| gensonal.com/j9v2sfpnby/?key=5b651019775a59683dbbecc1b00d2a22&s2s=35ac6j2oca9a527f |  3.125.20.6 | | 0 B |
URL gensonal.com/j9v2sfpnby/?key=5b651019775a59683dbbecc1b00d2a22&s2s=35ac6j2oca9a527f IP3.125.20.6:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j9v2sfpnby/?key=5b651019775a59683dbbecc1b00d2a22&s2s=35ac6j2oca9a527f HTTP/1.1
Host: gensonal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 04 May 2024 06:32:21 GMT
content-length: 0
location: https://1of.backluck.shop/?utm_medium=a7ff87d4f3a4b18a37dc1d598c31f21445711faf&utm_campaign=trafficback
server: nginx/1.19.5
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
set-cookie: backurled=5b651019775a59683dbbecc1b00d2a22; expires=Sat, 04 May 2024 06:33:21 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-request-id: a3a5cbb829022f57eab61e2583f5cce4
cache-control: no-cache, max-age=0, private, no-cache
pragma: no-cache
X-Firefox-Spdy: h2
|
|
| www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7365028563650609180&website=23291-5ff0790z&placement=23291 |  51.68.85.158 | | 4.4 kB |
URL www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7365028563650609180&website=23291-5ff0790z&placement=23291 IP51.68.85.158:0
File typeHTML document, ASCII text, with very long lines (3490) Hashab12a39c412ca6cf4df6d2043db70c42 001953b0ee827c266faa29efce7d6f05da376619 0c32410be63194b5c47a67c7f80b9c57a9d53d25b295e51b8608ce8b9d5f50b7
GET /?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7365028563650609180&website=23291-5ff0790z&placement=23291 HTTP/1.1
Host: www.trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1of.backluck.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 06:32:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform
Accept-CH: Sec-CH-UA-Platform-Version
|
|
| www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7365028563650609180&website=23291-5ff0790z&placement=23291&eyeg=9145b3638a9d86eb5e701d8c728d70aa&eyer=0.5223261327645599&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=1of.backluck.shop | 51.68.85.158 | 302 Found | 0 B |
URL User Request GET HTTP/1.1www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7365028563650609180&website=23291-5ff0790z&placement=23291&eyeg=9145b3638a9d86eb5e701d8c728d70aa&eyer=0.5223261327645599&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=1of.backluck.shop IP51.68.85.158:443
CertificateIssuerLet's Encrypt Subjectwww.trimbuilder.foundation FingerprintB5:58:02:9F:AF:F9:81:27:25:64:61:1F:FC:22:AF:33:55:97:F6:60 ValidityMon, 08 Apr 2024 08:49:15 GMT - Sun, 07 Jul 2024 08:49:14 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7365028563650609180&website=23291-5ff0790z&placement=23291&eyeg=9145b3638a9d86eb5e701d8c728d70aa&eyer=0.5223261327645599&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=1of.backluck.shop HTTP/1.1
Host: www.trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sat, 04 May 2024 06:32:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7365028563650609180&website=23291-5ff0790z&placement=23291&eyeg=3&eyer=0.5223261327645599&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=1of.backluck.shop
|
|
| www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7365028563650609180&website=23291-5ff0790z&placement=23291&eyeg=3&eyer=0.5223261327645599&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=1of.backluck.shop | 51.68.85.158 | 302 Found | 0 B |
URL User Request GET HTTP/1.1www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7365028563650609180&website=23291-5ff0790z&placement=23291&eyeg=3&eyer=0.5223261327645599&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=1of.backluck.shop IP51.68.85.158:443
CertificateIssuerLet's Encrypt Subjectwww.trimbuilder.foundation FingerprintB5:58:02:9F:AF:F9:81:27:25:64:61:1F:FC:22:AF:33:55:97:F6:60 ValidityMon, 08 Apr 2024 08:49:15 GMT - Sun, 07 Jul 2024 08:49:14 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7365028563650609180&website=23291-5ff0790z&placement=23291&eyeg=3&eyer=0.5223261327645599&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=1of.backluck.shop HTTP/1.1
