| cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js | 104.17.24.14 | 200 OK | 27 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js IP104.17.24.14:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 27446
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64ed75bb-6b36"
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8022
expires: Sun, 27 Apr 2025 21:15:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1SZ5j15VPkD%2BmlGRXEFLolexaew%2BbQURFcfhBNu7jdICVLSqRHxUin8ZYceDnksHznZS5lJxsOaTopYNHeiYSfCHEznnw1%2FnNo%2B7%2Fw7mNKS4kX73abgFsC9YXI2IWXFg6DyYSsNj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88043a6a6b4c0b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css | 104.17.24.14 | 200 OK | 23 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css IP104.17.24.14:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (65342) Hasha549af2a81cd9900ee897d8bc9c4b5e9 c5ac1dee961cb59a045256ec203f69e317872f7c 3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8
GET /ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: text/css; charset=utf-8
content-length: 22709
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65d4c5f6-58b5"
last-modified: Tue, 20 Feb 2024 15:32:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 608615
expires: Sun, 27 Apr 2025 21:15:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ad8KMPWtJl79bCOHfYajMFjskFMPODh7%2BAZTpFh6GnlopGcdupDVq7x0hM1DPaHoVnAn0xBnJi4dcIJkCC47jXO%2BE1AMHDYUr5YMNa2KCsI150TuTKdTzMb9iidpMCd4vMzLa83A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88043a6a7b540b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css | 104.17.24.14 | 200 OK | 10 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css IP104.17.24.14:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (59119) Hashecd507b3125edc4d2a03aa6ae5d07da9 a57ee68d11601b0fd8e5037fc241ff65a754473c 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
GET /ajax/libs/font-awesome/5.15.4/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: text/css; charset=utf-8
content-length: 10462
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613fa20b-28de"
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 614257
expires: Sun, 27 Apr 2025 21:15:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbK6s%2FPdOqjUFJLsHXFBXfpEd5TIP2UV0vyNxQvxbRoG7tUJj3gWNiZ%2FSW5hJq6WgpA%2ByE7U8UQkZkbbAgdPBEgb5F%2FVCPcWEplfrppjFF0sTNwPpTzAFHxY4bTJI%2Fe%2FJchuJmVj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88043a6a8b630b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.js | 104.17.24.14 | 200 OK | 36 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.js IP104.17.24.14:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (620) Hash4d456e43291a691699c12a9027f1f13a e2e691b338e64a94e68be7f4d2aded08fcca0759 9a4a11a15db88d5fab08f59c1c34796b03f1f15bb3cc928dd226e1c59f7f59a3
GET /ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 36257
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65d4c5f6-8da1"
last-modified: Tue, 20 Feb 2024 15:32:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 622470
expires: Sun, 27 Apr 2025 21:15:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlGxoAttWchKgW1xkjf4EkLGtv2MASSmFaz7yZbffJu1Ggtfk6wD6drvmulNliuzXn1azx3MoHvdx7K4We8DSmD7iKqmqYoaeqCgmt5P7iZFg%2B6SkGK4LcjX66%2Fk4XPJBDybB1qE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88043a6a8b660b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/seasons/162/letter-00.png | 104.26.2.21 | 200 OK | 25 kB |
URL GET HTTP/2iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/seasons/162/letter-00.png IP104.26.2.21:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerGoogle Trust Services LLC Subjectiwanttogetmore.com Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8 ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT
File typePNG image data, 258 x 184, 8-bit/color RGBA, non-interlaced Hashe45d217d96fcfdecd2f0d236e06b6b30 82ece521c195148c117d760e536fc17b9a0e4801 084e31c469393993b821513561acd20fd163fd41836affac626b5c868ec06720
GET /assets/146aq92/estar210-supermarketSobres3ld12u/900/seasons/162/letter-00.png HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:56 GMT
content-type: image/png
content-length: 25236
last-modified: Mon, 06 May 2024 09:54:20 GMT
etag: "6638a8cc-6294"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5018
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKMIWAXT8nvIQ2tLDoKX1p0tor9hw7SOhCAlmaq9Pr2zSUgK4BnpwNX1fcPF%2F61k8MQb5y%2Bxxe87FAfF8XrIaLPVm5E53VXn34kkvisyH%2Bn659XDEvPpIdsyWavFk3f7llesTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6c3831b511-OSL
