Report - ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js

Report Overview

Submitted URL
ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-19 12:06:27
Access
public
Website Title
4 вопроса 2 минуты
Final URL
ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-19	409 B	32 kB	151.101.130.137
ai-usmhigh.shop	unknown	unknown	2024-04-10	2024-04-10	5.2 kB	338 kB	188.114.97.1
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-19	1.9 kB	130 kB	104.17.24.14
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	3.2 kB	189 kB	142.250.74.163
ipinfo.io	8136	2013-04-23	2013-12-16	2024-04-18	914 B	2.3 kB	34.117.186.192
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-19	649 B	234 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-19 12:06:02	medium	Client IP	34.117.186.192	ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}&	3.4 kB	2024-04-19	2024-04-19
Pretty URL ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 14:06:35 Last Seen2024-04-19 14:06:35 Times Seen1 Hash ee2cbf22cfaac3298d9ae3960462f279 83351942095a67cfdd53c0622b35d0fc3039c790 a67bd5aae1dab34a932056a7e6d33c42130cedd4cd21689b8f0843e2010b9278 Loading...

	ipinfo.io/?callback=jQuery35109801268685460887_1713528362429&_=1713528362431	672 B	2024-04-19	2024-04-19
Pretty URL ipinfo.io/?callback=jQuery35109801268685460887_1713528362429&_=1713528362431 IP 34.117.186.192 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 14:06:35 Last Seen2024-04-19 14:06:36 Times Seen3 Hash ca72ed0860828c3a38da20f8d6c84e38 26e21322b9df9c60a3a13b79473ee4d5e3336083 36241877c14813e85d2c2f1787239a624adcd71ea703bc6852f8b85c05da1168 Loading...

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}&	2.6 kB	2024-04-19	2024-04-19
Pretty URL ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 14:06:35 Last Seen2024-04-19 14:06:35 Times Seen1 Hash 85efeccd5472fbc2c2ffce587a7510fa cb13c765724e4603b03f7173b6dc45c205f2f841 22352b3b4833c6c8a4b84cc12169867086aa8c63de82f86e7247264948465fee Loading...

	code.jquery.com/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-05-02
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-02 16:46:44 Times Seen140801 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}&	346 B	2023-10-24	2024-04-25
Pretty URL ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-24 10:27:57 Last Seen2024-04-25 15:57:38 Times Seen14 Hash bf42d00f0c1b2f879f5f7a7edff6a6a9 20e053f4eadfe0a4a0b6053bac2149ac240931ad bc2534b60e98bfd53848e8725661d633a7f9b338b7749b700cf0126fa7ece3a9 Loading...

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}&	181 B	2023-10-24	2024-04-25
Pretty URL ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-24 10:27:58 Last Seen2024-04-25 15:57:38 Times Seen15 Hash 566f72ef4f0884466ebf79e35836d442 08ee00c24fb40c37c349012c1d783878420e7017 dd670aea8e1647a11c98c6041804c0bb1cbf42c97c6f8f6817aed420288012d6 Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js	29 kB	2023-04-05	2024-05-01
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 15:31:11 Last Seen2024-05-01 12:32:50 Times Seen397 Hash caf7bdf0ce3f11830af1d3dd0dbf931e 958a4413837457b5e3b66ca292736de8286eafa8 b0de6c6e01a16a20bab373a1e7f7b5f3ad48d1b85210965d8c956319f8ac329f Loading...

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}&	313 B	2023-10-24	2024-04-25
Pretty URL ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-24 10:27:58 Last Seen2024-04-25 15:57:39 Times Seen15 Hash 82e215f76452464181f0fb541311a738 ade083329fa0227120cfde73d1db0c73a0ba7b72 c4aece060608d7c80625767c5a36100e14000efae01c0f56741047a5b8888fa8 Loading...