Host: www.trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sat, 04 May 2024 06:32:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=33000517082e4e38253cd6b80d4f613b112440504-202405-flb*5768231-bead7*M7365028563650609180*sl_5768231-bead7*5d4fb8a92588a6817bb03f86360c6d1a19c68e7f*23291-5ff0790z*23291
|
|
| red-trck1.shop/nlp/index.php?key=5b651019775a59683dbbecc1b00d2a22&s2s=35ac6j2oca9a527f&url_bnm_redirect=https%3A%2F%2Fgensonal.com%2Fj9v2sfpnby%2F |  188.114.97.1 | | 8.7 kB |
URL red-trck1.shop/nlp/index.php?key=5b651019775a59683dbbecc1b00d2a22&s2s=35ac6j2oca9a527f&url_bnm_redirect=https%3A%2F%2Fgensonal.com%2Fj9v2sfpnby%2F IP188.114.97.1:0
File typeASCII text, with no line terminators Hash6e34f7e00dc725ecbe490bb1e64d8c1b 70303094005d07f0f3e8cce57c93e54d3063fa58 579b52508827f83c55835783bdfe8c37d36a1d7fede08d923437b1ec4160a76d
GET /nlp/index.php?key=5b651019775a59683dbbecc1b00d2a22&s2s=35ac6j2oca9a527f&url_bnm_redirect=https%3A%2F%2Fgensonal.com%2Fj9v2sfpnby%2F HTTP/1.1
Host: red-trck1.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 06:32:20 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nXu0JvxxS9PKMiJ4EaizrTZqPfXzUqjg8mMLe6qm3jomseA%2F%2F5DRsRnO1Uowa0SZABQXDF4wWGC2XvLBq6Ox2PMr6anXZY0Ck5jxc%2Bk%2Fjpf1muwM41DMju1Sh9y%2FOxpKVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e673fa0fb20b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.trimbuilder.foundation/favicon.ico | 51.68.85.158 | | 0 B |
URL www.trimbuilder.foundation/favicon.ico IP51.68.85.158:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Sat, 04 May 2024 06:32:22 GMT
Connection: keep-alive
|
|
| admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=33000517082e4e38253cd6b80d4f613b112440504-202405-flb*5768231-bead7*M7365028563650609180*sl_5768231-bead7*5d4fb8a92588a6817bb03f86360c6d1a19c68e7f*23291-5ff0790z*23291 |  104.26.6.190 | 302 Found | 214 B |
URL User Request GET HTTP/2admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=33000517082e4e38253cd6b80d4f613b112440504-202405-flb*5768231-bead7*M7365028563650609180*sl_5768231-bead7*5d4fb8a92588a6817bb03f86360c6d1a19c68e7f*23291-5ff0790z*23291 IP104.26.6.190:443
CertificateIssuerGoogle Trust Services LLC Subjectaftrad-visit.com Fingerprint98:82:E2:88:34:E5:9E:56:30:5B:90:4F:A3:20:44:5C:29:51:5F:01 ValidityThu, 04 Apr 2024 22:09:13 GMT - Wed, 03 Jul 2024 22:09:12 GMT
File typeHTML document, ASCII text Hash0889cb1487e177b3fe912a2a64fa09ce 6995ad434bfb23fffa0b380704f18289c57bf0c2 76a6b9331767a2fbb2bb55a23c4516807a4843f8c0f74f7095faea1d69bcb628
GET /track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=33000517082e4e38253cd6b80d4f613b112440504-202405-flb*5768231-bead7*M7365028563650609180*sl_5768231-bead7*5d4fb8a92588a6817bb03f86360c6d1a19c68e7f*23291-5ff0790z*23291 HTTP/1.1
Host: admoustache.aftrad-visit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 04 May 2024 06:32:22 GMT
content-type: text/html; charset=utf-8
content-length: 214
location: https://suftinyou.com/?cat=2&groupds=102&clientId=168&productId=1676&publisher_id=1B7fmUHKE&tracking=2012WC1Lffo1ADT2nWpVhmbWogiGeS6XqufXSN46nQzmoLNrqbsjWu4KuoTRa6c3H9aTpx
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NTE1jKsLBmrJYD2rrzWJFRpsndPk0JSueWnIWb0cHOLsCJP6KQVKfQBeimgERLwC2vnqAXcrc%2BByJCPqqDmv0wEwYMEIcVWN5mhfR1KRjz6kq%2BzsKOwbRcoWkXUiR9g14OMcbq%2BRJpFCw8MuGf4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e674044f61b4f7-OSL
X-Firefox-Spdy: h2
|
|
| suftinyou.com/?cat=2&groupds=102&clientId=168&productId=1676&publisher_id=1B7fmUHKE&tracking=2012WC1Lffo1ADT2nWpVhmbWogiGeS6XqufXSN46nQzmoLNrqbsjWu4KuoTRa6c3H9aTpx |  185.32.28.133 | 200 OK | 15 kB |
URL User Request GET HTTP/1.1suftinyou.com/?cat=2&groupds=102&clientId=168&productId=1676&publisher_id=1B7fmUHKE&tracking=2012WC1Lffo1ADT2nWpVhmbWogiGeS6XqufXSN46nQzmoLNrqbsjWu4KuoTRa6c3H9aTpx IP185.32.28.133:443 ASN#15699 OGIC Informatica S.L.