X-Firefox-Spdy: h2
|
|
| woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js | 139.45.197.251 | 200 OK | 17 kB |
URL GET HTTP/2woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js IP139.45.197.251:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerLet's Encrypt Subjectwoudaufe.net Fingerprint97:B7:E3:B4:46:26:82:1A:84:6C:4D:15:C2:B7:B8:FE:0F:00:67:F5 ValidityMon, 15 Apr 2024 05:41:42 GMT - Sun, 14 Jul 2024 05:41:41 GMT
File typegzip compressed data, max speed, from Unix Hashd88919695b00582685c99d414f28f6db 44c2929293dfe5d7cd0757d1d7e76b08e9de919d b7c8255c01c7666304393288a644b40d1b3cce9b9075424913f47109eae2aebf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js HTTP/1.1
Host: woudaufe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:15:56 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:51 GMT
etag: W/"662a3513-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| woudaufe.net/zone?&pub=0&zone_id=5759770&is_mobile=false&domain=iwanttogetmore.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=4d9b05c9-516c-48fa-9965-f65272e4ecae&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2woudaufe.net/zone?&pub=0&zone_id=5759770&is_mobile=false&domain=iwanttogetmore.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=4d9b05c9-516c-48fa-9965-f65272e4ecae&action=prerequest IP139.45.197.251:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerLet's Encrypt Subjectwoudaufe.net Fingerprint97:B7:E3:B4:46:26:82:1A:84:6C:4D:15:C2:B7:B8:FE:0F:00:67:F5 ValidityMon, 15 Apr 2024 05:41:42 GMT - Sun, 14 Jul 2024 05:41:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5759770&is_mobile=false&domain=iwanttogetmore.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=4d9b05c9-516c-48fa-9965-f65272e4ecae&action=prerequest HTTP/1.1
Host: woudaufe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:15:56 GMT
content-length: 0
x-trace-id: 719fa6d963afb6c8a70e3cb44c8dc8e4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://iwanttogetmore.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 255
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:15:56 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 62cb63b409931e5ed60d25cc28b0f64f
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://iwanttogetmore.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 257
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:15:56 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a4bfc042af785bec4885dbdf30cb9969
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://iwanttogetmore.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 258
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:15:56 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 88da1362ad2211f0061d7621cc230cdc
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://iwanttogetmore.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://iwanttogetmore.com/
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:15:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://iwanttogetmore.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashdd6ce5a54466b34244d5ed37d15be10f 9e1908c6306e72100eae4ee9598a93645e339a03 91b1fac37482ad8f2f2831972f56736204ff8468fb42023994eda4433750d0f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iwanttogetmore.com/
Content-Type: application/json
Content-Length: 875
Origin: https://iwanttogetmore.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:15:56 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://iwanttogetmore.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap | 142.250.74.106 | 200 OK | 3.4 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap IP142.250.74.106:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash906959bb3fa223045c286acde976330d 227a2ad95d8524d7ca4050d29f2222305a6f00c7 635f649cd3783e1d6a447445c6cbda82df6e09ef3ce938aaea27b97ce9d1d6e5
GET /css2?family=Roboto:wght@400;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 21:15:55 GMT
date: Tue, 07 May 2024 21:15:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/css/style.min.css?v=1.14 | 104.26.2.21 | 200 OK | 8.0 kB |
URL GET HTTP/2iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/css/style.min.css?v=1.14 IP104.26.2.21:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerGoogle Trust Services LLC Subjectiwanttogetmore.com Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8 ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT