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/	0 B	2023-03-07	2024-05-02
Pretty URL ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-02 16:48:18 Times Seen37276019 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.min.js	244 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:42:50 Last Seen2024-04-25 15:57:39 Times Seen228 Hash e8a9b2127b0197d558dbbbcb99d80973 cb793f12ac3b8f7ac9cc69c9581bc2dc5d439ad5 cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6 Loading...

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}&	283 B	2024-04-19	2024-04-19
Pretty URL ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 14:06:36 Last Seen2024-04-19 14:06:36 Times Seen1 Hash a70296f698b76a03089efecc98562734 b2a4ab8ca22b924296321e24e8c2dcd0c235b92e e290d3464a7ffbaee1a9a87a00bc89f5d7f89ff093843814e4ae4fbc931598b3 Loading...

		Size	First Seen	Last Seen
	#1 Write - 1478239b70cc19845a5041f09eb2eb91	248 B	2024-04-19	2024-04-20
Pretty Observations First Seen2024-04-19 14:06:36 Last Seen2024-04-20 22:06:43 Times Seen2 Hash 1478239b70cc19845a5041f09eb2eb91 d690fc9c5c9368d24a65710c639f862fbae9e0b3 2ec39099eb6b6a118e6b5cd6b19f2fa097e3c9f35e0a9ecfde7ceb86879734ea Loading...

HTTP Transactions (23)

	URL	IP	Response	Size
	code.jquery.com/jquery-3.5.1.min.js	151.101.130.137	200 OK	31 kB
URL GET HTTP/2 code.jquery.com/jquery-3.5.1.min.js IP 151.101.130.137:443 ASN #54113 FASTLY Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/ Certificate IssuerSectigo Limited Subject.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65451) Size 31 kB (30879 bytes) Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d HTTP Headers `GET /jquery-3.5.1.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-15d84" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Fri, 19 Apr 2024 12:06:01 GMT age: 3485203 x-served-by: cache-lga21981-LGA, cache-hel1410020-HEL x-cache: HIT, HIT x-cache-hits: 36, 19743 x-timer: S1713528362.914999,VS0,VE0 vary: Accept-Encoding content-length: 30879 X-Firefox-Spdy: h2

