| seizefortunesdefiant.com/200ebb4e?dev=r&key=be24ee88dcb9607cc7f4c0ef08abbd1d&kw=[%22legend%22,%22of%22,%22the%22,%22northern%22,%22blade%22,%22-%22,%22chapter%22,%2252%22,%22-%22,%22manhwatop%22]&mme=85&psid=CF-2967-new_0&refer=https://manhwatop.com/manga/legend-of-the-northern-blade-series/chapter-52/&res=14.31&scrHeight=1080&scrWidth=2560&ship=&sub3=invoke_layer&tz=-5&uuid=bb033660-666b-4c95-baed-f8a78cc0a8a5:1:1&v=24.4.2204 | 172.240.108.76 | | 1.7 kB |
URL seizefortunesdefiant.com/200ebb4e?dev=r&key=be24ee88dcb9607cc7f4c0ef08abbd1d&kw=[%22legend%22,%22of%22,%22the%22,%22northern%22,%22blade%22,%22-%22,%22chapter%22,%2252%22,%22-%22,%22manhwatop%22]&mme=85&psid=CF-2967-new_0&refer=https://manhwatop.com/manga/legend-of-the-northern-blade-series/chapter-52/&res=14.31&scrHeight=1080&scrWidth=2560&ship=&sub3=invoke_layer&tz=-5&uuid=bb033660-666b-4c95-baed-f8a78cc0a8a5:1:1&v=24.4.2204 IP172.240.108.76:0
File typeHTML document, ASCII text, with very long lines (938) Hash5c0ddd0f0b6fcacb9d5054db7b2949ea c56f5bde64a4b7f72501ecfd82259aaa08d87497 00384e9df3b443262eb37eee37aa9aae40923f0554a5394f583e226a232e5181
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /200ebb4e?dev=r&key=be24ee88dcb9607cc7f4c0ef08abbd1d&kw=[%22legend%22,%22of%22,%22the%22,%22northern%22,%22blade%22,%22-%22,%22chapter%22,%2252%22,%22-%22,%22manhwatop%22]&mme=85&psid=CF-2967-new_0&refer=https://manhwatop.com/manga/legend-of-the-northern-blade-series/chapter-52/&res=14.31&scrHeight=1080&scrWidth=2560&ship=&sub3=invoke_layer&tz=-5&uuid=bb033660-666b-4c95-baed-f8a78cc0a8a5:1:1&v=24.4.2204 HTTP/1.1
Host: seizefortunesdefiant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 05:10:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=19845092; expires=Fri, 19 Apr 2024 05:10:54 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg0NTA5MiwiayI6ImJlMjRlZTg4ZGNiOTYwN2NjN2Y0YzBlZjA4YWJiZDFkIiwic2lkIjoiQ0YtMjk2Ny1uZXdfMCIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTUyNjE3NSwicGlkIjozMDA2NjEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjIsImFpZCI6MjgsInB0Ijo0LCJwayI6IjIwMGViYjRlIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21hbmh3YXRvcC5jb20vbWFuZ2EvbGVnZW5kLW9mLXRoZS1ub3J0aGVybi1ibGFkZS1zZXJpZXMvY2hhcHRlci01Mi8iLCJhciI6W119fQ.aaR-Hi0fDxderEwHKwpAdh3l7yxnVfJVCpJCHshGuy8; expires=Thu, 18 Apr 2024 05:11:54 GMT