CertificateIssuerLet's Encrypt Subjectsuftinyou.com FingerprintFE:FC:55:28:93:2A:EA:1E:E8:0D:06:0E:F7:DA:4A:BE:EF:A2:7E:01 ValidityTue, 09 Apr 2024 05:47:57 GMT - Mon, 08 Jul 2024 05:47:56 GMT
File typeHTML document, ASCII text, with very long lines (5740) Hash64d9cf3ddb83b166408abf70f6ad1059 cd4ba645108c1cd0ce4b04b86bdbaf24529fb46f e7a648bed9fb3e62ef5f7d8ddd0180bc18d97ac5331683fee248f5b08159729b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /?cat=2&groupds=102&clientId=168&productId=1676&publisher_id=1B7fmUHKE&tracking=2012WC1Lffo1ADT2nWpVhmbWogiGeS6XqufXSN46nQzmoLNrqbsjWu4KuoTRa6c3H9aTpx HTTP/1.1
Host: suftinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 06:32:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: redirect_user_data=%7B%22country%22%3A%22NO%22%2C%22city%22%3Anull%2C%22isp%22%3A%22blix+solutions%22%2C%22netspeed%22%3A%22%22%7D; expires=Sat, 04-May-2024 06:42:17 GMT; Max-Age=600
_tracker_ikangoo=a%3A5%3A%7Bs%3A4%3A%22_key%22%3Bs%3A7%3A%22IKPANEL%22%3Bs%3A6%3A%22_subid%22%3Bs%3A16%3A%225002192642147182%22%3Bs%3A8%3A%22_country%22%3Bs%3A2%3A%22NO%22%3Bs%3A4%3A%22_isp%22%3Bs%3A14%3A%22blix+solutions%22%3Bs%3A5%3A%22_time%22%3Bi%3A1714804337%3B%7D; expires=Sat, 04-May-2024 06:34:17 GMT; Max-Age=120
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
|
|
| 1of.backluck.shop/?utm_medium=a7ff87d4f3a4b18a37dc1d598c31f21445711faf&utm_campaign=trafficback |  99.198.106.198 | | 3.9 kB |
URL 1of.backluck.shop/?utm_medium=a7ff87d4f3a4b18a37dc1d598c31f21445711faf&utm_campaign=trafficback IP99.198.106.198:0
File typegzip compressed data, from Unix Hash07e07fd67d27df659b8596a0f79d6dd1 3c72b8bd1717c7fd3cc6ab11de02eeab93ab1bde 4fcfe62aada0a8764dc0082968efc485c9b4d202414b396e6c93bc64910ddb02
GET /?utm_medium=a7ff87d4f3a4b18a37dc1d598c31f21445711faf&utm_campaign=trafficback HTTP/1.1
Host: 1of.backluck.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 06:32:21 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=604800; persist=1
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| suftinyou.com/assets/js/backlink_back_button.js | 185.32.28.133 | 200 OK | 632 B |
URL GET HTTP/1.1suftinyou.com/assets/js/backlink_back_button.js IP185.32.28.133:443 ASN#15699 OGIC Informatica S.L.
Requested byhttps://suftinyou.com/?cat=2&groupds=102&clientId=168&productId=1676&publisher_id=1B7fmUHKE&tracking=2012WC1Lffo1ADT2nWpVhmbWogiGeS6XqufXSN46nQzmoLNrqbsjWu4KuoTRa6c3H9aTpx CertificateIssuerLet's Encrypt Subjectsuftinyou.com FingerprintFE:FC:55:28:93:2A:EA:1E:E8:0D:06:0E:F7:DA:4A:BE:EF:A2:7E:01 ValidityTue, 09 Apr 2024 05:47:57 GMT - Mon, 08 Jul 2024 05:47:56 GMT
File typeASCII text, with very long lines (658), with no line terminators Hashac6dffd189635a63b4157939629ed892 8bf8cf6f7fe309a740636c989065e590b72405b8 1fa7cb87e5ace78ea7e4cd4b52875b78c2814ca2fb9a841c433d6c96547e067f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/js/backlink_back_button.js HTTP/1.1
Host: suftinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suftinyou.com/?cat=2&groupds=102&clientId=168&productId=1676&publisher_id=1B7fmUHKE&tracking=2012WC1Lffo1ADT2nWpVhmbWogiGeS6XqufXSN46nQzmoLNrqbsjWu4KuoTRa6c3H9aTpx
Cookie: redirect_user_data=%7B%22country%22%3A%22NO%22%2C%22city%22%3Anull%2C%22isp%22%3A%22blix+solutions%22%2C%22netspeed%22%3A%22%22%7D; _tracker_ikangoo=a%3A5%3A%7Bs%3A4%3A%22_key%22%3Bs%3A7%3A%22IKPANEL%22%3Bs%3A6%3A%22_subid%22%3Bs%3A16%3A%225002192642147182%22%3Bs%3A8%3A%22_country%22%3Bs%3A2%3A%22NO%22%3Bs%3A4%3A%22_isp%22%3Bs%3A14%3A%22blix+solutions%22%3Bs%3A5%3A%22_time%22%3Bi%3A1714804337%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 06:32:17 GMT
Content-Type: application/javascript
Content-Length: 632
Last-Modified: Mon, 28 Nov 2022 14:36:49 GMT
Connection: keep-alive
ETag: "6384c781-278"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
|
|