| www.ourfastcdn.com/vas-lps/4/mobile.png | 194.242.11.186 | 200 OK | 8.7 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/4/mobile.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint81:BF:AB:3B:A2:E2:70:D4:2B:F4:8A:EF:0A:D1:EE:5C:1F:5B:49:C6 ValidityMon, 06 May 2024 22:09:52 GMT - Sun, 04 Aug 2024 22:09:51 GMT
File typePNG image data, 350 x 393, 8-bit/color RGBA, non-interlaced Hashe0f3837582795e7f5405c042c358fbf2 f08cf1b56020b2b073d9067f01b5c0a5698b322a 641fb17be0e06afda9b93f7b9fb7d9dd3eafd202bd4c19aa77c968f1c84456ef
GET /vas-lps/4/mobile.png HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:05:56 GMT
content-type: image/png
content-length: 8715
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 27 Jan 2023 00:25:29 GMT
cdn-cachedat: 05/09/2024 15:47:55
cdn-storageserver: DE-664
cdn-fileserver: 528
cdn-proxyver: 1.04
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bdd3080b4b9b65d0abd5516dee964e84
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/vas-lps/4/kuwait-flag.png | 194.242.11.186 | 200 OK | 2.2 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/4/kuwait-flag.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint81:BF:AB:3B:A2:E2:70:D4:2B:F4:8A:EF:0A:D1:EE:5C:1F:5B:49:C6 ValidityMon, 06 May 2024 22:09:52 GMT - Sun, 04 Aug 2024 22:09:51 GMT
File typePNG image data, 290 x 174, 8-bit colormap, non-interlaced Hash27964c1a361d3a4f85ba4d02aebe007f 01a8992da32b1b077cc05bee196ef1e7f3da2922 8f778d9db96c115f2bbf7ef7c0746eab3c18fe6580f6bacb0b2bb5a1f11a87d9
GET /vas-lps/4/kuwait-flag.png HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:05:56 GMT
content-type: image/png
content-length: 2158
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Mon, 20 Mar 2023 11:23:18 GMT
cdn-cachedat: 05/08/2024 19:20:29
cdn-storageserver: DE-677
cdn-fileserver: 403
cdn-proxyver: 1.04
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3069bb63f239014291c746e6c9aa8f49
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/vas-lps/4/loading.gif | 194.242.11.186 | 200 OK | 173 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/4/loading.gif IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint81:BF:AB:3B:A2:E2:70:D4:2B:F4:8A:EF:0A:D1:EE:5C:1F:5B:49:C6 ValidityMon, 06 May 2024 22:09:52 GMT - Sun, 04 Aug 2024 22:09:51 GMT
File typeGIF image data, version 89a, 630 x 636 Size173 kB (172593 bytes) Hashe5ed5c6288d5d294a607ac99a13d8b02 a06b3c444b8a1076702d992a0f9a14a18fb22134 28f8977a12f0de984d665663073a824c7c834ef19de692ee066d396c19cfcfee
GET /vas-lps/4/loading.gif HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:05:56 GMT
content-type: image/gif
content-length: 172593
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 27 Jan 2023 00:30:31 GMT
cdn-cachedat: 05/08/2024 14:33:32
cdn-storageserver: DE-588
cdn-fileserver: 519
cdn-proxyver: 1.04
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ec9e44f4586b24707e70bd36de6c5e55
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fd.sla-alacrity.com/token?partner=partner:624cdcca924feb5a3e92521f09031dca18fe2259&service=campaign:9f322d8dc286dcf4366a9770ba998d7aef0b0f37&ref=&fetch_usage=true | 54.230.111.54 | 200 OK | 5.4 kB |
URL GET HTTP/3fd.sla-alacrity.com/token?partner=partner:624cdcca924feb5a3e92521f09031dca18fe2259&service=campaign:9f322d8dc286dcf4366a9770ba998d7aef0b0f37&ref=&fetch_usage=true IP54.230.111.54:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hasha529499d4332bc44196054d177967e8b 83883909bf56d0890f59e270c69ae4871d455be3 9d3f2a2e648e03301e150ce1f48c226b560a381ab1f29f28f1466b0f93c7a2c0
GET /token?partner=partner:624cdcca924feb5a3e92521f09031dca18fe2259&service=campaign:9f322d8dc286dcf4366a9770ba998d7aef0b0f37&ref=&fetch_usage=true HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Fri, 10 May 2024 07:05:56 GMT
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-headers: Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