uid_id2=bb033660-666b-4c95-baed-f8a78cc0a8a5:1:1; expires=Thu, 25 Apr 2024 05:10:54 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 829da1c7973c9b08cb0aa30c91b6df7f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| seizefortunesdefiant.com/api/users?token=LzIwMGViYjRlP2Rldj1yJmtleT1iZTI0ZWU4OGRjYjk2MDdjYzdmNGMwZWYwOGFiYmQxZCZrdz0lNUIlMjJsZWdlbmQlMjIlMkMlMjJvZiUyMiUyQyUyMnRoZSUyMiUyQyUyMm5vcnRoZXJuJTIyJTJDJTIyYmxhZGUlMjIlMkMlMjItJTIyJTJDJTIyY2hhcHRlciUyMiUyQyUyMjUyJTIyJTJDJTIyLSUyMiUyQyUyMm1hbmh3YXRvcCUyMiU1RCZtbWU9ODUmcHNpZD1DRi0yOTY3LW5ld18wJnBzdD0xNzEzNDE3MTE0JnJlZmVyPWh0dHBzJTNBJTJGJTJGbWFuaHdhdG9wLmNvbSUyRm1hbmdhJTJGbGVnZW5kLW9mLXRoZS1ub3J0aGVybi1ibGFkZS1zZXJpZXMlMkZjaGFwdGVyLTUyJTJGJnJlcz0xNC4zMSZybXRjPXQmc2NySGVpZ2h0PTEwODAmc2NyV2lkdGg9MjU2MCZzaGlwPSZzaHU9NjY5NGMwOTMyMzY2ODk5MTlhM2M1Y2EzNDIyYzE4MGNjYjIyM2M2NjdiYjU0MDNlZjIyMTQ5NmNlYzdmMzUwZWQ4YWEwMGI3MTM0YTU3YTgxMWY0YTdkMzhkNjVkMmI0ZGJiOGM5M2IzYzNkOGI1NjkyNjAwN2RmNzEwNjYxOTMwNzdjMmNiYWM1M2E5ZDA5MjBlOTRjMGRlNzc0MTMxMTRlMGM2YjI0MzlkMTU1NDhiZjA3NDQxZGNjYjcmc3ViMz1pbnZva2VfbGF5ZXImdHo9LTUmdXVpZD1iYjAzMzY2MC02NjZiLTRjOTUtYmFlZC1mOGE3OGNjMGE4YTUlM0ExJTNBMSZ2PTI0LjQuMjIwNA&uuid=bb033660-666b-4c95-baed-f8a78cc0a8a5%3A1%3A1&pii=&in=false | 172.240.108.76 | 302 Found | 0 B |
URL User Request GET HTTP/1.1seizefortunesdefiant.com/api/users?token=LzIwMGViYjRlP2Rldj1yJmtleT1iZTI0ZWU4OGRjYjk2MDdjYzdmNGMwZWYwOGFiYmQxZCZrdz0lNUIlMjJsZWdlbmQlMjIlMkMlMjJvZiUyMiUyQyUyMnRoZSUyMiUyQyUyMm5vcnRoZXJuJTIyJTJDJTIyYmxhZGUlMjIlMkMlMjItJTIyJTJDJTIyY2hhcHRlciUyMiUyQyUyMjUyJTIyJTJDJTIyLSUyMiUyQyUyMm1hbmh3YXRvcCUyMiU1RCZtbWU9ODUmcHNpZD1DRi0yOTY3LW5ld18wJnBzdD0xNzEzNDE3MTE0JnJlZmVyPWh0dHBzJTNBJTJGJTJGbWFuaHdhdG9wLmNvbSUyRm1hbmdhJTJGbGVnZW5kLW9mLXRoZS1ub3J0aGVybi1ibGFkZS1zZXJpZXMlMkZjaGFwdGVyLTUyJTJGJnJlcz0xNC4zMSZybXRjPXQmc2NySGVpZ2h0PTEwODAmc2NyV2lkdGg9MjU2MCZzaGlwPSZzaHU9NjY5NGMwOTMyMzY2ODk5MTlhM2M1Y2EzNDIyYzE4MGNjYjIyM2M2NjdiYjU0MDNlZjIyMTQ5NmNlYzdmMzUwZWQ4YWEwMGI3MTM0YTU3YTgxMWY0YTdkMzhkNjVkMmI0ZGJiOGM5M2IzYzNkOGI1NjkyNjAwN2RmNzEwNjYxOTMwNzdjMmNiYWM1M2E5ZDA5MjBlOTRjMGRlNzc0MTMxMTRlMGM2YjI0MzlkMTU1NDhiZjA3NDQxZGNjYjcmc3ViMz1pbnZva2VfbGF5ZXImdHo9LTUmdXVpZD1iYjAzMzY2MC02NjZiLTRjOTUtYmFlZC1mOGE3OGNjMGE4YTUlM0ExJTNBMSZ2PTI0LjQuMjIwNA&uuid=bb033660-666b-4c95-baed-f8a78cc0a8a5%3A1%3A1&pii=&in=false IP172.240.108.76:443