File typeASCII text, with very long lines (7965), with no line terminators Hash2262c2e53a8b322777b6eb511d29af7c a29de156da1bd664d0efa52a29a99972876875ed 332d038e0a8f9aa4d78be40da4977133f4679121160024b2590f8f513afcea44
GET /assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/css/style.min.css?v=1.14 HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: text/css
last-modified: Mon, 06 May 2024 09:47:27 GMT
etag: W/"6638a72f-1f1b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5018
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FfFwSC6pROBVLOZ1AjUwty8BGRlYgwMTgb8xqvjwwH2Kp8tmUcJeNu%2BcNxvSI85yZQyXm1wD4tQigCSAOVFVFPGQNLFC7Di0YQP%2FQtnfi%2Fv9wf2FYGh9KQQW9E0RkZ8hNXTGPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6a1cb2b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/themes/tar/210-supermarket/favicon.png | 104.26.2.21 | 200 OK | 2.5 kB |
URL GET HTTP/2iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/themes/tar/210-supermarket/favicon.png IP104.26.2.21:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerGoogle Trust Services LLC Subjectiwanttogetmore.com Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8 ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashadacb828139375adbd92f9f1bea5d012 f3e090aca77454b266360f17967b65add7292ce8 1fe30add0127d73534be3fdf272792c18f54bb4a5d6b335221b2587ac9e99fe6
GET /assets/146aq92/estar210-supermarketSobres3ld12u/900/themes/tar/210-supermarket/favicon.png HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:56 GMT
content-type: image/png
content-length: 2512
last-modified: Mon, 06 May 2024 09:54:20 GMT
etag: "6638a8cc-9d0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5018
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZBWQJ%2FWMmgZvpVfVYuyM5v3ejlCF5cb3D194H3EjpDeqrEWmgeT7Qx9tLuBcXQLm2GQJbX9SXrkEKqtazxXvHeAsGlovgR7pXt2WLarCR6kFhWtnNZEiyDnlLLWaWRv4WWJELw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6d19a2b511-OSL
X-Firefox-Spdy: h2
|
|
| iwanttogetmore.com/sw-check-permissions-82431.js?zoneId=5759770 | 104.26.2.21 | 200 OK | 566 B |
URL GET HTTP/2iwanttogetmore.com/sw-check-permissions-82431.js?zoneId=5759770 IP104.26.2.21:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerGoogle Trust Services LLC Subjectiwanttogetmore.com Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8 ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT
File typeASCII text, with very long lines (605), with no line terminators Hash686535c4472d3a1b2f93529397abd300 131f74272eec6fe9819d587917ccf776153b66e4 38ad0f3b4884f108391ab18dfb9d0b69ca2fe3f6f7932f59a3d70aeaee087d8b
GET /sw-check-permissions-82431.js?zoneId=5759770 HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:56 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2024 09:47:27 GMT
etag: W/"6638a72f-236"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5018
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gi8%2FitfphESdsjC87sDtQtq73tw3j4Cxudb70LXg2nMNiO4Vck6ETW8fsTaFulJXbU6T7CKNCXnWiznDjHyifAF1zBacFyGlkdqFRAAbDsaWsvwD2yRPVUubTiI%2FpHI0xDYSYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6d9a64b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/templates/box/box_letter.css?v=1.14 | 104.26.2.21 | 200 OK | 3.2 kB |
URL GET HTTP/2iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/templates/box/box_letter.css?v=1.14 IP104.26.2.21:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerGoogle Trust Services LLC Subjectiwanttogetmore.com Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8 ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT
File typeASCII text, with very long lines (3396), with no line terminators Hashba6242d390b0c782b79ba07cbe5118fe 2f60a5d46063f9005f3d7b641a834c4113a11e1e 219ee9df98776c5d29468ba8deb3c5622f88a7b08edda067dcb1d3645d9463c0
GET /assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/templates/box/box_letter.css?v=1.14 HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: text/css
last-modified: Mon, 06 May 2024 09:47:27 GMT
etag: W/"6638a72f-c8b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5018
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pYV2QZdsHTjXZuPgvj6QeTIBnto8q2zJwUHfCSD4qyKXVcCsFyl2hN0kIgZ%2F5AVNiad7ByExc15ykn8rAWtlNtVYtMumLGxPNempSr0CGLF0hKSI0027wcFCc17hQe4hTdHKFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6a2cc8b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/box_o.js?v=1.14 | 104.26.2.21 | 200 OK | 4.2 kB |
