| win2.icu/1/3/index.html?cid=812674848210825217&uid=8008272 | 172.67.203.143 | | 0 B |
URL win2.icu/1/3/index.html?cid=812674848210825217&uid=8008272 IP172.67.203.143:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/3/index.html?cid=812674848210825217&uid=8008272 HTTP/1.1
Host: win2.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 308 Permanent Redirect
date: Fri, 10 May 2024 05:56:24 GMT
content-length: 0
location: /1/3/?cid=812674848210825217&uid=8008272
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqOoAduYLJrQCmIaICaqiLKv0Lg2odi9UVjSmEus3bta6y82VgQrcLLSw0YkHJqXBzXtfagZ6Pm6%2FR4BCvQRparcVsDm%2BC%2B7%2BhDN100V6tOZdSTFhGMV8F7c4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8817af95ccf2569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| win2.icu/favicon.ico | 172.67.203.143 | | 0 B |
IP172.67.203.143:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: win2.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://win2.icu/1/3/?cid=812674848210825217&uid=8008272
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Fri, 10 May 2024 05:56:25 GMT
content-length: 0
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ciIT62Hyjhalglh1rLh7InxfZjvKxLs%2FdDScu9mgMGePQPtkLLrIwrd5ct%2B6%2B4u9r9JWFDHFDEfSdR12TkqWAnaLH3uL9bAlVXYNcaqBsPoN0RxIyKeaR2sCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 8817af9b08e056b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| push-sdk.net/f/sdk.js?z=1196578 | 23.88.8.123 | | 15 kB |
URL push-sdk.net/f/sdk.js?z=1196578 IP23.88.8.123:0 ASN#24940 Hetzner Online GmbH
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (53344), with no line terminators Hashdf17f9793d0bbfbec3c9285f3dcc6200 12f0459f4095371bee63e6dd5f04ea9451cff933 1c60c387936024b9abb1b2514bba07be7725ffad25903c7faf23eecb61e222d7
GET /f/sdk.js?z=1196578 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://win2.icu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Angie
date: Fri, 10 May 2024 05:56:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 14884
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| push-sdk.net/event?z=1196578 | 23.88.8.123 | | 0 B |
URL push-sdk.net/event?z=1196578 IP23.88.8.123:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event?z=1196578 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://win2.icu/
Content-Type: text/plain;charset=UTF-8
Content-Length: 83
Origin: https://win2.icu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Angie
date: Fri, 10 May 2024 05:56:25 GMT
content-length: 0
access-control-allow-origin: https://win2.icu
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2
|
|
| down2.sbs/1.html?cid=812674848210825217&uid=8008272&lp=4143 | 188.114.96.1 | | 0 B |
URL down2.sbs/1.html?cid=812674848210825217&uid=8008272&lp=4143 IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1.html?cid=812674848210825217&uid=8008272&lp=4143 HTTP/1.1
Host: down2.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://win2.icu/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 308 Permanent Redirect
date: Fri, 10 May 2024 05:56:29 GMT
content-length: 0
location: /1?cid=812674848210825217&uid=8008272&lp=4143
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ViqJVLv69i8thoB3RatZ2QLipyze%2FgzJEo6RAvvHfVkBES1qQYe9jWEELIP4oFzU2ljt%2FKHdScT3W4GJMNmwfZajCHO%2FXbKbannRkY2b0jfuBjo9L7qr9NnHplc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8817afb449d8b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| down2.sbs/favicon.ico | 188.114.96.1 | | 0 B |
IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: down2.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://down2.sbs/1?cid=812674848210825217&uid=8008272&lp=4143
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Fri, 10 May 2024 05:56:29 GMT
content-length: 0