CertificateIssuerLet's Encrypt Subjectseizefortunesdefiant.com FingerprintBD:D2:7D:32:23:2F:AC:DE:F5:AD:09:93:9F:F4:4C:8F:22:B8:9C:D5 ValidityTue, 16 Apr 2024 14:01:47 GMT - Mon, 15 Jul 2024 14:01:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/users?token=LzIwMGViYjRlP2Rldj1yJmtleT1iZTI0ZWU4OGRjYjk2MDdjYzdmNGMwZWYwOGFiYmQxZCZrdz0lNUIlMjJsZWdlbmQlMjIlMkMlMjJvZiUyMiUyQyUyMnRoZSUyMiUyQyUyMm5vcnRoZXJuJTIyJTJDJTIyYmxhZGUlMjIlMkMlMjItJTIyJTJDJTIyY2hhcHRlciUyMiUyQyUyMjUyJTIyJTJDJTIyLSUyMiUyQyUyMm1hbmh3YXRvcCUyMiU1RCZtbWU9ODUmcHNpZD1DRi0yOTY3LW5ld18wJnBzdD0xNzEzNDE3MTE0JnJlZmVyPWh0dHBzJTNBJTJGJTJGbWFuaHdhdG9wLmNvbSUyRm1hbmdhJTJGbGVnZW5kLW9mLXRoZS1ub3J0aGVybi1ibGFkZS1zZXJpZXMlMkZjaGFwdGVyLTUyJTJGJnJlcz0xNC4zMSZybXRjPXQmc2NySGVpZ2h0PTEwODAmc2NyV2lkdGg9MjU2MCZzaGlwPSZzaHU9NjY5NGMwOTMyMzY2ODk5MTlhM2M1Y2EzNDIyYzE4MGNjYjIyM2M2NjdiYjU0MDNlZjIyMTQ5NmNlYzdmMzUwZWQ4YWEwMGI3MTM0YTU3YTgxMWY0YTdkMzhkNjVkMmI0ZGJiOGM5M2IzYzNkOGI1NjkyNjAwN2RmNzEwNjYxOTMwNzdjMmNiYWM1M2E5ZDA5MjBlOTRjMGRlNzc0MTMxMTRlMGM2YjI0MzlkMTU1NDhiZjA3NDQxZGNjYjcmc3ViMz1pbnZva2VfbGF5ZXImdHo9LTUmdXVpZD1iYjAzMzY2MC02NjZiLTRjOTUtYmFlZC1mOGE3OGNjMGE4YTUlM0ExJTNBMSZ2PTI0LjQuMjIwNA&uuid=bb033660-666b-4c95-baed-f8a78cc0a8a5%3A1%3A1&pii=&in=false HTTP/1.1
Host: seizefortunesdefiant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://seizefortunesdefiant.com/api/users?token=LzIwMGViYjRlP2tleT0wZjIyYzFmZDYwOWYxM2NiNzk0N2M4Y2FiZmUxYTkwZCZzdWJtZXRyaWM9MTk4NDUwOTI
Cookie: u_pl=19845092; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg0NTA5MiwiayI6ImJlMjRlZTg4ZGNiOTYwN2NjN2Y0YzBlZjA4YWJiZDFkIiwic2lkIjoiQ0YtMjk2Ny1uZXdfMCIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTUyNjE3NSwicGlkIjozMDA2NjEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjIsImFpZCI6MjgsInB0Ijo0LCJwayI6IjIwMGViYjRlIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21hbmh3YXRvcC5jb20vbWFuZ2EvbGVnZW5kLW9mLXRoZS1ub3J0aGVybi1ibGFkZS1zZXJpZXMvY2hhcHRlci01Mi8iLCJhciI6W119fQ.aaR-Hi0fDxderEwHKwpAdh3l7yxnVfJVCpJCHshGuy8; uid_id2=bb033660-666b-4c95-baed-f8a78cc0a8a5:1:1; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 05:10:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://xml-v4.topsolutionsmedia.com/click?seat=633551&adid=633551&i=S0oilFMUYV0_0&p=1713417054.489006
Set-Cookie: uid_id2=bb033660-666b-4c95-baed-f8a78cc0a8a5:1:1; expires=Thu, 25 Apr 2024 05:10:54 GMT
pdhtkv=true; expires=Fri, 19 Apr 2024 05:10:54 GMT
uncs=1; expires=Fri, 19 Apr 2024 05:10:54 GMT
pdhtkv28=true; expires=Fri, 19 Apr 2024 05:10:54 GMT
