| www.ourfastcdn.com/vas-lps/4/mobile.png | 194.242.11.186 | 200 OK | 8.7 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/4/mobile.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint81:BF:AB:3B:A2:E2:70:D4:2B:F4:8A:EF:0A:D1:EE:5C:1F:5B:49:C6 ValidityMon, 06 May 2024 22:09:52 GMT - Sun, 04 Aug 2024 22:09:51 GMT
File typePNG image data, 350 x 393, 8-bit/color RGBA, non-interlaced Hashe0f3837582795e7f5405c042c358fbf2 f08cf1b56020b2b073d9067f01b5c0a5698b322a 641fb17be0e06afda9b93f7b9fb7d9dd3eafd202bd4c19aa77c968f1c84456ef
GET /vas-lps/4/mobile.png HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 19:20:29 GMT
content-type: image/png
content-length: 8715
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 27 Jan 2023 00:25:29 GMT
cdn-cachedat: 05/08/2024 14:33:32
cdn-storageserver: DE-664
cdn-fileserver: 528
cdn-proxyver: 1.04
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: db6a422af1afd3d34e6ad88e55791b9c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| redirect.2ndprftdomn.digital/click?o=10592&a=56&sub_id1=499725&aff_click_id=5716338103 | 172.67.135.237 | 302 Found | 173 kB |
URL User Request GET HTTP/2redirect.2ndprftdomn.digital/click?o=10592&a=56&sub_id1=499725&aff_click_id=5716338103 IP172.67.135.237:443
CertificateIssuerGoogle Trust Services LLC Subject2ndprftdomn.digital Fingerprint8C:79:E4:CA:51:15:05:9B:8E:B2:A9:9F:37:7A:A0:43:2B:EB:DA:AE ValidityMon, 25 Mar 2024 22:42:03 GMT - Sun, 23 Jun 2024 22:42:02 GMT
File typeGIF image data, version 89a, 630 x 636 Size173 kB (172593 bytes) Hashe5ed5c6288d5d294a607ac99a13d8b02 a06b3c444b8a1076702d992a0f9a14a18fb22134 28f8977a12f0de984d665663073a824c7c834ef19de692ee066d396c19cfcfee
GET /click?o=10592&a=56&sub_id1=499725&aff_click_id=5716338103 HTTP/1.1
Host: redirect.2ndprftdomn.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 08 May 2024 19:20:28 GMT
content-type: text/html; charset=UTF-8
location: https://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5=
set-cookie: U-f6c2a0c4b566bc99d596e58638e342b0=unique; expires=Fri, 07-Jun-2024 19:20:28 GMT; Max-Age=2592000; path=/; secure; SameSite=None
o_f6c2a0c4b566bc99d596e58638e342b0=c520ef38-6e0e-4150-b1cc-b4f606dbccc5; expires=Fri, 15-Jan-2038 19:20:28 GMT; Max-Age=432000000; path=/; secure; SameSite=None
x-debug-tag: 663bd07c69ace
x-debug-duration: 113
x-debug-link: /v-debugger/default/view?tag=663bd07c69ace
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CDetcka7bHtCrlingS5ReOx9k95vlfEjPAqE9dAW%2BonNLp7FCJx0gtPcEJJcYEZzQ6rSIerViF3zoxn7msYFMzeA0sd%2FWBFTV%2FpZ0GRm8iutpELDx1yPAy5v5bSX6kODPjQr3vlM4kyZilYBpRou"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bcea8de47b524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/vas-lps/4/kuwait-flag.png | 194.242.11.186 | 200 OK | 2.2 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/4/kuwait-flag.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint81:BF:AB:3B:A2:E2:70:D4:2B:F4:8A:EF:0A:D1:EE:5C:1F:5B:49:C6 ValidityMon, 06 May 2024 22:09:52 GMT - Sun, 04 Aug 2024 22:09:51 GMT
File typePNG image data, 290 x 174, 8-bit colormap, non-interlaced Hash27964c1a361d3a4f85ba4d02aebe007f 01a8992da32b1b077cc05bee196ef1e7f3da2922 8f778d9db96c115f2bbf7ef7c0746eab3c18fe6580f6bacb0b2bb5a1f11a87d9
GET /vas-lps/4/kuwait-flag.png HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 19:20:29 GMT
content-type: image/png
content-length: 2158
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Mon, 20 Mar 2023 11:23:18 GMT
cdn-cachedat: 05/08/2024 19:20:29
cdn-storageserver: DE-677
cdn-fileserver: 403
cdn-proxyver: 1.04
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f1482239b8614076ff03701f059752c0
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| antifraud-uk.empello.net/api/v2/token/js/info/ | 13.42.127.235 | 200 OK | 0 B |