vary: Accept, Origin
etag: W/"343150b2f36c818431de1c1a04e3f398"
cache-control: max-age=0, private, must-revalidate
x-request-id: f0bcb0b2-e644-40b4-bbb1-9918942b492d
x-runtime: 0.025162
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-id: swkDaS9eTYx6xV_0rz7irA3Mq6pqFHUK7PGBwoYB3y2Dl-SBNLOVIQ==
|
|
| redirect.2ndprftdomn.digital/click?o=10592&a=56&sub_id1=499725&aff_click_id=5716338103/ | 172.67.135.237 | 302 Found | 13 kB |
URL User Request GET HTTP/2redirect.2ndprftdomn.digital/click?o=10592&a=56&sub_id1=499725&aff_click_id=5716338103/ IP172.67.135.237:443
CertificateIssuerGoogle Trust Services LLC Subject2ndprftdomn.digital Fingerprint8C:79:E4:CA:51:15:05:9B:8E:B2:A9:9F:37:7A:A0:43:2B:EB:DA:AE ValidityMon, 25 Mar 2024 22:42:03 GMT - Sun, 23 Jun 2024 22:42:02 GMT
Hashcd35e0375546a5077e9a57603dcc884c 51bed25d138b64d368bd01d1eb9e2700f076d664 ab31497f1d135a8e3f9c5dabb6aad961c0de38d59474c9ffc4874680619e550d
GET /click?o=10592&a=56&sub_id1=499725&aff_click_id=5716338103/ HTTP/1.1
Host: redirect.2ndprftdomn.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 07:05:55 GMT
content-type: text/html; charset=UTF-8
location: https://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5=
set-cookie: U-f6c2a0c4b566bc99d596e58638e342b0=unique; expires=Sun, 09-Jun-2024 07:05:55 GMT; Max-Age=2592000; path=/; secure; SameSite=None
o_f6c2a0c4b566bc99d596e58638e342b0=69c1741d-2c4a-4510-8890-fbc7588d9fcd; expires=Sun, 17-Jan-2038 07:05:55 GMT; Max-Age=432000000; path=/; secure; SameSite=None
x-debug-tag: 663dc753487eb
x-debug-duration: 128
x-debug-link: /v-debugger/default/view?tag=663dc753487eb
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANh%2Fkxq62EavugX21O8%2F2T%2B8%2FGJIYvKWJ%2Bea7TIY26QhnS4qEgRrOLHIK7hxXdUD7IFAMoCp3X0Lt4p5gAzVp8h%2FNvL8vdDsjlUSLEkUfOADnKNCdQm44jNJur4y%2FwqrhGSbj7EDUn3AplbwWEUd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881815679acb56a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fd.sla-alacrity.com/token/empello?token=930c058c-f69b-4b6c-9760-248e60f99e0f&version=2&button=I3N1YnNjcmliZQ== | 54.230.111.54 | 200 OK | 132 kB |
URL GET HTTP/3fd.sla-alacrity.com/token/empello?token=930c058c-f69b-4b6c-9760-248e60f99e0f&version=2&button=I3N1YnNjcmliZQ== IP54.230.111.54:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Size132 kB (132166 bytes) Hash2f1f0b1c4a3617476cabe7e1cc00cd99 0260baabe43a5857ac6c160542dd42dade884153 8b21d7598c9d8e805252c5a5aeeb3c1fe6d6bf46312db14f950fae23fdb140d7
GET /token/empello?token=930c058c-f69b-4b6c-9760-248e60f99e0f&version=2&button=I3N1YnNjcmliZQ== HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Fri, 10 May 2024 07:05:56 GMT
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-headers: Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
vary: Accept, Origin
etag: W/"8b21d7598c9d8e805252c5a5aeeb3c1f"
cache-control: max-age=0, private, must-revalidate
x-request-id: 8ee59507-0b5f-40ee-b80f-9cd08fd440a7
x-runtime: 0.240959
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-id: SDyhRfRtawZgdbvO4nvBFa0SlXs8qYt-rLFMpyZXaZ0MoJbIEZMq8w==
|
|
| antifraud-uk.empello.net/ws/info/?key=ukbhirqilhiqvtomazafugcrufafbbbahpovipjjmhmtperrujkmsolugzlfpmuw | 13.42.246.59 | | 0 B |
URL antifraud-uk.empello.net/ws/info/?key=ukbhirqilhiqvtomazafugcrufafbbbahpovipjjmhmtperrujkmsolugzlfpmuw IP13.42.246.59:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/info/?key=ukbhirqilhiqvtomazafugcrufafbbbahpovipjjmhmtperrujkmsolugzlfpmuw HTTP/1.1
Host: antifraud-uk.empello.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://get-fabulous-content.click
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KWkEhTcUrjZqPNCXx59qmA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 10 May 2024 07:05:57 GMT
Connection: upgrade
Server: nginx
Upgrade: WebSocket
Sec-WebSocket-Accept: dJMcaUBTdKkr0IWXVM3I/FLRSEA=
|
|