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/	188.114.97.1	200 OK	31 kB
URL User Request GET HTTP/2 ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/ IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerLet's Encrypt Subjectai-usmhigh.shop Fingerprint9E:86:16:4B:AA:10:3C:56:D5:09:31:5B:4E:41:7F:C2:4D:19:E8:92 ValidityWed, 10 Apr 2024 16:48:45 GMT - Tue, 09 Jul 2024 16:48:44 GMT File type HTML document, Unicode text, UTF-8 text Size 31 kB (31265 bytes) Hash 6495ad119ad4ebc9459c145968eadaf4 df100abf7ea8c3e7ad96452c73c99d570009dc56 c478bc86446ffcd9bde901c5695df502e84434f0e69a18922f5390da46dba71b HTTP Headers GET /lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/ HTTP/1.1 Host: ai-usmhigh.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 19 Apr 2024 12:06:01 GMT content-type: text/html; charset=UTF-8 access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ezTovPYjMucwaMj4zY7FO6H87Y8okwsLbPDkUlM9%2F21H%2BsmZjWneIU3DKpebCtKGbpB69wZqzf3ilJYw5Pwz8yLPQLzpr5j%2FpexEfWgaCJHCHYZgd%2B8EpVvzlArFzDnzLmU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 876cc423ae7eb4fd-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js	104.17.24.14	200 OK	8.9 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (26997) Size 8.9 kB (8889 bytes) Hash f38113141ba37f6d39da0f22fb96702a bec789ca106293f96d2cf31285236398776b911e 64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd HTTP Headers `GET /ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 19 Apr 2024 12:06:02 GMT content-type: application/javascript; charset=utf-8 content-length: 8889 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5f902e0e-72d9" last-modified: Wed, 21 Oct 2020 12:48:14 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 745828 expires: Wed, 09 Apr 2025 12:06:02 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p3O5bl4Ygi7lsBSdi0jsM6mOvvuyNRjWyHEUWwJORdzIG66otUDorlSrp8ZkTswst511w4EzCAWpjoLI%2FchN%2BZyxNER1lKr5XO6PQU2QvxAUj%2Fk5ws%2BVezRNJ4StfH9ArxGjTSpi"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 876cc4277916b4f7-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.min.js	104.17.24.14	200 OK	44 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.min.js IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 44 kB (44414 bytes) Hash e8a9b2127b0197d558dbbbcb99d80973 cb793f12ac3b8f7ac9cc69c9581bc2dc5d439ad5 cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6 HTTP Headers `GET /ajax/libs/intl-tel-input/17.0.8/js/utils.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 19 Apr 2024 12:06:02 GMT content-type: application/javascript; charset=utf-8 content-length: 44414 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5f902e29-3b7cd" last-modified: Wed, 21 Oct 2020 12:48:41 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 327672 expires: Wed, 09 Apr 2025 12:06:02 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z7ZTgSYPUw87yyXm6QDpA%2BL09BGYQkqqC6gaPt%2B%2FlEbVNfLvbbUBwbHm5odSA4FzENvHsJxXBWH0b74BgaL7B9RkOKFsam%2BeSwsXbfZ2T%2B%2FwNdr5JxSyIRPnDbG2tEkiEn3HymlP"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 876cc427791cb4f7-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css	104.17.24.14	200 OK	2.0 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type ASCII text Size 2.0 kB (1970 bytes) Hash a69aa970266649e0b08c2cb4bc166568 d9314a52085a2bb6d284421bb18a4c546ecb73d4 ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491 HTTP Headers `GET /ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 19 Apr 2024 12:06:02 GMT content-type: text/css; charset=utf-8 content-length: 1970 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5f902e0e-62a6" last-modified: Wed, 21 Oct 2020 12:48:14 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 330573 expires: Wed, 09 Apr 2025 12:06:02 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tzaEnjTZQNvxUus9tv83eUincEViJzsz3nrOT3zHCfYmNq2GH0zBqLa1XB1wRvfI6846nqCJk%2BWahK677Pbm16QAWKiucVtTqea0e9ArdvX%2BsOq4tOQlEGb2taucpqUR1FwtXiAg"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 876cc427891eb4f7-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/logo.png	188.114.97.1	200 OK	13 kB
URL GET HTTP/3 ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/logo.png IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerLet's Encrypt Subjectai-usmhigh.shop Fingerprint9E:86:16:4B:AA:10:3C:56:D5:09:31:5B:4E:41:7F:C2:4D:19:E8:92 ValidityWed, 10 Apr 2024 16:48:45 GMT - Tue, 09 Jul 2024 16:48:44 GMT File type PNG image data, 807 x 324, 8-bit/color RGBA, non-interlaced Size 13 kB (13209 bytes) Hash 5f908901e20749b364d0f061c34e430b a05411e6cb008d3fbfe47440d251ce721073f84c adcc726ea7bffda30b0f77f6077a3408338a814ae146d15c9dd8b9c99b8e7138 HTTP Headers GET /lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/logo.png HTTP/1.1 Host: ai-usmhigh.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Cookie: subid=%7Bsubid%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 19 Apr 2024 12:06:02 GMT content-type: image/png content-length: 13209 last-modified: Wed, 21 Feb 2024 17:12:49 GMT etag: "65d62f11-3399" expires: Mon, 29 Apr 2024 12:06:02 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XbsfVD4NQzmAB%2BqpL8F2FValYDIXcNlMsZZjxKfabbEB%2FypEFWwcTW1UvpwSSPc854Fu%2BYq7porw54KuYcf7irQFLcCviWTmg9xzbXtVKgdJ8aHPhPyrRBogvg79VFcFHrQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 876cc4274a550b3d-OSL alt-svc: h3=":443"; ma=86400

	fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2	142.250.74.163	200 OK	33 kB
URL GET HTTP/2 fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP 142.250.74.163:443 ASN #15169 GOOGLE Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT File type Web Open Font Format (Version 2), TrueType, length 33092, version 1.0 Size 33 kB (33092 bytes) Hash 057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b HTTP Headers GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ai-usmhigh.shop DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 33092 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 16 Apr 2024 02:14:58 GMT expires: Wed, 16 Apr 2025 02:14:58 GMT cache-control: public, max-age=31536000 last-modified: Wed, 13 Sep 2023 22:51:58 GMT content-type: font/woff2 age: 294664 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	142.250.74.163	200 OK	48 kB
URL GET HTTP/2 fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 142.250.74.163:443 ASN #15169 GOOGLE Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0 Size 48 kB (48236 bytes) Hash 015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa HTTP Headers GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ai-usmhigh.shop DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 48236 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 16 Apr 2024 08:04:32 GMT expires: Wed, 16 Apr 2025 08:04:32 GMT cache-control: public, max-age=31536000 age: 273690 last-modified: Thu, 14 Dec 2023 02:08:40 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2	142.250.74.163	200 OK	27 kB
URL GET HTTP/2 fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 IP 142.250.74.163:443 ASN #15169 GOOGLE Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT File type Web Open Font Format (Version 2), TrueType, length 26736, version 1.0 Size 27 kB (26736 bytes) Hash 8404cfed82d322c1be8e149fd9f40eb8 3e3657246db3b889e68d520904ac294a230db56d 8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f HTTP Headers GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ai-usmhigh.shop DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 26736 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 18 Apr 2024 17:21:58 GMT expires: Fri, 18 Apr 2025 17:21:58 GMT cache-control: public, max-age=31536000 age: 67444 last-modified: Thu, 14 Dec 2023 02:00:28 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2	142.250.74.163	200 OK	33 kB
URL GET HTTP/2 fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP 142.250.74.163:443 ASN #15169 GOOGLE Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT File type Web Open Font Format (Version 2), TrueType, length 33092, version 1.0 Size 33 kB (33092 bytes) Hash 057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b HTTP Headers GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ai-usmhigh.shop DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 33092 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 16 Apr 2024 02:14:58 GMT expires: Wed, 16 Apr 2025 02:14:58 GMT cache-control: public, max-age=31536000 last-modified: Wed, 13 Sep 2023 22:51:58 GMT content-type: font/woff2 age: 294664 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2	142.250.74.163	200 OK	21 kB
URL GET HTTP/2 fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 IP 142.250.74.163:443 ASN #15169 GOOGLE Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT File type Web Open Font Format (Version 2), TrueType, length 21288, version 1.0 Size 21 kB (21288 bytes) Hash e648b4f809fa852297cf344248779163 ea6b174e3bca31d6d29b84ffbcbcc3749e47892e 637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758 HTTP Headers GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ai-usmhigh.shop DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 21288 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 18 Apr 2024 02:45:34 GMT expires: Fri, 18 Apr 2025 02:45:34 GMT cache-control: public, max-age=31536000 age: 120028 last-modified: Wed, 13 Sep 2023 22:43:52 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2	142.250.74.163	200 OK	21 kB