URL POST HTTP/2antifraud-uk.empello.net/api/v2/token/js/info/ IP13.42.127.235:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.empello.net FingerprintBD:EE:34:0F:30:99:2E:5A:A7:5D:1E:8C:1A:07:BD:9D:B8:05:E2:85 ValidityWed, 24 Apr 2024 00:00:00 GMT - Mon, 19 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/token/js/info/ HTTP/1.1
Host: antifraud-uk.empello.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 5688
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 19:20:30 GMT
content-type: application/json
content-length: 0
server: nginx
x-frame-options: DENY
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
vary: origin
access-control-allow-origin: *
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self'
strict-transport-security: max-age=0; includeSubdomains;
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/vas-lps/4/icons8-protect-96.png | 194.242.11.186 | 200 OK | 18 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/4/icons8-protect-96.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint81:BF:AB:3B:A2:E2:70:D4:2B:F4:8A:EF:0A:D1:EE:5C:1F:5B:49:C6 ValidityMon, 06 May 2024 22:09:52 GMT - Sun, 04 Aug 2024 22:09:51 GMT
File typePNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced Hashfc7316436bbdb0d6569724ede8ca5b37 d898e9e8c6bb9b532a63231ce78e912d64485fe8 3ff0b0fa8b151a29195a283633757f54112fa377353ec3a65ba04ca1994aaec6
GET /vas-lps/4/icons8-protect-96.png HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 19:20:30 GMT
content-type: image/png
content-length: 18321
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 27 Jan 2023 00:25:29 GMT
cdn-cachedat: 05/08/2024 14:33:33
cdn-storageserver: DE-165
cdn-fileserver: 534
cdn-proxyver: 1.04
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 974fbaf65cd017eab87ad8ff78af02b4
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| antifraud-uk.empello.net/ws/info/?key=ukadsfvbqhevodreqociqcacjkqhloragbgpbuffqfogpsodrzrwuddfivmrrobz | 13.42.127.235 | | 0 B |
URL antifraud-uk.empello.net/ws/info/?key=ukadsfvbqhevodreqociqcacjkqhloragbgpbuffqfogpsodrzrwuddfivmrrobz IP13.42.127.235:0
CertificateIssuerSectigo Limited Subject*.empello.net FingerprintBD:EE:34:0F:30:99:2E:5A:A7:5D:1E:8C:1A:07:BD:9D:B8:05:E2:85 ValidityWed, 24 Apr 2024 00:00:00 GMT - Mon, 19 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/info/?key=ukadsfvbqhevodreqociqcacjkqhloragbgpbuffqfogpsodrzrwuddfivmrrobz HTTP/1.1
Host: antifraud-uk.empello.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://get-fabulous-content.click
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: W++hUGf+lhxllpwqjxVtdQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 08 May 2024 19:20:30 GMT
Connection: upgrade
Server: nginx
Upgrade: WebSocket
Sec-WebSocket-Accept: yVq5ERRmO+BNPdL0vcQ3jzm9Rvo=
|
|
| fd.sla-alacrity.com/token/empello?token=a3103495-716a-455e-9f72-87af6b3b0157&version=2&button=I3N1YnNjcmliZQ== | 54.230.111.54 | 200 OK | 142 kB |
URL GET HTTP/3fd.sla-alacrity.com/token/empello?token=a3103495-716a-455e-9f72-87af6b3b0157&version=2&button=I3N1YnNjcmliZQ== IP54.230.111.54:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size142 kB (141472 bytes) Hash98fdc76d2405b891ccbc93ef4f5efc47 0f37db9b6d6f5ff7fe7d7e965245c96296a6eaf5 21900334776e02500c9bec51d1f15321c77e2f3db9dd488f06f72175cb9705f1
GET /token/empello?token=a3103495-716a-455e-9f72-87af6b3b0157&version=2&button=I3N1YnNjcmliZQ== HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Wed, 08 May 2024 19:20:30 GMT
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-headers: Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
vary: Accept, Origin
etag: W/"0d3e1e161c790d17ddd9541b313cc7f6"
cache-control: max-age=0, private, must-revalidate
x-request-id: 65fa4a25-2843-4f87-9a34-6310fba645cb
x-runtime: 0.123045
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-id: ypWn6MB6lrQX_Uzq3V9ozN4XIYNWIPrDf-2jlr3MGFtcJaq2afBr8A==
|
|
| fd.sla-alacrity.com/token?partner=partner:624cdcca924feb5a3e92521f09031dca18fe2259&service=campaign:9f322d8dc286dcf4366a9770ba998d7aef0b0f37&ref=&fetch_usage=true | 54.230.111.54 | 200 OK | 172 B |