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7lpjl1U%2FGY61luJotiPJ7LVSK2vPn3HARdW57Nh17VI80az6%2BIJ50%2F7agFojRHVOLXbsnt%2Bd1xmrSUoEFBBe5pzWCzmP1MntDc7XJeHAJa5lfvtWDQY5Mg09yfU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
server: cloudflare
cf-ray: 8817afb61f370b41-OSL
alt-svc: h3=":443"; ma=86400
|
|
| free.dkk9.com/favicon.ico | 65.60.58.178 | 200 OK | 1.2 kB |
URL GET HTTP/2free.dkk9.com/favicon.ico IP65.60.58.178:443
Requested byhttps://free.dkk9.com/?utm_medium=db2f465816bd5cba253c1c9f57de6f985f80b7e5&utm_campaign=QA_2f72d2&cid=812674848210825217&1=4143&np=2&2= CertificateIssuerLet's Encrypt Subjectfree.dkk9.com Fingerprint84:45:63:A3:35:E1:A3:37:E8:85:2F:91:3B:57:8C:42:50:26:AD:55 ValiditySat, 13 Apr 2024 03:24:03 GMT - Fri, 12 Jul 2024 03:24:02 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash91abe01116ab422c598e9c8af72cf4da 0f2815fe8e067d48537ad168225ab4674271fa27 b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
GET /favicon.ico HTTP/1.1
Host: free.dkk9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://free.dkk9.com/?utm_medium=db2f465816bd5cba253c1c9f57de6f985f80b7e5&utm_campaign=QA_2f72d2&cid=812674848210825217&1=4143&np=2&2=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 05:56:30 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Fri, 11 Aug 2023 10:37:02 GMT
etag: "64d60f4e-47e"
expires: Sat, 11 May 2024 05:56:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=604800; persist=1
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| app.monetizer.com/images/monetizer.png | 173.236.118.98 | 200 OK | 2.8 kB |
URL GET HTTP/2app.monetizer.com/images/monetizer.png IP173.236.118.98:443
Requested byhttps://free.dkk9.com/?utm_medium=db2f465816bd5cba253c1c9f57de6f985f80b7e5&utm_campaign=QA_2f72d2&cid=812674848210825217&1=4143&np=2&2= CertificateIssuerLet's Encrypt Subjectmonetizer.com Fingerprint57:55:9D:34:64:B5:26:CA:C4:DB:62:6E:6E:4F:30:D6:91:57:2E:35 ValidityMon, 08 Apr 2024 05:52:12 GMT - Sun, 07 Jul 2024 05:52:11 GMT
File typePNG image data, 150 x 149, 8-bit colormap, non-interlaced Hash03a4f7ed6a82302928cb627d8c4b7ba4 ee1470782b782b0b1d7e59616fe5d476c2ac08b2 a907a5abbd6b6e9435a8d503c6a9c05767fd296d59dd6e5fee73e6bc96a9f29c
GET /images/monetizer.png HTTP/1.1
Host: app.monetizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://free.dkk9.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 05:56:30 GMT
content-type: image/png
content-length: 2763
last-modified: Mon, 06 May 2024 13:49:09 GMT
etag: "6638dfd5-acb"
expires: Sat, 11 May 2024 05:56:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=604800; persist=1
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| free.dkk9.com/?utm_medium=db2f465816bd5cba253c1c9f57de6f985f80b7e5&utm_campaign=QA_2f72d2&cid=812674848210825217&1=4143&np=2&2= | 65.60.58.178 | 404 Not Found | 3.9 kB |
URL User Request GET HTTP/2free.dkk9.com/?utm_medium=db2f465816bd5cba253c1c9f57de6f985f80b7e5&utm_campaign=QA_2f72d2&cid=812674848210825217&1=4143&np=2&2= IP65.60.58.178:443
CertificateIssuerLet's Encrypt Subjectfree.dkk9.com Fingerprint84:45:63:A3:35:E1:A3:37:E8:85:2F:91:3B:57:8C:42:50:26:AD:55 ValiditySat, 13 Apr 2024 03:24:03 GMT - Fri, 12 Jul 2024 03:24:02 GMT
File typegzip compressed data, from Unix Hash06f19d3401bb6e5f25770fad0d599de3 b1438ae02ec3b54b9fbad4555ff47a493181f83b dcf5ea629a00f04f1700907c4e0b61c732c188e3ad21479cefd2a67e54029972
GET /?utm_medium=db2f465816bd5cba253c1c9f57de6f985f80b7e5&utm_campaign=QA_2f72d2&cid=812674848210825217&1=4143&np=2&2= HTTP/1.1
Host: free.dkk9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://down2.sbs/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Fri, 10 May 2024 05:56:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=604800; persist=1
content-encoding: gzip
X-Firefox-Spdy: h2
|
|