URL GET HTTP/2 fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 IP 142.250.74.163:443 ASN #15169 GOOGLE Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT File type Web Open Font Format (Version 2), TrueType, length 21288, version 1.0 Size 21 kB (21288 bytes) Hash e648b4f809fa852297cf344248779163 ea6b174e3bca31d6d29b84ffbcbcc3749e47892e 637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758 HTTP Headers GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ai-usmhigh.shop DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 21288 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 18 Apr 2024 02:45:34 GMT expires: Fri, 18 Apr 2025 02:45:34 GMT cache-control: public, max-age=31536000 age: 120028 last-modified: Wed, 13 Sep 2023 22:43:52 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ipinfo.io/?callback=jQuery35109801268685460887_1713528362429&_=1713528362430	34.117.186.192	200 OK	672 B
URL GET HTTP/2 ipinfo.io/?callback=jQuery35109801268685460887_1713528362429&_=1713528362430 IP 34.117.186.192:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerLet's Encrypt Subjectipinfo.io Fingerprint9D:3E:28:56:62:A9:9F:DE:23:E2:E3:28:72:EE:AE:0B:F3:A5:C0:63 ValidityTue, 05 Mar 2024 21:14:09 GMT - Mon, 03 Jun 2024 21:14:08 GMT File type JavaScript source, ASCII text, with very long lines (391) Size 672 B (672 bytes) Hash ca72ed0860828c3a38da20f8d6c84e38 26e21322b9df9c60a3a13b79473ee4d5e3336083 36241877c14813e85d2c2f1787239a624adcd71ea703bc6852f8b85c05da1168 HTTP Headers `GET /?callback=jQuery35109801268685460887_1713528362429&_=1713528362430 HTTP/1.1 Host: ipinfo.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.24.0 date: Fri, 19 Apr 2024 12:06:02 GMT content-type: text/javascript; charset=utf-8 content-length: 672 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 4 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap	142.250.74.74	200 OK	233 kB
URL GET HTTP/2 fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap IP 142.250.74.74:443 ASN #15169 GOOGLE Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT File type gzip compressed data, max compression Size 233 kB (233158 bytes) Hash 80fb6a7d490f4512350a8f2a38379295 35dcb8bfc7420ebc7ec7359bce28026a9ea2600a ca0503149f639ea84fdaf4170345d3c913ff0d436801be1a86db3e15e17e0893 HTTP Headers GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 19 Apr 2024 12:06:02 GMT date: Fri, 19 Apr 2024 12:06:02 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/flags.png	104.17.24.14		71 kB
URL GET cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/flags.png IP 104.17.24.14:0 ASN #13335 CLOUDFLARENET Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced Size 71 kB (70862 bytes) Hash 416250f60d785a2e02f17e054d2e4e44 21572c9751e5a3dc20395befa0fcb349c32c4811 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55 HTTP Headers GET /ajax/libs/intl-tel-input/17.0.8/img/flags.png HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 19 Apr 2024 12:06:02 GMT content-type: image/png; charset=utf-8 content-length: 70862 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5f902e0e-114c9" last-modified: Wed, 21 Oct 2020 12:48:14 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 2549612 expires: Wed, 09 Apr 2025 12:06:02 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J2j%2FUp0ypv5qH2%2FxV60O5IGKhMS%2BHWbSm3fcRQ7BgBvup4XZdbVCv64rApGUSwx3iZUUtYEmNhPbqXSnXHZOPQoUW8liEW7aq0HxdWOGz2KS7AZ%2Fp5oKewWAmHwuNn65fDvqQYjf"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 876cc42aba45b4f9-OSL alt-svc: h3=":443"; ma=86400

