologies s.r.o.
Requested byhttps://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 CertificateIssuerLet's Encrypt Subjectloadingscripts.com Fingerprint68:58:92:29:16:78:CF:4C:B7:14:6E:86:39:61:E2:B9:E7:53:BF:D9 ValiditySun, 21 Apr 2024 06:35:52 GMT - Sat, 20 Jul 2024 06:35:51 GMT
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hash8e61cf3dccea6ab862bfb51e362a1516 967f3b30680bd39126eeeb3b3c131833cb89ca51 cead1002bb2a8ef60efc22804d0ef0596b9e19a7362d40cde2d5a3a7c6b83668
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /progress_p/pwa_links/main/vpn/ios-widget-black/1/close.png HTTP/1.1
Host: loadingscripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://protectingapplication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Tue, 07 May 2024 20:24:21 GMT
Content-Type: image/png
Content-Length: 12752
Last-Modified: Tue, 01 Aug 2023 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=10
ETag: "64c90777-31d0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/alert.svg | 194.63.143.61 | 200 OK | 1.4 kB |
URL GET HTTP/1.1loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/alert.svg IP194.63.143.61:443 ASN#50113 NTX Technologies s.r.o.
Requested byhttps://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 CertificateIssuerLet's Encrypt Subjectloadingscripts.com Fingerprint68:58:92:29:16:78:CF:4C:B7:14:6E:86:39:61:E2:B9:E7:53:BF:D9 ValiditySun, 21 Apr 2024 06:35:52 GMT - Sat, 20 Jul 2024 06:35:51 GMT
File typeSVG Scalable Vector Graphics image Hash0ccc0731fc32e0d7176f5159dc3a9b3e e594c18e1a6a86b481ecc9ae54ee0a088a814b91 0f0834563aa719bde5e7c02f797289eac205c5511f4a35e1f0aad6bef6fbf666
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /progress_p/pwa_links/main/vpn/ios-widget-black/1/alert.svg HTTP/1.1
Host: loadingscripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://protectingapplication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Tue, 07 May 2024 20:24:21 GMT
Content-Type: image/svg+xml
Content-Length: 1433
Last-Modified: Tue, 01 Aug 2023 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=10
ETag: "64c90777-599"
Accept-Ranges: bytes
|
|
| aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/fav.png | 104.21.92.120 | 200 OK | 545 B |
URL GET HTTP/3aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/fav.png IP104.21.92.120:443
Requested byhttps://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 CertificateIssuerGoogle Trust Services LLC Subjectaureatedreams.com FingerprintF7:C0:A5:CD:BE:46:06:17:F5:FC:C8:D6:0C:59:8A:A9:8D:66:3A:4F ValidityTue, 19 Mar 2024 06:38:27 GMT - Mon, 17 Jun 2024 06:38:26 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hash418a1f510d301f62a0976ebcf9cda640 89b5dbdf41afda654ad9f95e1b2672ffe4c51c20 34ca666275595ea71b9787f7269141b947e95af772221947f5ddb060448ed77f
GET /downloadapp/vpn/default/video-player/1/assets/fav.png HTTP/1.1
Host: aureatedreams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://protectingapplication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 20:24:21 GMT
content-type: image/png
content-length: 545
last-modified: Thu, 16 Nov 2023 10:02:49 GMT
etag: "6555e8c9-221"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 605213
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H9j5O43tY3B3ZYN8cdGAJUhOQdcByWeabXT5mOptbBu5A5FfVhqFoMxWEmG3qIGgbb8dFGTiL4Nbbnuko96zvmwi9VF19k9eASJLlI%2BPG5jG%2FCZ%2B1K%2F9ze7SK%2F24RdF5%2Fa7EzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803eee16e60b4f7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/new_free.svg | 104.21.92.120 | 200 OK | 1.6 kB |
URL GET HTTP/2aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/new_free.svg IP104.21.92.120:443
Requested byhttps://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 CertificateIssuerGoogle Trust Services LLC Subjectaureatedreams.com FingerprintF7:C0:A5:CD:BE:46:06:17:F5:FC:C8:D6:0C:59:8A:A9:8D:66:3A:4F ValidityTue, 19 Mar 2024 06:38:27 GMT - Mon, 17 Jun 2024 06:38:26 GMT
File typeSVG Scalable Vector Graphics image Hashbbef52d8d1c012ba6d708c64c77c504d 8aabaf51c377dbad555b6593cb8246ed8289ed17 9ccc5d74202ba771479b9468f00f5fb297263d1eb1e8abaf9cee84365ac98380
GET /downloadapp/vpn/default/video-player/1/assets/new_free.svg HTTP/1.1
Host: aureatedreams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://protectingapplication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 20:24:21 GMT
content-type: image/svg+xml
last-modified: Thu, 16 Nov 2023 10:02:49 GMT
etag: W/"6555e8c9-623"
cache-control: max-age=28800
cf-cache-status: HIT
age: 3076
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8r1qds2f7ngVMKji976ge%2FXXjdN8GlAtCd3ZVQXee0YC%2BeBgMrSwwmGU0pjcyNFiapsu4gPsWv8%2FCebnGAf%2B5t5I5XBJSlcF9PheANenUp5WFTa0aBoaaQ3hL6rSLM2YrLS0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803eedd3dbc569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| protectingapplication.com/landers/for_mac_1/1/style.css | 136.243.81.51 | 200 OK | 7.2 kB |
