| ww16.best-targeted-traffic.com/img.sedoparking.com/images/js_preloader.gif | 64.190.63.136 | | 0 B |
URL ww16.best-targeted-traffic.com/img.sedoparking.com/images/js_preloader.gif IP64.190.63.136:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img.sedoparking.com/images/js_preloader.gif HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww16.best-targeted-traffic.com/install.php?unq=5m102310501mebttgfp&version=1.7&pais=Unknown&sub1=20240502-2344-35db-92e6-6f0cc92e7ca5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 441 No Reason Phrase
date: Fri, 03 May 2024 22:50:26 GMT
server: NginX
content-length: 0
X-Firefox-Spdy: h2
|
|
| ww16.best-targeted-traffic.com/search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTcxNDc3NjYyNjBlNTIwMDY4ODYwZmI1Y2M5ZjdlNDFmMWI0Nzg2M2E5&crc=d152c613311547ee3d7daaf8613aa181815ec8f7&cv=1 | 64.190.63.136 | | 0 B |
URL ww16.best-targeted-traffic.com/search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTcxNDc3NjYyNjBlNTIwMDY4ODYwZmI1Y2M5ZjdlNDFmMWI0Nzg2M2E5&crc=d152c613311547ee3d7daaf8613aa181815ec8f7&cv=1 IP64.190.63.136:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTcxNDc3NjYyNjBlNTIwMDY4ODYwZmI1Y2M5ZjdlNDFmMWI0Nzg2M2E5&crc=d152c613311547ee3d7daaf8613aa181815ec8f7&cv=1 HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww16.best-targeted-traffic.com/install.php?unq=5m102310501mebttgfp&version=1.7&pais=Unknown&sub1=20240502-2344-35db-92e6-6f0cc92e7ca5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Fri, 03 May 2024 22:50:26 GMT
server: NginX
x-cache-miss-from: parking-7cbf88ff6b-l9rcf
x-powered-by: PHP/8.1.17
content-length: 0
X-Firefox-Spdy: h2
|
|
| ww16.best-targeted-traffic.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DhZ1sAwn7XYk_0&v=MzJmNzM1NzY0NDZiOTNmZmMxZGRhZWQ3ODE0Y2I0M2UJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM1NmEzMTY2OGRhNy4wNDA2NDc3Nwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM1NmEzMTY2OTMyNi4yNTY0MTc0NwkxNzE0Nzc2NjI2CWFkXzYzXzA%3D&l=OAliNzYxNzZkNTUxOGViYzVmNjQzZDQ2OTA5NzZjMWVlNAkwCTM1CTAJODBhMjkxMWZjY2M3ODA5Y2RhY2I2MjUzNjU1ZGY1MzcJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNzE0Nzc2NjI2CTAuMDAwMTU4CU4JMAkxCTgzMAkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkx | 64.190.63.136 | 302 Found | 0 B |
URL User Request GET HTTP/2ww16.best-targeted-traffic.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DhZ1sAwn7XYk_0&v=MzJmNzM1NzY0NDZiOTNmZmMxZGRhZWQ3ODE0Y2I0M2UJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM1NmEzMTY2OGRhNy4wNDA2NDc3Nwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM1NmEzMTY2OTMyNi4yNTY0MTc0NwkxNzE0Nzc2NjI2CWFkXzYzXzA%3D&l=OAliNzYxNzZkNTUxOGViYzVmNjQzZDQ2OTA5NzZjMWVlNAkwCTM1CTAJODBhMjkxMWZjY2M3ODA5Y2RhY2I2MjUzNjU1ZGY1MzcJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNzE0Nzc2NjI2CTAuMDAwMTU4CU4JMAkxCTgzMAkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkx IP64.190.63.136:443
CertificateIssuerDigiCert Inc Subjectww16.best-targeted-traffic.com FingerprintCA:2F:D5:7E:14:60:28:CB:D2:9B:F8:10:84:0E:FA:23:F3:D2:72:A9 ValidityThu, 22 Feb 2024 00:00:00 GMT - Sat, 22 Feb 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DhZ1sAwn7XYk_0&v=MzJmNzM1NzY0NDZiOTNmZmMxZGRhZWQ3ODE0Y2I0M2UJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM1NmEzMTY2OGRhNy4wNDA2NDc3Nwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM1NmEzMTY2OTMyNi4yNTY0MTc0NwkxNzE0Nzc2NjI2CWFkXzYzXzA%3D&l=OAliNzYxNzZkNTUxOGViYzVmNjQzZDQ2OTA5NzZjMWVlNAkwCTM1CTAJODBhMjkxMWZjY2M3ODA5Y2RhY2I2MjUzNjU1ZGY1MzcJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNzE0Nzc2NjI2CTAuMDAwMTU4CU4JMAkxCTgzMAkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkx HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww16.best-targeted-traffic.com/install.php?unq=5m102310501mebttgfp&version=1.7&pais=Unknown&sub1=20240502-2344-35db-92e6-6f0cc92e7ca5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Fri, 03 May 2024 22:50:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 03 May 2024 22:50:26 GMT