uncs28=1; expires=Fri, 19 Apr 2024 05:10:54 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ce3dbb782cc29e273f7836d3f716e564
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| seizefortunesdefiant.com/favicon.ico | 172.240.108.68 | | 0 B |
URL seizefortunesdefiant.com/favicon.ico IP172.240.108.68:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: seizefortunesdefiant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://seizefortunesdefiant.com/api/users?token=LzIwMGViYjRlP2tleT0wZjIyYzFmZDYwOWYxM2NiNzk0N2M4Y2FiZmUxYTkwZCZzdWJtZXRyaWM9MTk4NDUwOTI
Cookie: u_pl=19845092; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg0NTA5MiwiayI6ImJlMjRlZTg4ZGNiOTYwN2NjN2Y0YzBlZjA4YWJiZDFkIiwic2lkIjoiQ0YtMjk2Ny1uZXdfMCIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTUyNjE3NSwicGlkIjozMDA2NjEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjIsImFpZCI6MjgsInB0Ijo0LCJwayI6IjIwMGViYjRlIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21hbmh3YXRvcC5jb20vbWFuZ2EvbGVnZW5kLW9mLXRoZS1ub3J0aGVybi1ibGFkZS1zZXJpZXMvY2hhcHRlci01Mi8iLCJhciI6W119fQ.aaR-Hi0fDxderEwHKwpAdh3l7yxnVfJVCpJCHshGuy8; uid_id2=bb033660-666b-4c95-baed-f8a78cc0a8a5:1:1; cjs=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 05:10:54 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4f1dca61fad1001b3315bdd820783adb
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| xml-v4.topsolutionsmedia.com/click?seat=633551&adid=633551&i=S0oilFMUYV0_0&p=1713417054.489006 | 174.137.133.17 | 302 Found | 0 B |
URL User Request GET HTTP/1.1xml-v4.topsolutionsmedia.com/click?seat=633551&adid=633551&i=S0oilFMUYV0_0&p=1713417054.489006 IP174.137.133.17:80 ASN#27257 WEBAIR-INTERNET
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?seat=633551&adid=633551&i=S0oilFMUYV0_0&p=1713417054.489006 HTTP/1.1
Host: xml-v4.topsolutionsmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Connection: keep-alive
Cache-Control: no-store
Location: https://track-eu.trackingtraffo.com/pop/imp?auth=5g3uwx&c=3E3sMeyyllwlXhhRLJ7nSS8n8Ad8xZkhrV_io29iYVl2RsLbWfdPngRGlt5NxPNNiJGvT6uVB37pTGpMhJDV-v-rNoXdmOZa5N1UjgNyZE-N7CL7LOgszZXxXbXqs0aOzYJR-DxQUQ01mPm4yZ-HvdmhzBmRif5p0h22quT2Gdw6sq57LlO0IKLby3TwmNmItY6_gH9cLZM9kGr3MeL8J4MerCWxl10UMbAEg8vAqaJcLcNCclsuEzDtAJxRWoFcNWCERb6qf6nl-bln8N-rYd97h2_ud1NjwqASTMuVoTyDsGUTBdB0-bgeyxUwcKKTAF0gz3xQPihfuGRWUjPt5zoZHoPT3zHX8SUyX7iL3lHuQs9s3KK7IvdRIPcKQc3wLRukTlZi409uocqdrS1Vr4gTYq1__rTsOT479tN-v4mJfxaFppHq0z0i_TEomZ0K4yO5npVbDsQSQ8EuK0VuxD_qASQle0PB2ouFXFIjaE2YueQ00wil1kttstg6rdKAsGTif0BAID58oFZaaUf1YoXE5wzhajc48NulbiOX-SiEjg_sz8C_AQe0EGiNHcMNZ8F0mvItPBitSz7jdOaoQqe4Urz-nQTkyePV1wolW-Ql32cJHeZzeoZ54A5MonkjgAOh--Hs_TmCpAfxepYGgkxfjDctU8qPRWw_700-YNcWEg0J