URL GET HTTP/3fd.sla-alacrity.com/token?partner=partner:624cdcca924feb5a3e92521f09031dca18fe2259&service=campaign:9f322d8dc286dcf4366a9770ba998d7aef0b0f37&ref=&fetch_usage=true IP54.230.111.54:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashab1e80033cfbbbb539d4c727af0b6e1e f4f20aed861ac46b81dd58b4a5e09ae3252bf99c 5983dd01f2a6545e6552e6cb32047cfd95f17455a38fbb7d8b9a3904c7c638dd
GET /token?partner=partner:624cdcca924feb5a3e92521f09031dca18fe2259&service=campaign:9f322d8dc286dcf4366a9770ba998d7aef0b0f37&ref=&fetch_usage=true HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Wed, 08 May 2024 19:20:30 GMT
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-headers: Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
vary: Accept, Origin
etag: W/"911ccd4e69d2823c433347496a66cc01"
cache-control: max-age=0, private, must-revalidate
x-request-id: af0cb72f-2487-4641-a05d-0fe96ba23563
x-runtime: 0.022805
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-id: S_6z4V-mcXPAi-ab2gqV12TjVbHSz7yaz0X5mbqGM8mha5IhZhnPkQ==
|
|
| antifraud-uk.empello.net/ws/info/?key=ukadsfvbqhevodreqociqcacjkqhloragbgpbuffqfogpsodrzrwuddfivmrrobz | 13.42.127.235 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1antifraud-uk.empello.net/ws/info/?key=ukadsfvbqhevodreqociqcacjkqhloragbgpbuffqfogpsodrzrwuddfivmrrobz IP13.42.127.235:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.empello.net FingerprintBD:EE:34:0F:30:99:2E:5A:A7:5D:1E:8C:1A:07:BD:9D:B8:05:E2:85 ValidityWed, 24 Apr 2024 00:00:00 GMT - Mon, 19 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/info/?key=ukadsfvbqhevodreqociqcacjkqhloragbgpbuffqfogpsodrzrwuddfivmrrobz HTTP/1.1
Host: antifraud-uk.empello.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://get-fabulous-content.click
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: W++hUGf+lhxllpwqjxVtdQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 08 May 2024 19:20:30 GMT
Connection: upgrade
Server: nginx
Upgrade: WebSocket
Sec-WebSocket-Accept: yVq5ERRmO+BNPdL0vcQ3jzm9Rvo=
|
|
| antifraud-uk.empello.net/api/v2/token/js/get/ | 13.42.127.235 | 200 OK | 77 B |
URL POST HTTP/2antifraud-uk.empello.net/api/v2/token/js/get/ IP13.42.127.235:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.empello.net FingerprintBD:EE:34:0F:30:99:2E:5A:A7:5D:1E:8C:1A:07:BD:9D:B8:05:E2:85 ValidityWed, 24 Apr 2024 00:00:00 GMT - Mon, 19 May 2025 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash4af630fd82d9682593161d362b7f4ee0 416adf187726db446f1644b64876689920de7503 5530c64f302850466f66af115a5771bfed3e4441b194157d4d2c15af1022a77e
POST /api/v2/token/js/get/ HTTP/1.1
Host: antifraud-uk.empello.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 155
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:20:30 GMT
content-type: application/json
server: nginx
x-frame-options: DENY
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
vary: origin
access-control-allow-origin: *
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self'
strict-transport-security: max-age=0; includeSubdomains;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fd.sla-alacrity.com/token/empello?token=a3103495-716a-455e-9f72-87af6b3b0157&e_token=ukojmhfefrsfmivrbpjwxwxlmijrclutbqrweyclpqytpsxxvsewgwzkotgeetjz&empello_checks_delay=false | 54.230.111.54 | 200 OK | 2 B |
URL POST HTTP/3fd.sla-alacrity.com/token/empello?token=a3103495-716a-455e-9f72-87af6b3b0157&e_token=ukojmhfefrsfmivrbpjwxwxlmijrclutbqrweyclpqytpsxxvsewgwzkotgeetjz&empello_checks_delay=false IP54.230.111.54:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /token/empello?token=a3103495-716a-455e-9f72-87af6b3b0157&e_token=ukojmhfefrsfmivrbpjwxwxlmijrclutbqrweyclpqytpsxxvsewgwzkotgeetjz&empello_checks_delay=false HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
content-type: text/plain; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Wed, 08 May 2024 19:20:30 GMT
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-headers: Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