location: /search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DhZ1sAwn7XYk_0&v=MzJmNzM1NzY0NDZiOTNmZmMxZGRhZWQ3ODE0Y2I0M2UJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM1NmEzMTY2OGRhNy4wNDA2NDc3Nwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM1NmEzMTY2OTMyNi4yNTY0MTc0NwkxNzE0Nzc2NjI2CWFkXzYzXzA%3D&l=OAliNzYxNzZkNTUxOGViYzVmNjQzZDQ2OTA5NzZjMWVlNAkwCTM1CTAJODBhMjkxMWZjY2M3ODA5Y2RhY2I2MjUzNjU1ZGY1MzcJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNzE0Nzc2NjI2CTAuMDAwMTU4CU4JMAkxCTgzMAkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkx
pragma: no-cache
server: NginX
x-cache-miss-from: parking-7cbf88ff6b-4nqbj
x-powered-by: PHP/8.1.17
content-length: 0
X-Firefox-Spdy: h2
|
|
| xml.sedodna.com/click?i=hZ1sAwn7XYk_0 | 173.239.53.32 | 302 Found | 0 B |
URL User Request GET HTTP/1.1xml.sedodna.com/click?i=hZ1sAwn7XYk_0 IP173.239.53.32:443 ASN#27257 WEBAIR-INTERNET
CertificateIssuerGlobalSign nv-sa Subject*.sedodna.com Fingerprint78:18:D6:75:22:5D:AC:2E:48:3D:D4:A3:BD:61:5D:01:30:A2:B3:72 ValidityWed, 27 Mar 2024 09:07:28 GMT - Mon, 28 Apr 2025 09:07:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=hZ1sAwn7XYk_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww16.best-targeted-traffic.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 03 May 2024 22:50:26 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: http://recode.pw/ad?id=23970&impid=171477662584794&rkey=0&u=4158
|
|
| recode.pw/ad?id=23970&impid=171477662584794&rkey=0&u=4158 | 66.232.112.86 | 302 Found | 81 B |
URL User Request GET HTTP/1.1recode.pw/ad?id=23970&impid=171477662584794&rkey=0&u=4158 IP66.232.112.86:443
CertificateIssuerGandi Subjectrecode.pw FingerprintC8:8F:EC:AA:B1:2F:FC:4D:94:CB:6C:4F:78:BA:BA:EC:FE:B2:FB:B4 ValiditySun, 26 Nov 2023 00:00:00 GMT - Tue, 26 Nov 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash8c96adbf0175bc133c26dbbe7c1c352d 01079d189e9b509acbef89aabc00ff636cb4ce79 116edf804f0ca1f8f8f55902d51dcfae37f965283b5e490d8a1b9de93af4db22
GET /ad?id=23970&impid=171477662584794&rkey=0&u=4158 HTTP/1.1
Host: recode.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 03 May 2024 22:50:27 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 81
Connection: keep-alive
Location: https://xml.yellow-resultsbidder.com/click?i=CKj5qYNU5Ok_0
|
|
| ww16.best-targeted-traffic.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DhZ1sAwn7XYk_0&v=MzJmNzM1NzY0NDZiOTNmZmMxZGRhZWQ3ODE0Y2I0M2UJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM1NmEzMTY2OGRhNy4wNDA2NDc3Nwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM1NmEzMTY2OTMyNi4yNTY0MTc0NwkxNzE0Nzc2NjI2CWFkXzYzXzA%3D&l=OAliNzYxNzZkNTUxOGViYzVmNjQzZDQ2OTA5NzZjMWVlNAkwCTM1CTAJODBhMjkxMWZjY2M3ODA5Y2RhY2I2MjUzNjU1ZGY1MzcJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNzE0Nzc2NjI2CTAuMDAwMTU4CU4JMAkxCTgzMAkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkx | 64.190.63.136 | 302 Found | 816 B |