URL GET HTTP/2iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/box_o.js?v=1.14 IP104.26.2.21:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerGoogle Trust Services LLC Subjectiwanttogetmore.com Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8 ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT
File typeJavaScript source, ASCII text, with very long lines (4184), with no line terminators Hash540bfe138c793172e999f49b394ee71e d9bd4b33fc83ba9c878365eb93b214f0e8f1b44b b38ef2303ee7080d8fa982a22f79ebbfc138ac7f69bbc27f2d61ed1c9d60c7f1
GET /assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/box_o.js?v=1.14 HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2024 09:47:27 GMT
etag: W/"6638a72f-1053"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5017
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s7%2FOu3Mj10cf4cdBD9MRL4aDwvVc3py6UBjXFlr6y4DkOGi2uThwHBC7k3x0RnNUlGRFWPfGO0B%2Bf61sDFQoAFJ7B6Ctu1jN7Eamre9brPlVAP6tv3r5UR%2F1miaKcd1g1%2F9OUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6a2ccab511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/preload_o.min.js?v=1.14 | 104.26.2.21 | 200 OK | 18 kB |
URL GET HTTP/2iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/preload_o.min.js?v=1.14 IP104.26.2.21:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerGoogle Trust Services LLC Subjectiwanttogetmore.com Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8 ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT
File typeJavaScript source, ASCII text, with very long lines (17559), with no line terminators Hasha32d40b2f01f5a74c8077e46a4a8a73d 7abaeaf47545c71abc18c731d7bdfcbabcda087f b55e30ce0e6f42daacd35842c1edfc675673aa5d436a26ff8d8b796932ceda6c
GET /assets/146aq92/estar210-supermarketSobres3ld12u/900/assets/js/preload_o.min.js?v=1.14 HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2024 09:47:27 GMT
etag: W/"6638a72f-4497"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5017
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NODasp%2BB2%2Bo%2BXh6XZLsleyX9ea8EZK0huujcUu6RGtqzCSannpQFXal%2FVyVhtlO3YnGuFukDbTxlUdkY7PPS8%2BQa419IajIcjr%2Fm6jBLeHtfcMkocODqqa4RhZ5b5hYpURu2sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6a2cc5b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/themes/tar/210-supermarket/img/brand-logo.svg | 104.26.2.21 | 200 OK | 11 kB |
URL GET HTTP/2iwanttogetmore.com/assets/146aq92/estar210-supermarketSobres3ld12u/900/themes/tar/210-supermarket/img/brand-logo.svg IP104.26.2.21:443
Requested byhttps://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 CertificateIssuerGoogle Trust Services LLC Subjectiwanttogetmore.com Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8 ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT
File typeSVG Scalable Vector Graphics image Hash665616c2aeadc53d133fed41c243a3c0 86ed0cd124d2dbb43ef317234caaecaac91aef26 658961834651b14490ff9940818b6f5db8525d4e72ef452f31c375df8ba7dabe
GET /assets/146aq92/estar210-supermarketSobres3ld12u/900/themes/tar/210-supermarket/img/brand-logo.svg HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:56 GMT
content-type: image/svg+xml
last-modified: Mon, 06 May 2024 09:54:20 GMT
etag: W/"6638a8cc-2963"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5019
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MSsSD7RLrnR%2FWLpC3uZogeKUU6KWhv9hGRNOf8UVFqa1Ryg3URw%2BdXNkExPMfdEUb8QVwaAE8l9ucnQxZ39BPmx63vatVEOEDakfYdf2vOCtO3IXvcIaVUc5mIEVVaeK15T%2Bbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88043a6c3830b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 | 104.26.2.21 | 200 OK | 14 kB |
URL User Request GET HTTP/2iwanttogetmore.com/page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 IP104.26.2.21:443
CertificateIssuerGoogle Trust Services LLC Subjectiwanttogetmore.com Fingerprint44:37:C6:14:FF:06:FB:C3:2E:A4:8A:C9:5E:11:F8:FD:EB:87:E9:C8 ValidityTue, 30 Apr 2024 10:49:40 GMT - Mon, 29 Jul 2024 10:49:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /page/3ld12u/900?campaign=ThUjIf0&cost=0.002400¤cy=usd&aff_source=6516974&request_var=gQge16JvCT&aff_transaction_id=811820025785618432 HTTP/1.1
Host: iwanttogetmore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:15:55 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AP5QyVOYDpiwR0BMcyiUFKR8grCQBojKUxC1%2FJiDLi%2FtJMhTh25BcXqI1rD1rL13T5Ha9q2OJdeRIj%2BxzXFedT55yXTxG6DKEOju6EkZfGRVj4Vw7aj%2BFXz7FxwnRNpoewKw%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88043a661e25b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|