| www.ourfastcdn.com/vas-lps/4/icons8-protect-96.png | 194.242.11.186 | 200 OK | 18 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/4/icons8-protect-96.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint81:BF:AB:3B:A2:E2:70:D4:2B:F4:8A:EF:0A:D1:EE:5C:1F:5B:49:C6 ValidityMon, 06 May 2024 22:09:52 GMT - Sun, 04 Aug 2024 22:09:51 GMT
File typePNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced Hashfc7316436bbdb0d6569724ede8ca5b37 d898e9e8c6bb9b532a63231ce78e912d64485fe8 3ff0b0fa8b151a29195a283633757f54112fa377353ec3a65ba04ca1994aaec6
GET /vas-lps/4/icons8-protect-96.png HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:05:57 GMT
content-type: image/png
content-length: 18321
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 27 Jan 2023 00:25:29 GMT
cdn-cachedat: 05/09/2024 15:47:56
cdn-storageserver: DE-165
cdn-fileserver: 534
cdn-proxyver: 1.04
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 0bd3425d217e09dbe3cc58e6e3cb1bd2
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fd.sla-alacrity.com/token/fingerprint?token=930c058c-f69b-4b6c-9760-248e60f99e0f&fingerprint=5db3a4e34790624df926db520a13f79f | 54.230.111.54 | 200 OK | 5.7 kB |
URL POST HTTP/3fd.sla-alacrity.com/token/fingerprint?token=930c058c-f69b-4b6c-9760-248e60f99e0f&fingerprint=5db3a4e34790624df926db520a13f79f IP54.230.111.54:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd55fc4475541e7c76b6a985becab9c1a fa5872e2cc0111209fc15d294ef39ab512f7ad79 d17a95057ab212b8d7f2db59412b9e677f614f8c06d121d4c4a454bcd8e957ca
POST /token/fingerprint?token=930c058c-f69b-4b6c-9760-248e60f99e0f&fingerprint=5db3a4e34790624df926db520a13f79f HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/3 200 OK
content-type: text/plain; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Fri, 10 May 2024 07:05:57 GMT
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-headers: Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
vary: Accept, Origin
etag: W/"2689367b205c16ce32ed4200942b8b8b"
cache-control: max-age=0, private, must-revalidate
x-request-id: 1bfd5d55-38be-4184-a306-452ade48fee4
x-runtime: 0.012474
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-id: fCw4m-rii1N2bdxIq8_3JxbfkxAYxEqfdBMTtvGl8xI4L2wyDeJBBA==
|
|
| antifraud-uk.empello.net/api/v2/token/js/get/ | 13.43.60.223 | 200 OK | 11 kB |
URL POST HTTP/2antifraud-uk.empello.net/api/v2/token/js/get/ IP13.43.60.223:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.empello.net FingerprintBD:EE:34:0F:30:99:2E:5A:A7:5D:1E:8C:1A:07:BD:9D:B8:05:E2:85 ValidityWed, 24 Apr 2024 00:00:00 GMT - Mon, 19 May 2025 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashc3f6b8550a0ca01aa2adea14bdb2ffec 82811279f40c17c797b1dc10962abfd49c0461d8 d1a23ccb4d84241fc7861988d780153d132589be45da352718b09baaef5f69c3
POST /api/v2/token/js/get/ HTTP/1.1
Host: antifraud-uk.empello.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 155
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:05:57 GMT
content-type: application/json
server: nginx
x-frame-options: DENY
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
vary: origin
access-control-allow-origin: *
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self'
strict-transport-security: max-age=0; includeSubdomains;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= | 188.114.97.1 | 200 OK | 5.5 kB |
URL User Request GET HTTP/2get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectget-fabulous-content.click Fingerprint2B:B5:95:00:28:15:55:DA:D5:27:69:A3:E7:59:CC:C5:79:06:CA:5E ValidityFri, 29 Mar 2024 04:08:55 GMT - Thu, 27 Jun 2024 04:08:54 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (4972), with no line terminators Hash1ae0b28fa81e2b8be3e4b5d5f82869e1 953b75881b5b205fda98b832c4121b5d4b448ed0 f9e739c203beb9b3a83d35e9b808f8b10659fc35b1ae9886bd4481e157878e5d
GET /lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= HTTP/1.1