Content-Length: 0
|
|
| track-eu.trackingtraffo.com/pop/imp?auth=5g3uwx&c=3E3sMeyyllwlXhhRLJ7nSS8n8Ad8xZkhrV_io29iYVl2RsLbWfdPngRGlt5NxPNNiJGvT6uVB37pTGpMhJDV-v-rNoXdmOZa5N1UjgNyZE-N7CL7LOgszZXxXbXqs0aOzYJR-DxQUQ01mPm4yZ-HvdmhzBmRif5p0h22quT2Gdw6sq57LlO0IKLby3TwmNmItY6_gH9cLZM9kGr3MeL8J4MerCWxl10UMbAEg8vAqaJcLcNCclsuEzDtAJxRWoFcNWCERb6qf6nl-bln8N-rYd97h2_ud1NjwqASTMuVoTyDsGUTBdB0-bgeyxUwcKKTAF0gz3xQPihfuGRWUjPt5zoZHoPT3zHX8SUyX7iL3lHuQs9s3KK7IvdRIPcKQc3wLRukTlZi409uocqdrS1Vr4gTYq1__rTsOT479tN-v4mJfxaFppHq0z0i_TEomZ0K4yO5npVbDsQSQ8EuK0VuxD_qASQle0PB2ouFXFIjaE2YueQ00wil1kttstg6rdKAsGTif0BAID58oFZaaUf1YoXE5wzhajc48NulbiOX-SiEjg_sz8C_AQe0EGiNHcMNZ8F0mvItPBitSz7jdOaoQqe4Urz-nQTkyePV1wolW-Ql32cJHeZzeoZ54A5MonkjgAOh--Hs_TmCpAfxepYGgkxfjDctU8qPRWw_700-YNcWEg0J | 162.55.236.100 | 302 Found | 0 B |
URL User Request GET HTTP/1.1track-eu.trackingtraffo.com/pop/imp?auth=5g3uwx&c=3E3sMeyyllwlXhhRLJ7nSS8n8Ad8xZkhrV_io29iYVl2RsLbWfdPngRGlt5NxPNNiJGvT6uVB37pTGpMhJDV-v-rNoXdmOZa5N1UjgNyZE-N7CL7LOgszZXxXbXqs0aOzYJR-DxQUQ01mPm4yZ-HvdmhzBmRif5p0h22quT2Gdw6sq57LlO0IKLby3TwmNmItY6_gH9cLZM9kGr3MeL8J4MerCWxl10UMbAEg8vAqaJcLcNCclsuEzDtAJxRWoFcNWCERb6qf6nl-bln8N-rYd97h2_ud1NjwqASTMuVoTyDsGUTBdB0-bgeyxUwcKKTAF0gz3xQPihfuGRWUjPt5zoZHoPT3zHX8SUyX7iL3lHuQs9s3KK7IvdRIPcKQc3wLRukTlZi409uocqdrS1Vr4gTYq1__rTsOT479tN-v4mJfxaFppHq0z0i_TEomZ0K4yO5npVbDsQSQ8EuK0VuxD_qASQle0PB2ouFXFIjaE2YueQ00wil1kttstg6rdKAsGTif0BAID58oFZaaUf1YoXE5wzhajc48NulbiOX-SiEjg_sz8C_AQe0EGiNHcMNZ8F0mvItPBitSz7jdOaoQqe4Urz-nQTkyePV1wolW-Ql32cJHeZzeoZ54A5MonkjgAOh--Hs_TmCpAfxepYGgkxfjDctU8qPRWw_700-YNcWEg0J IP162.55.236.100:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pop/imp?auth=5g3uwx&c=3E3sMeyyllwlXhhRLJ7nSS8n8Ad8xZkhrV_io29iYVl2RsLbWfdPngRGlt5NxPNNiJGvT6uVB37pTGpMhJDV-v-rNoXdmOZa5N1UjgNyZE-N7CL7LOgszZXxXbXqs0aOzYJR-DxQUQ01mPm4yZ-HvdmhzBmRif5p0h22quT2Gdw6sq57LlO0IKLby3TwmNmItY6_gH9cLZM9kGr3MeL8J4MerCWxl10UMbAEg8vAqaJcLcNCclsuEzDtAJxRWoFcNWCERb6qf6nl-bln8N-rYd97h2_ud1NjwqASTMuVoTyDsGUTBdB0-bgeyxUwcKKTAF0gz3xQPihfuGRWUjPt5zoZHoPT3zHX8SUyX7iL3lHuQs9s3KK7IvdRIPcKQc3wLRukTlZi409uocqdrS1Vr4gTYq1__rTsOT479tN-v4mJfxaFppHq0z0i_TEomZ0K4yO5npVbDsQSQ8EuK0VuxD_qASQle0PB2ouFXFIjaE2YueQ00wil1kttstg6rdKAsGTif0BAID58oFZaaUf1YoXE5wzhajc48NulbiOX-SiEjg_sz8C_AQe0EGiNHcMNZ8F0mvItPBitSz7jdOaoQqe4Urz-nQTkyePV1wolW-Ql32cJHeZzeoZ54A5MonkjgAOh--Hs_TmCpAfxepYGgkxfjDctU8qPRWw_700-YNcWEg0J HTTP/1.1