vary: Accept, Origin
etag: W/"2689367b205c16ce32ed4200942b8b8b"
cache-control: max-age=0, private, must-revalidate
x-request-id: 575825b2-637b-41a3-853a-d81ecf22c84a
x-runtime: 0.015448
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-id: t9Zk01YJQ9bk9URseIv3AbeEvJWQWkksrOOcLeBkJ4GfaMT36OmZow==
|
|
| get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= | 104.21.71.123 | 200 OK | 5.5 kB |
URL User Request GET HTTP/2get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= IP104.21.71.123:443
CertificateIssuerLet's Encrypt Subjectget-fabulous-content.click Fingerprint2B:B5:95:00:28:15:55:DA:D5:27:69:A3:E7:59:CC:C5:79:06:CA:5E ValidityFri, 29 Mar 2024 04:08:55 GMT - Thu, 27 Jun 2024 04:08:54 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (4972), with no line terminators Hash1ae0b28fa81e2b8be3e4b5d5f82869e1 953b75881b5b205fda98b832c4121b5d4b448ed0 f9e739c203beb9b3a83d35e9b808f8b10659fc35b1ae9886bd4481e157878e5d
GET /lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= HTTP/1.1
Host: get-fabulous-content.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:20:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: 5239584e567b1f123ab274b31deca03c=5239584e567b1f123ab274b31deca03c; expires=Thu, 08 May 2025 19:20:28 GMT; Max-Age=31536000; path=/; secure
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=spwUq6E5NKaMdGZH5vv5FlBG5%2BlI1fgqvdBbqwDUb7RKemYrUsc5WtihR4AreZeg2DP2YxL0lLyvIvv2dRJG5Ex%2Fw89bm6W%2Bc9w0re5R1NAR1%2FAPqcdXN7TdN%2F1BkKJ3klrIM3zknUFqixSK1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bceaadae9569a-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fd.sla-alacrity.com/d513e9e03227.js | 54.230.111.54 | 200 OK | 20 kB |
URL GET HTTP/2fd.sla-alacrity.com/d513e9e03227.js IP54.230.111.54:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (19939), with no line terminators Hasha745c02927f3f2bbea57e779107be034 c41a7b70dc41bb73dde868d61906e2af9e54320f 265f2a49910682ea3dd31952090019b4372c1f2898c6fa39c959fad312c14854
Analyzer | Verdict | Alert | Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /d513e9e03227.js HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 08 May 2024 15:15:40 GMT
server: nginx/1.21.4
last-modified: Tue, 26 Mar 2024 12:34:10 GMT
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ya9UkcymTX6Tawva9ABkaQ7DJt-RSiimiWPXP98NZuiasJAaFiVxGQ==
age: 14689
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/vas-lps/kw36.js | 194.242.11.186 | 200 OK | 11 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/kw36.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint81:BF:AB:3B:A2:E2:70:D4:2B:F4:8A:EF:0A:D1:EE:5C:1F:5B:49:C6 ValidityMon, 06 May 2024 22:09:52 GMT - Sun, 04 Aug 2024 22:09:51 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash8c5e53d9c1079e213be1c920a11b5644 acb687c5bd0101824a9190a7bdd350412e52487b 41c337d43a964302fdb91a0d5d07ecb3e4592caeaadb14978c36b4535d705bc7
GET /vas-lps/kw36.js HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:20:29 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"662e4397-2a10"
last-modified: Sun, 28 Apr 2024 12:39:51 GMT
cdn-cachedat: 05/08/2024 19:20:29
cdn-storageserver: DE-663
cdn-fileserver: 247
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 47bf8aac228ee172413181841a76a232
cdn-cache: MISS
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/vas-lps/4/style7.css | 194.242.11.186 | 200 OK | 12 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/4/style7.css IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint81:BF:AB:3B:A2:E2:70:D4:2B:F4:8A:EF:0A:D1:EE:5C:1F:5B:49:C6 ValidityMon, 06 May 2024 22:09:52 GMT - Sun, 04 Aug 2024 22:09:51 GMT
File typeASCII text, with CRLF line terminators Hash643ef93c632f3bb14bff37d3a6b25bbe 7fc6a195e75ea56e36dba14ed118b09023584204 e65c22d563a312ba24328587df604f20d922b82fcf5123711a7265acab53e989