Host: get-fabulous-content.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:05:55 GMT
content-type: text/html; charset=UTF-8
set-cookie: af96b77bf83504a9178c1f576e818e81=af96b77bf83504a9178c1f576e818e81; expires=Sat, 10 May 2025 07:05:55 GMT; Max-Age=31536000; path=/; secure
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CfBhj4X2NTg2AepKn8ZU5KVYQ8xSQ%2FZSqHGZi%2FNAQcWvlcJrr3CVp1ss0vJwxpppYdiP2RBWvyhD505sEbCYd7LVBbpZuweJAIpED64mbfEZyA38Gt9FlEHB9%2FO4di9eFVabHh0k1bKBo8FDVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181569ebb3b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fd.sla-alacrity.com/fp.js | 54.230.111.54 | 200 OK | 30 kB |
URL GET HTTP/3fd.sla-alacrity.com/fp.js IP54.230.111.54:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp.js HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
age: 83354
date: Thu, 09 May 2024 07:56:43 GMT
server: nginx/1.21.4
last-modified: Tue, 26 Mar 2024 12:34:10 GMT
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Yduig5_pygPVobBhqiqAd4fGYiHvpWJ0jH2dKdkA_HRps-ayzxtsFw==
|
|
| www.ourfastcdn.com/vas-lps/4/style7.css | 194.242.11.186 | 200 OK | 12 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/4/style7.css IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint81:BF:AB:3B:A2:E2:70:D4:2B:F4:8A:EF:0A:D1:EE:5C:1F:5B:49:C6 ValidityMon, 06 May 2024 22:09:52 GMT - Sun, 04 Aug 2024 22:09:51 GMT
File typeASCII text, with CRLF line terminators Hash643ef93c632f3bb14bff37d3a6b25bbe 7fc6a195e75ea56e36dba14ed118b09023584204 e65c22d563a312ba24328587df604f20d922b82fcf5123711a7265acab53e989
GET /vas-lps/4/style7.css HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:05:56 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"64a56814-3012"
last-modified: Wed, 05 Jul 2023 12:54:44 GMT
cdn-cachedat: 05/09/2024 15:47:55
cdn-storageserver: DE-679
cdn-fileserver: 634
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f4cf91f60abdd20572350d51b25c03c0
cdn-cache: HIT
X-Firefox-Spdy: h2
|
|
| antifraud-uk.empello.net/ws/info/?key=ukbhirqilhiqvtomazafugcrufafbbbahpovipjjmhmtperrujkmsolugzlfpmuw | 13.42.246.59 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1antifraud-uk.empello.net/ws/info/?key=ukbhirqilhiqvtomazafugcrufafbbbahpovipjjmhmtperrujkmsolugzlfpmuw IP13.42.246.59:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.empello.net FingerprintBD:EE:34:0F:30:99:2E:5A:A7:5D:1E:8C:1A:07:BD:9D:B8:05:E2:85 ValidityWed, 24 Apr 2024 00:00:00 GMT - Mon, 19 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/info/?key=ukbhirqilhiqvtomazafugcrufafbbbahpovipjjmhmtperrujkmsolugzlfpmuw HTTP/1.1
Host: antifraud-uk.empello.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://get-fabulous-content.click
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KWkEhTcUrjZqPNCXx59qmA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 10 May 2024 07:05:57 GMT
Connection: upgrade
Server: nginx
Upgrade: WebSocket
Sec-WebSocket-Accept: dJMcaUBTdKkr0IWXVM3I/FLRSEA=
|
|
| fd.sla-alacrity.com/token/empello?token=930c058c-f69b-4b6c-9760-248e60f99e0f&e_token=ukyyiyyzzsifcubdyeggwfxzkpmefsofxhvviijmgzrxbyocchtmoinhnhgrqbog&empello_checks_delay=false | 54.230.111.54 | 200 OK | 2 B |
URL POST HTTP/3fd.sla-alacrity.com/token/empello?token=930c058c-f69b-4b6c-9760-248e60f99e0f&e_token=ukyyiyyzzsifcubdyeggwfxzkpmefsofxhvviijmgzrxbyocchtmoinhnhgrqbog&empello_checks_delay=false IP54.230.111.54:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /token/empello?token=930c058c-f69b-4b6c-9760-248e60f99e0f&e_token=ukyyiyyzzsifcubdyeggwfxzkpmefsofxhvviijmgzrxbyocchtmoinhnhgrqbog&empello_checks_delay=false HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
content-type: text/plain; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Fri, 10 May 2024 07:05:57 GMT
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-headers: Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
vary: Accept, Origin
etag: W/"2689367b205c16ce32ed4200942b8b8b"