Host: track-eu.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 18 Apr 2024 05:10:55 GMT
Content-Length: 0
Connection: keep-alive
Location: https://plinksplanet.com/click.php?key=p8r5m0rwnfbjuk2do14m&clickid=acc682fc-aa69-45b5-a7a6-e83b01fd4dc8&cost=0.0031&PUB_ID=426&SUB_ID=581332_489006_19845092&KEYWORD=Anime&SUBSCRIBER_ID=&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0031&CR_ID=363153
|
|
| plinksplanet.com/click.php?key=p8r5m0rwnfbjuk2do14m&clickid=acc682fc-aa69-45b5-a7a6-e83b01fd4dc8&cost=0.0031&PUB_ID=426&SUB_ID=581332_489006_19845092&KEYWORD=Anime&SUBSCRIBER_ID=&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0031&CR_ID=363153 | 23.88.80.32 | 302 Found | 0 B |
URL User Request GET HTTP/1.1plinksplanet.com/click.php?key=p8r5m0rwnfbjuk2do14m&clickid=acc682fc-aa69-45b5-a7a6-e83b01fd4dc8&cost=0.0031&PUB_ID=426&SUB_ID=581332_489006_19845092&KEYWORD=Anime&SUBSCRIBER_ID=&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0031&CR_ID=363153 IP23.88.80.32:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectplinksplanet.com Fingerprint8F:DC:E5:EE:9A:5C:35:FE:35:A3:81:ED:70:D0:B9:A6:F5:55:86:93 ValidityThu, 04 Apr 2024 10:17:31 GMT - Wed, 03 Jul 2024 10:17:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?key=p8r5m0rwnfbjuk2do14m&clickid=acc682fc-aa69-45b5-a7a6-e83b01fd4dc8&cost=0.0031&PUB_ID=426&SUB_ID=581332_489006_19845092&KEYWORD=Anime&SUBSCRIBER_ID=&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0031&CR_ID=363153 HTTP/1.1
Host: plinksplanet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.24.0
Date: Thu, 18 Apr 2024 05:10:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=qebzocgmfe; expires=Fri, 19-Apr-2024 05:10:55 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=qebzocgmfe-qebzocgmfe-fvik-0-15a8-hem7vr-hem7fe-1ef206; expires=Fri, 19-Apr-2024 05:10:55 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://media.playamopartners.com/redirect.aspx?pid=164550&bid=2058&lpid=933&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=76ac5qebzocgmfeb35
Strict-Transport-Security: max-age=31536000
|
|