URL GET HTTP/2protectingapplication.com/landers/for_mac_1/1/style.css IP136.243.81.51:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 CertificateIssuerLet's Encrypt Subjectprotectingapplication.com FingerprintA2:A2:D3:41:8B:E4:06:76:44:B2:A3:35:41:94:56:D7:4C:95:7A:4A ValidityThu, 04 Apr 2024 10:47:33 GMT - Wed, 03 Jul 2024 10:47:32 GMT
File typeASCII text, with very long lines (8005), with no line terminators Hashbd268d31391d6eb864e65cb12e3f6ff7 7f019bb89cc9f5902507fd7add1b8e1b95bf399b e2d5dc4b83604781c1b9aa6e221e0c02321f6e61306e72ab37c8015823a52561
GET /landers/for_mac_1/1/style.css HTTP/1.1
Host: protectingapplication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615
Cookie: uclick=q5xs8ra2ir; uclickhash=q5xs8ra2ir-q5xs8ra2ir-52a2-0-gxp2bl-fvb7fe-uotwvr-612467
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:24:21 GMT
content-type: text/css
last-modified: Fri, 15 Mar 2024 12:57:55 GMT
vary: Accept-Encoding
etag: W/"65f445d3-1c39"
expires: Thu, 06 Jun 2024 20:24:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| protectingapplication.com/landers/for_mac_1/1/assets/jquery-3.4.1.min.js | 136.243.81.51 | 200 OK | 88 kB |
URL GET HTTP/2protectingapplication.com/landers/for_mac_1/1/assets/jquery-3.4.1.min.js IP136.243.81.51:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 CertificateIssuerLet's Encrypt Subjectprotectingapplication.com FingerprintA2:A2:D3:41:8B:E4:06:76:44:B2:A3:35:41:94:56:D7:4C:95:7A:4A ValidityThu, 04 Apr 2024 10:47:33 GMT - Wed, 03 Jul 2024 10:47:32 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /landers/for_mac_1/1/assets/jquery-3.4.1.min.js HTTP/1.1
Host: protectingapplication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615
Cookie: uclick=q5xs8ra2ir; uclickhash=q5xs8ra2ir-q5xs8ra2ir-52a2-0-gxp2bl-fvb7fe-uotwvr-612467
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:24:21 GMT
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 12:57:55 GMT
vary: Accept-Encoding
etag: W/"65f445d3-15851"
expires: Tue, 07 May 2024 22:24:21 GMT
cache-control: max-age=7200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/loading.svg | 104.21.92.120 | 200 OK | 386 B |
URL GET HTTP/2aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/loading.svg IP104.21.92.120:443
Requested byhttps://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 CertificateIssuerGoogle Trust Services LLC Subjectaureatedreams.com FingerprintF7:C0:A5:CD:BE:46:06:17:F5:FC:C8:D6:0C:59:8A:A9:8D:66:3A:4F ValidityTue, 19 Mar 2024 06:38:27 GMT - Mon, 17 Jun 2024 06:38:26 GMT
File typeSVG Scalable Vector Graphics image Hashfb0d7c6792838b69dfa3f2e6307b4bc5 ffb3304847d17f3e10542489fb4a577db5e5a53c a543a597d7f74aff5c34c7e89005b541629313f9bb8a67910d5f776d500960c8
GET /downloadapp/vpn/default/video-player/1/assets/loading.svg HTTP/1.1
Host: aureatedreams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://protectingapplication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 20:24:21 GMT
content-type: image/svg+xml
last-modified: Thu, 16 Nov 2023 10:02:49 GMT
etag: W/"6555e8c9-182"
cache-control: max-age=28800
cf-cache-status: HIT
age: 3076
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VWk4U3SNV%2F%2FavvUAW11TdGYUuPY0zuztyEzmDvIItWlV6lLjYOgQtM5tiPXnsA%2BnEEyFI3OAkpXy%2FYUVhY%2FLMX5DZEdK8W0fA0MA5s0F%2B4mkXJtPcqgAGjW0H8asFXiCbTYiVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803eedd3dbd569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.170 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.170:443
Requested byhttps://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://protectingapplication.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 20:24:21 GMT
date: Tue, 07 May 2024 20:24:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 | 136.243.81.51 | 200 OK | 20 kB |
URL User Request GET HTTP/2protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 IP136.243.81.51:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectprotectingapplication.com FingerprintA2:A2:D3:41:8B:E4:06:76:44:B2:A3:35:41:94:56:D7:4C:95:7A:4A ValidityThu, 04 Apr 2024 10:47:33 GMT - Wed, 03 Jul 2024 10:47:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=811471965926731776&cost=0.000670&zoneid=7222987&campaignid=8007615 HTTP/1.1
Host: protectingapplication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:24:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: uclick=q5xs8ra2ir; expires=Wed, 08-May-2024 20:24:20 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=q5xs8ra2ir-q5xs8ra2ir-52a2-0-gxp2bl-fvb7fe-uotwvr-612467; expires=Wed, 08-May-2024 20:24:20 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-encoding: gzip
X-Firefox-Spdy: h2
|
|