cache-control: max-age=0, private, must-revalidate
x-request-id: c5d75c39-a687-411a-99a3-c2e4015e459d
x-runtime: 0.012511
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-id: dNtcunIqRau38UvkgLCpZKCxa47knQ3kBt78Pk1tHkZsibTrB0vWPA==
|
|
| www.ourfastcdn.com/libraries/axios.min.js | 194.242.11.186 | 200 OK | 31 kB |
URL GET HTTP/2www.ourfastcdn.com/libraries/axios.min.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint81:BF:AB:3B:A2:E2:70:D4:2B:F4:8A:EF:0A:D1:EE:5C:1F:5B:49:C6 ValidityMon, 06 May 2024 22:09:52 GMT - Sun, 04 Aug 2024 22:09:51 GMT
File typeJavaScript source, ASCII text, with very long lines (31114) Hashb843d5d6f3c9912a2c5b5056e378f3f2 2463f7b88c39d73a0c1bfa38d494c2d37cdd7590 994d6e124d837856735298c59b571c79f9f61e448c84ad6b742e6f6ba05cbf93
GET /libraries/axios.min.js HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:05:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"63d2fc69-79b1"
last-modified: Thu, 26 Jan 2023 22:19:21 GMT
cdn-cachedat: 05/07/2024 19:49:49
cdn-storageserver: DE-661
cdn-fileserver: 537
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 53aff16874bf2ffadfaa5f1b26e1ec81
cdn-cache: HIT
X-Firefox-Spdy: h2
|
|
| fd.sla-alacrity.com/d513e9e03227.js | 54.230.111.54 | 200 OK | 20 kB |
URL GET HTTP/2fd.sla-alacrity.com/d513e9e03227.js IP54.230.111.54:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (19939), with no line terminators Hasha745c02927f3f2bbea57e779107be034 c41a7b70dc41bb73dde868d61906e2af9e54320f 265f2a49910682ea3dd31952090019b4372c1f2898c6fa39c959fad312c14854
Analyzer | Verdict | Alert | Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /d513e9e03227.js HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 09 May 2024 07:56:44 GMT
server: nginx/1.21.4
last-modified: Tue, 26 Mar 2024 12:34:10 GMT
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IW_w-9u4H7Zog57rc9ZSYbqScTAn719zGiBkePVISlffqynicWCdjg==
age: 83352
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/vas-lps/kw36.js | 194.242.11.186 | 200 OK | 11 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/kw36.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint81:BF:AB:3B:A2:E2:70:D4:2B:F4:8A:EF:0A:D1:EE:5C:1F:5B:49:C6 ValidityMon, 06 May 2024 22:09:52 GMT - Sun, 04 Aug 2024 22:09:51 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash8c5e53d9c1079e213be1c920a11b5644 acb687c5bd0101824a9190a7bdd350412e52487b 41c337d43a964302fdb91a0d5d07ecb3e4592caeaadb14978c36b4535d705bc7
GET /vas-lps/kw36.js HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:05:56 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"662e4397-2a10"
last-modified: Sun, 28 Apr 2024 12:39:51 GMT
cdn-cachedat: 05/08/2024 19:20:29
cdn-storageserver: DE-663
cdn-fileserver: 247
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cd989073e33bcf0de2dd883dc5a71909
cdn-cache: HIT
X-Firefox-Spdy: h2
|
|
| antifraud-uk.empello.net/api/v2/token/js/info/ | 13.43.60.223 | 200 OK | 0 B |
URL POST HTTP/2antifraud-uk.empello.net/api/v2/token/js/info/ IP13.43.60.223:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=af96b77bf83504a9178c1f576e818e81&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.empello.net FingerprintBD:EE:34:0F:30:99:2E:5A:A7:5D:1E:8C:1A:07:BD:9D:B8:05:E2:85 ValidityWed, 24 Apr 2024 00:00:00 GMT - Mon, 19 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/token/js/info/ HTTP/1.1
Host: antifraud-uk.empello.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 5726
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:05:57 GMT
content-type: application/json
content-length: 0
server: nginx
x-frame-options: DENY
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
vary: origin
access-control-allow-origin: *
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self'
strict-transport-security: max-age=0; includeSubdomains;
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
|
|