GET /vas-lps/4/style7.css HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:20:29 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"64a56814-3012"
last-modified: Wed, 05 Jul 2023 12:54:44 GMT
cdn-cachedat: 05/08/2024 14:33:32
cdn-storageserver: DE-679
cdn-fileserver: 634
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e5b3303a5965e02c679e9969840e0e5c
cdn-cache: HIT
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/libraries/axios.min.js | 194.242.11.186 | 200 OK | 31 kB |
URL GET HTTP/2www.ourfastcdn.com/libraries/axios.min.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint81:BF:AB:3B:A2:E2:70:D4:2B:F4:8A:EF:0A:D1:EE:5C:1F:5B:49:C6 ValidityMon, 06 May 2024 22:09:52 GMT - Sun, 04 Aug 2024 22:09:51 GMT
File typeJavaScript source, ASCII text, with very long lines (31114) Hashb843d5d6f3c9912a2c5b5056e378f3f2 2463f7b88c39d73a0c1bfa38d494c2d37cdd7590 994d6e124d837856735298c59b571c79f9f61e448c84ad6b742e6f6ba05cbf93
GET /libraries/axios.min.js HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:20:29 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"63d2fc69-79b1"
last-modified: Thu, 26 Jan 2023 22:19:21 GMT
cdn-cachedat: 05/07/2024 19:49:49
cdn-storageserver: DE-661
cdn-fileserver: 537
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 327c2ac4a8d31c38d6371c3e414d9d44
cdn-cache: HIT
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/vas-lps/4/loading.gif | 194.242.11.186 | 200 OK | 173 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/4/loading.gif IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint81:BF:AB:3B:A2:E2:70:D4:2B:F4:8A:EF:0A:D1:EE:5C:1F:5B:49:C6 ValidityMon, 06 May 2024 22:09:52 GMT - Sun, 04 Aug 2024 22:09:51 GMT
File typeGIF image data, version 89a, 630 x 636 Size173 kB (172593 bytes) Hashe5ed5c6288d5d294a607ac99a13d8b02 a06b3c444b8a1076702d992a0f9a14a18fb22134 28f8977a12f0de984d665663073a824c7c834ef19de692ee066d396c19cfcfee
GET /vas-lps/4/loading.gif HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:20:29 GMT
content-type: image/gif
content-length: 172593
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 27 Jan 2023 00:30:31 GMT
cdn-cachedat: 05/08/2024 14:33:32
cdn-storageserver: DE-588
cdn-fileserver: 519
cdn-proxyver: 1.04
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 57ca2b8b29acbd5dd8a057b1522b1532
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fd.sla-alacrity.com/token/fingerprint?token=a3103495-716a-455e-9f72-87af6b3b0157&fingerprint=5db3a4e34790624df926db520a13f79f | 54.230.111.54 | 200 OK | 2 B |
URL POST HTTP/3fd.sla-alacrity.com/token/fingerprint?token=a3103495-716a-455e-9f72-87af6b3b0157&fingerprint=5db3a4e34790624df926db520a13f79f IP54.230.111.54:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /token/fingerprint?token=a3103495-716a-455e-9f72-87af6b3b0157&fingerprint=5db3a4e34790624df926db520a13f79f HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
content-type: text/plain; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-P1
date: Wed, 08 May 2024 19:20:30 GMT
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-headers: Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
vary: Accept, Origin
etag: W/"2689367b205c16ce32ed4200942b8b8b"
cache-control: max-age=0, private, must-revalidate
x-request-id: 6e951495-a118-4cb0-9776-fac5a10bfa4a
x-runtime: 0.012229
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-id: kxz3z_uERD1ufXN5g0OcNi6kZsrTdIoJCAthqtA_O3gsck8AGM5mUg==
|
|
| fd.sla-alacrity.com/fp.js | 54.230.111.54 | 200 OK | 30 kB |
URL GET HTTP/3fd.sla-alacrity.com/fp.js IP54.230.111.54:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/xp02tm9d02/?cid=5239584e567b1f123ab274b31deca03c&aff=56&s1=499725&s2=&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp.js HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
age: 14690
date: Wed, 08 May 2024 15:15:40 GMT
server: nginx/1.21.4
last-modified: Tue, 26 Mar 2024 12:34:10 GMT
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nBGxrgMB805YfGW-je7TQGHUn4KkyU_8POwRnDPVdQZP5SythS7PXg==
|
|