	ipinfo.io/?callback=jQuery35109801268685460887_1713528362429&_=1713528362431	34.117.186.192	200 OK	672 B
URL GET HTTP/3 ipinfo.io/?callback=jQuery35109801268685460887_1713528362429&_=1713528362431 IP 34.117.186.192:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerLet's Encrypt Subjectipinfo.io Fingerprint9D:3E:28:56:62:A9:9F:DE:23:E2:E3:28:72:EE:AE:0B:F3:A5:C0:63 ValidityTue, 05 Mar 2024 21:14:09 GMT - Mon, 03 Jun 2024 21:14:08 GMT File type JavaScript source, ASCII text, with very long lines (391) Size 672 B (672 bytes) Hash ca72ed0860828c3a38da20f8d6c84e38 26e21322b9df9c60a3a13b79473ee4d5e3336083 36241877c14813e85d2c2f1787239a624adcd71ea703bc6852f8b85c05da1168 HTTP Headers `GET /?callback=jQuery35109801268685460887_1713528362429&_=1713528362431 HTTP/1.1 Host: ipinfo.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/3 200 OK server: nginx/1.24.0 date: Fri, 19 Apr 2024 12:06:02 GMT content-type: text/javascript; charset=utf-8 content-length: 672 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 3 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}&	188.114.97.1	200 OK	18 kB
URL GET HTTP/3 ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/ Certificate IssuerLet's Encrypt Subjectai-usmhigh.shop Fingerprint9E:86:16:4B:AA:10:3C:56:D5:09:31:5B:4E:41:7F:C2:4D:19:E8:92 ValidityWed, 10 Apr 2024 16:48:45 GMT - Tue, 09 Jul 2024 16:48:44 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (583) Size 18 kB (18152 bytes) Hash df22ffe7e84fa2d89741fba06c0bcdb0 7e994c03c298c37e300e667d3d2828c2f5309515 133fee38acd6434a48797d33b408f233b7345c3a0f96d136cb32388d78c43bbd HTTP Headers GET /lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& HTTP/1.1 Host: ai-usmhigh.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/ Sec-Fetch-Dest: object Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 19 Apr 2024 12:06:02 GMT content-type: text/html; charset=UTF-8 set-cookie: subid=%7Bsubid%7D; expires=Sun, 19-May-2024 12:06:02 GMT; Max-Age=2592000; path=/ access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qZBtNaGVstGzygd2OL29FP04w7XX6DMqNg3POt1FBzNL%2B9X6rk%2FFJeudeVlgt2n2fjXpuferGCGVlZ4GZ9CvHx6hDUOG9W8nmUR7lDfCYX4y4DDtTCPxW7LzkU44ZfUFRKA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 876cc426897a0b3d-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/css	188.114.97.1	301 Moved Permanently	8.5 kB
URL GET HTTP/3 ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/css IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerLet's Encrypt Subjectai-usmhigh.shop Fingerprint9E:86:16:4B:AA:10:3C:56:D5:09:31:5B:4E:41:7F:C2:4D:19:E8:92 ValidityWed, 10 Apr 2024 16:48:45 GMT - Tue, 09 Jul 2024 16:48:44 GMT File type data Size 8.5 kB (8473 bytes) Hash d0e7d7d1d0856399189c402152deadda 6554e66b1e3a3ca9e9d14ec3874ff2f55223b346 8f048ef385779d3bb0926259f1288f8f56e49012378ff4058912c4c017e9eb80 HTTP Headers GET /lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/css HTTP/1.1 Host: ai-usmhigh.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Cookie: subid=%7Bsubid%7D Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 301 Moved Permanently date: Fri, 19 Apr 2024 12:06:02 GMT content-type: text/html location: http://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/css/ x-content-type-options: nosniff cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1AutddM%2F2zezXzze4YOONTTUnGAtizGGhHHjFUMl5z%2BfC8Q%2BgnsWzzpCmts3mhU%2F3qATWLzZ9DH%2BeHScMcSOyEAfuEBG%2FLAiC5kVOBnioIbEcFzA760Q9HtmNUh2ycjUcfU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 876cc4274a540b3d-OSL alt-svc: h3=":443"; ma=86400