URL User Request GET HTTP/2ww16.best-targeted-traffic.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DhZ1sAwn7XYk_0&v=MzJmNzM1NzY0NDZiOTNmZmMxZGRhZWQ3ODE0Y2I0M2UJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM1NmEzMTY2OGRhNy4wNDA2NDc3Nwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM1NmEzMTY2OTMyNi4yNTY0MTc0NwkxNzE0Nzc2NjI2CWFkXzYzXzA%3D&l=OAliNzYxNzZkNTUxOGViYzVmNjQzZDQ2OTA5NzZjMWVlNAkwCTM1CTAJODBhMjkxMWZjY2M3ODA5Y2RhY2I2MjUzNjU1ZGY1MzcJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNzE0Nzc2NjI2CTAuMDAwMTU4CU4JMAkxCTgzMAkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkx IP64.190.63.136:443
CertificateIssuerDigiCert Inc Subjectww16.best-targeted-traffic.com FingerprintCA:2F:D5:7E:14:60:28:CB:D2:9B:F8:10:84:0E:FA:23:F3:D2:72:A9 ValidityThu, 22 Feb 2024 00:00:00 GMT - Sat, 22 Feb 2025 23:59:59 GMT
Hash82b38d09a08916c2086d861dabc9692c 2f91d11c5377fc6ec7fa1576ee1c86fa83bdc415 482871718ea30897d49c4c74cfa5c09c8b91e2f1153a8d98029f5deb9616eb91
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DhZ1sAwn7XYk_0&v=MzJmNzM1NzY0NDZiOTNmZmMxZGRhZWQ3ODE0Y2I0M2UJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM1NmEzMTY2OGRhNy4wNDA2NDc3Nwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202NjM1NmEzMTY2OTMyNi4yNTY0MTc0NwkxNzE0Nzc2NjI2CWFkXzYzXzA%3D&l=OAliNzYxNzZkNTUxOGViYzVmNjQzZDQ2OTA5NzZjMWVlNAkwCTM1CTAJODBhMjkxMWZjY2M3ODA5Y2RhY2I2MjUzNjU1ZGY1MzcJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNzE0Nzc2NjI2CTAuMDAwMTU4CU4JMAkxCTgzMAkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkx HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww16.best-targeted-traffic.com/install.php?unq=5m102310501mebttgfp&version=1.7&pais=Unknown&sub1=20240502-2344-35db-92e6-6f0cc92e7ca5
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Fri, 03 May 2024 22:50:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 03 May 2024 22:50:26 GMT
location: https://xml.sedodna.com/click?i=hZ1sAwn7XYk_0
pragma: no-cache
server: NginX
x-cache-miss-from: parking-7cbf88ff6b-tlz7g
x-powered-by: PHP/8.1.17
X-Firefox-Spdy: h2
|
|
| xml.yellow-resultsbidder.com/click?i=CKj5qYNU5Ok_0 | 198.134.116.29 | 302 Found | 0 B |
URL User Request GET HTTP/1.1xml.yellow-resultsbidder.com/click?i=CKj5qYNU5Ok_0 IP198.134.116.29:443 ASN#27257 WEBAIR-INTERNET
CertificateIssuerLet's Encrypt Subjectyellow-resultsbidder.com FingerprintBC:AE:5D:E8:4C:F1:C3:73:17:2A:0B:3D:1E:B1:E7:9E:D7:3E:A8:9E ValidityMon, 29 Apr 2024 06:58:09 GMT - Sun, 28 Jul 2024 06:58:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=CKj5qYNU5Ok_0 HTTP/1.1
Host: xml.yellow-resultsbidder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 03 May 2024 22:50:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=619244&siteid=4158&cost=0.0006&conversion=AUgHV5Xf5Po
|
|
| track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=619244&siteid=4158&cost=0.0006&conversion=AUgHV5Xf5Po | 143.204.55.53 | 302 Found | 0 B |
URL User Request GET HTTP/2track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=619244&siteid=4158&cost=0.0006&conversion=AUgHV5Xf5Po IP143.204.55.53:443
CertificateIssuerAmazon Subjecttrack.jajaloop.com FingerprintB2:8B:F7:DA:FA:DB:BD:98:DB:88:6D:5F:F8:30:A6:60:19:63:73:FE ValidityWed, 17 Apr 2024 00:00:00 GMT - Fri, 16 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=619244&siteid=4158&cost=0.0006&conversion=AUgHV5Xf5Po HTTP/1.1
Host: track.jajaloop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
location: https://www.linkbux.com/track/b5b20v1WkH7yi3TVxNZSP_bZiP8BiX_bmVlpBSmwsA0XJAnB4zpMQWeZu6ygAKfBA4KJDLBkXLkA_c_c?url=http%3A%2F%2Fwww.dyrekassen.no&uid=wdrhd8qrtrdj2m113bj05ia4&uid2=6354964