| media.playamopartners.com/redirect.aspx?pid=164550&bid=2058&lpid=933&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=76ac5qebzocgmfeb35 | 13.107.246.53 | 403 Forbidden | 409 B |
URL User Request GET HTTP/2media.playamopartners.com/redirect.aspx?pid=164550&bid=2058&lpid=933&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=76ac5qebzocgmfeb35 IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerSectigo Limited Subjectplayamopartners.com Fingerprint16:3C:F2:41:6E:3B:D2:D1:86:A4:F2:51:FE:D8:0A:37:2D:19:60:6A ValidityThu, 22 Feb 2024 00:00:00 GMT - Fri, 21 Feb 2025 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hash86eebf6f87d804d113e0fa4307e7c1ea 6c5a8b9b8adec93876feb798c0c34f625d2945a9 643cb33f34f42971dcd1b6e216fa19e871787e758bf321d0a4275336bb05b355
GET /redirect.aspx?pid=164550&bid=2058&lpid=933&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=76ac5qebzocgmfeb35 HTTP/1.1
Host: media.playamopartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 18 Apr 2024 05:10:55 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240418T051055Z-17f9dd4c48bshvwpkzz0q1h4cs00000001r0000000001p70
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| media.playamopartners.com/favicon.ico | 13.107.213.53 | 403 Forbidden | 409 B |
URL GET HTTP/2media.playamopartners.com/favicon.ico IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://media.playamopartners.com/redirect.aspx?pid=164550&bid=2058&lpid=933&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=76ac5qebzocgmfeb35 CertificateIssuerSectigo Limited Subjectplayamopartners.com Fingerprint16:3C:F2:41:6E:3B:D2:D1:86:A4:F2:51:FE:D8:0A:37:2D:19:60:6A ValidityThu, 22 Feb 2024 00:00:00 GMT - Fri, 21 Feb 2025 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hash4a3cbf3b9277327d835745e1f027e1f4 12b680cf2c02f33deffbc2f582579922ca0afb69 589df8223a19251e61928a1e9710e6ff0ed89b4a6d6e73ade374cd28d6a9cf4f
GET /favicon.ico HTTP/1.1
Host: media.playamopartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://media.playamopartners.com/redirect.aspx?pid=164550&bid=2058&lpid=933&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=76ac5qebzocgmfeb35
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 18 Apr 2024 05:10:56 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240418T051056Z-17f9dd4c48bdlnqsc31aw7n03c00000001m00000000065e4
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|