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/favicon.ico	188.114.97.1	200 OK	5.3 kB
URL GET HTTP/3 ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/favicon.ico IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/ Certificate IssuerLet's Encrypt Subjectai-usmhigh.shop Fingerprint9E:86:16:4B:AA:10:3C:56:D5:09:31:5B:4E:41:7F:C2:4D:19:E8:92 ValidityWed, 10 Apr 2024 16:48:45 GMT - Tue, 09 Jul 2024 16:48:44 GMT File type PNG image data, 225 x 225, 8-bit colormap, non-interlaced Size 5.3 kB (5305 bytes) Hash 0f1bcd199f0a5e6d976f5220432f3feb 269b37848997700270c755f1dd2f3eaba58f6478 225374ccd7369c4ee37da6a34d857b4904fb02f36dd86a112feff6e35a8b40e6 HTTP Headers GET /lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/favicon.ico HTTP/1.1 Host: ai-usmhigh.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/ Cookie: subid=%7Bsubid%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 19 Apr 2024 12:06:02 GMT content-type: image/x-icon last-modified: Wed, 21 Feb 2024 17:12:49 GMT etag: W/"65d62f11-14b9" expires: Mon, 29 Apr 2024 12:06:02 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L2ukUylSr1v7WDJFZO0ChbK2qEW0gRM00vuEE5wQLXYmDyFj8LERFVhyNY2FIRLlb4cDDGD4ONQZ8WBgvzYtEZlH5FFf6EvguzknRqWObmIv27RvjdFk4Mqc%2FXuaZFwvTG4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 876cc4272a460b3d-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/Arrow-Right-silver.svg	188.114.97.1	200 OK	856 B
URL GET HTTP/3 ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/Arrow-Right-silver.svg IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerLet's Encrypt Subjectai-usmhigh.shop Fingerprint9E:86:16:4B:AA:10:3C:56:D5:09:31:5B:4E:41:7F:C2:4D:19:E8:92 ValidityWed, 10 Apr 2024 16:48:45 GMT - Tue, 09 Jul 2024 16:48:44 GMT File type SVG Scalable Vector Graphics image Size 856 B (856 bytes) Hash a6d901084527d38a64e0d09e74eb0a89 a34fb86c8f157eab2f8c5bcbcde3a747d362cb57 072e5193b8589436bb0e6c1d80fc8fd57bab163d024cba17249e0cf2b0aff73b HTTP Headers GET /lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/Arrow-Right-silver.svg HTTP/1.1 Host: ai-usmhigh.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/css/main.min.css Cookie: subid=%7Bsubid%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 19 Apr 2024 12:06:02 GMT content-type: image/svg+xml last-modified: Wed, 21 Feb 2024 17:12:49 GMT etag: W/"65d62f11-358" expires: Mon, 29 Apr 2024 12:06:02 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SwUvqQ3PU%2FKqO6o6%2BScNhUIqxzRnVQe7QlO3GaF93ZlvYkpe05y%2BbQVF9mtnptyPcBhCREC4%2BmgtNk7DcqS7ijzIF7VN4zkDhOr%2FqHgpawGi9cylE%2FviyIEg%2FNCGmJ3nlgE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 876cc4292bc30b3d-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/bg.png	188.114.97.1	200 OK	230 kB
URL GET HTTP/3 ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/bg.png IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerLet's Encrypt Subjectai-usmhigh.shop Fingerprint9E:86:16:4B:AA:10:3C:56:D5:09:31:5B:4E:41:7F:C2:4D:19:E8:92 ValidityWed, 10 Apr 2024 16:48:45 GMT - Tue, 09 Jul 2024 16:48:44 GMT File type PNG image data, 2860 x 1402, 8-bit/color RGBA, non-interlaced Size 230 kB (230281 bytes) Hash a5bd6120e8983f86e2337abd2f8a0400 da5f244add422347a5b3724cc25c4b3117ffaec0 df92f43aefe26c94476e3e107195ddf5ddbea8d02deac729d543a89805c28cd7 HTTP Headers GET /lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/bg.png HTTP/1.1 Host: ai-usmhigh.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/css/main.min.css Cookie: subid=%7Bsubid%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 19 Apr 2024 12:06:02 GMT content-type: image/png content-length: 230281 last-modified: Wed, 21 Feb 2024 17:12:49 GMT etag: "65d62f11-38389" expires: Mon, 29 Apr 2024 12:06:02 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1o2gcOtxEFVVfFkT%2FC7dAtZcU%2Bn6%2BwzRzRYmazNp%2FgZOpsy8hIgtym324G4VxDiDTgRDV%2FtafGJ6yGZ93D5%2F6Vl%2FGAyhj0DQwcFhnXjscq8VRFvur6MMYgA03JQzPguoEBs%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 876cc4292bc00b3d-OSL alt-svc: h3=":443"; ma=86400