date: Fri, 03 May 2024 22:50:28 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: 717a0983-e961-4ed5-98dc-35fbb30c40f8-v4=AxM-dt4s2mydbWhe8jBU1nG5sWFeLTmvBMKrwjMeZxg; Max-Age=86400; Expires=Sat, 04-May-2024 22:50:28 GMT; Domain=track.jajaloop.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22wdrhd8qrtrdj2m113bj05ia4%22%2C%22caid%22%3A%22717a0983-e961-4ed5-98dc-35fbb30c40f8%22%7D; Max-Age=31536000; Expires=Sat, 03-May-2025 22:50:28 GMT; Domain=track.jajaloop.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eNXDIN9e05JbXYeS-EmtSwm_HcLcmctYDLEyt18dGRiDWCdbZmPvow==
X-Firefox-Spdy: h2
|
|
| status.rapidssl.com/ | 192.229.221.95 | | 471 B |
IP192.229.221.95:0
Hash4e9fbd92063d9b53e684dbc908d2a828 6779e0c199b7af102f1cb65d853d6fcfdac2b807 0495c0931f5700d2a7554f62bcc1ebf856c3c40359a3401f91bd6e823d367957
POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5728
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Fri, 03 May 2024 22:50:28 GMT
Last-Modified: Fri, 03 May 2024 21:15:00 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
|
|
| www.linkbux.com/track/b5b20v1WkH7yi3TVxNZSP_bZiP8BiX_bmVlpBSmwsA0XJAnB4zpMQWeZu6ygAKfBA4KJDLBkXLkA_c_c?url=http%3A%2F%2Fwww.dyrekassen.no&uid=wdrhd8qrtrdj2m113bj05ia4&uid2=6354964 | 163.181.1.231 | 200 OK | 551 B |
URL User Request GET HTTP/1.1www.linkbux.com/track/b5b20v1WkH7yi3TVxNZSP_bZiP8BiX_bmVlpBSmwsA0XJAnB4zpMQWeZu6ygAKfBA4KJDLBkXLkA_c_c?url=http%3A%2F%2Fwww.dyrekassen.no&uid=wdrhd8qrtrdj2m113bj05ia4&uid2=6354964 IP163.181.1.231:443 ASN#24429 Zhejiang Taobao Network Co.,Ltd
CertificateIssuerDigiCert Inc Subject*.linkbux.com Fingerprint85:43:2D:A8:86:CB:B4:03:47:26:A7:87:5A:80:9D:1E:E1:55:C2:92 ValidityWed, 26 Jul 2023 00:00:00 GMT - Thu, 08 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text Hashfc3ee34210274db22682fe00923ba917 d6d2c6640e12f1dd29697a61a2642bf006ee8670 e089dec7be6beb581345d3474985db6309f1e1529bddec2e402aa6c827b222ca
GET /track/b5b20v1WkH7yi3TVxNZSP_bZiP8BiX_bmVlpBSmwsA0XJAnB4zpMQWeZu6ygAKfBA4KJDLBkXLkA_c_c?url=http%3A%2F%2Fwww.dyrekassen.no&uid=wdrhd8qrtrdj2m113bj05ia4&uid2=6354964 HTTP/1.1
Host: www.linkbux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 03 May 2024 22:50:28 GMT
Vary: Accept-Encoding
Set-Cookie: discuz_2132_saltkey=ttTTMfrD; expires=Sun, 02-Jun-2024 22:50:28 GMT; Max-Age=2592000; path=/; httponly
discuz_2132_lang=en; path=/
discuz_2132_lang=en; path=/
Content-Encoding: gzip
Via: cache22.l2us2[104,0], cache3.ru6[277,0]
Timing-Allow-Origin: *
EagleId: a3b5019717147766282312877e
|
|
| r.secprf.com/v1/redirect?url=http%3A%2F%2Fwww.dyrekassen.no&api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_4zxu1ia | 54.154.136.171 | 403 Forbidden | 64 B |
URL User Request GET HTTP/2r.secprf.com/v1/redirect?url=http%3A%2F%2Fwww.dyrekassen.no&api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_4zxu1ia IP54.154.136.171:443
CertificateIssuerLet's Encrypt Subjectlinksprf.com FingerprintFB:04:66:40:AF:53:56:65:25:C8:A3:54:2D:ED:20:75:A5:4C:EB:58 ValidityThu, 02 May 2024 08:32:50 GMT - Wed, 31 Jul 2024 08:32:49 GMT
Hashc35197df833a741f768d0fc1d11a8abf 834833754771f9e3e38036225543acad8cf66c44 9555bc5e7cc410cc7a7e97114b20c1f1a95ad80ff0e2f8788967885fb46a6e1f
GET /v1/redirect?url=http%3A%2F%2Fwww.dyrekassen.no&api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_4zxu1ia HTTP/1.1
Host: r.secprf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkbux.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 03 May 2024 22:50:29 GMT
content-type: application/json
content-length: 64
set-cookie: ykuid=e01672c3cf5340bb997e97cfa2ae1abd; Path=/; Secure; Domain=.secprf.com; Max-Age=31536000; SameSite=None
JSESSIONID=7324C2A63BDAC8F7FACF286965C1774D; Path=/; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|