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/css/main.min.css	188.114.97.1	200 OK	24 kB
URL GET HTTP/3 ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/css/main.min.css IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerLet's Encrypt Subjectai-usmhigh.shop Fingerprint9E:86:16:4B:AA:10:3C:56:D5:09:31:5B:4E:41:7F:C2:4D:19:E8:92 ValidityWed, 10 Apr 2024 16:48:45 GMT - Tue, 09 Jul 2024 16:48:44 GMT File type ASCII text, with very long lines (360) Size 24 kB (23837 bytes) Hash 5b7522b14d724533d78c01bf5458a750 4eae645a753f243ee059e4327344b3fe91e05df0 0845d6d17d46184edbb2c7db1e19104cff0c0532c5acbc6012bb33255f17c257 HTTP Headers GET /lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/css/main.min.css HTTP/1.1 Host: ai-usmhigh.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Cookie: subid=%7Bsubid%7D Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 19 Apr 2024 12:06:02 GMT content-type: text/css last-modified: Wed, 21 Feb 2024 17:12:49 GMT etag: W/"65d62f11-5d1d" expires: Mon, 29 Apr 2024 12:06:02 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yLMLz3ShjNnYrvahwL%2FjczbGQNQ6ghrqnnhwyN3lCZgYp7fgFMR1HPUp5NCkQRF9%2FdNL%2FgdIWsb%2FJRct1NCbJ3WoT7Z9sOn4W9VenHDgqJS8iJPAHIruTm8jwmhqftPFNFU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 876cc4273a500b3d-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/Arrow-Left-silver.svg	188.114.97.1	200 OK	750 B
URL GET HTTP/3 ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/Arrow-Left-silver.svg IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/?_token={token}&subid={subid}& Certificate IssuerLet's Encrypt Subjectai-usmhigh.shop Fingerprint9E:86:16:4B:AA:10:3C:56:D5:09:31:5B:4E:41:7F:C2:4D:19:E8:92 ValidityWed, 10 Apr 2024 16:48:45 GMT - Tue, 09 Jul 2024 16:48:44 GMT File type SVG Scalable Vector Graphics image Size 750 B (750 bytes) Hash 87c2d5210e22d12f71dcd2bacfe37c70 25f1f924d23c5fb2bcd89be2737b4daf20ca371c d5679b98f2dbfe21020bff5a8990e9283f034f70ee71907a34e9f663c43b6d2b HTTP Headers GET /lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/img/Arrow-Left-silver.svg HTTP/1.1 Host: ai-usmhigh.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmhigh.shop/lander/gazinvest_quiz20-ok-bg-politika-_obj_js_v2/land/css/main.min.css Cookie: subid=%7Bsubid%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 19 Apr 2024 12:06:02 GMT content-type: image/svg+xml last-modified: Wed, 21 Feb 2024 17:12:49 GMT etag: W/"65d62f11-2ee" expires: Mon, 29 Apr 2024 12:06:02 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQvIPdR7%2B1K%2FjcJtoS14aWKct1caj9cdOWUrWXJEnyf2Reg7mFkmKYqoPDSpUtCk8xwiwy2HSu2CnDiIu83nJQfFrZh9oKdQK5F%2Bsxovz18QCDl3ZBnSNN3zsM%2BA3T0CstE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 876cc4292bc60b3d-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML