| ld123.g2afse.com/click?pid=76&offer_id=8084&sub1=90c00070521ac263f7020905&sub2=1689_ | 34.90.14.205 | 302 Found | 0 B |
URL User Request GET HTTP/2ld123.g2afse.com/click?pid=76&offer_id=8084&sub1=90c00070521ac263f7020905&sub2=1689_ IP34.90.14.205:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerDigiCert Inc Subject*.g2afse.com Fingerprint3A:C2:12:6C:59:0C:A9:12:C1:47:C8:05:B6:0F:75:69:7A:76:D6:85 ValidityMon, 28 Aug 2023 00:00:00 GMT - Wed, 04 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=76&offer_id=8084&sub1=90c00070521ac263f7020905&sub2=1689_ HTTP/1.1
Host: ld123.g2afse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 24 Apr 2024 16:54:25 GMT
content-length: 0
location: https://12665a401041.tc2qwerty.com/?p=6304&media_type=mainstream&click_id=
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
| vezeklet.pro/o?k=69acf76fb48bf7e6 | 46.4.172.148 | 302 Found | 62 kB |
URL User Request GET HTTP/2vezeklet.pro/o?k=69acf76fb48bf7e6 IP46.4.172.148:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectvezeklet.pro FingerprintD1:5F:54:36:A9:AE:99:FC:BD:70:8F:D3:80:7D:55:81:75:A2:6E:F0 ValiditySat, 06 Apr 2024 23:21:09 GMT - Fri, 05 Jul 2024 23:21:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /o?k=69acf76fb48bf7e6 HTTP/1.1
Host: vezeklet.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.20.2
date: Wed, 24 Apr 2024 16:54:25 GMT
content-type: text/html; charset=UTF-8
location: https://ld123.g2afse.com/click?pid=76&offer_id=8084&sub1=90c00070521ac263f7020905&sub2=1689_
x-powered-by: PHP/8.1.27
referrer-policy: no-referrer
set-cookie: aff_tds_id=cb01d03497b5257d489e450fca70d691dc43763b94918ab05922168281b69429a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22aff_tds_id%22%3Bi%3A1%3Bs%3A16%3A%226ba85f899b4fb0b4%22%3B%7D; expires=Wed, 24-Apr-2024 20:59:59 GMT; Max-Age=14734; path=/; HttpOnly; SameSite=Lax
expires: Wed, 24 Apr 2024 16:54:24 GMT
cache-control: no-cache
X-Firefox-Spdy: h2
|
| 12665a401041.tc2qwerty.com/?p=6304&media_type=mainstream&click_id= | 94.237.92.107 | 302 Found | 62 kB |
URL User Request GET HTTP/212665a401041.tc2qwerty.com/?p=6304&media_type=mainstream&click_id= IP94.237.92.107:443
CertificateIssuerLet's Encrypt Subjecttc2qwerty.com Fingerprint51:BA:BF:DA:16:EE:8D:B0:DA:AB:E1:50:33:DC:6B:D1:E5:0C:A4:E6 ValidityFri, 05 Apr 2024 21:39:44 GMT - Thu, 04 Jul 2024 21:39:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?p=6304&media_type=mainstream&click_id= HTTP/1.1
Host: 12665a401041.tc2qwerty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 24 Apr 2024 16:54:26 GMT
content-type: text/html; charset=UTF-8
set-cookie: rts-trck=1; expires=Wed, 24 Apr 2024 17:04:26 GMT; Max-Age=600; path=/; domain=12665a401041.tc2qwerty.com
t-uuid=62pwkhkt12ndhxgmktfeocoos; expires=Mon, 24 Apr 2034 16:54:26 GMT; Max-Age=315532800; path=/; domain=.tc2qwerty.com
rts-trck=1; expires=Wed, 24 Apr 2024 17:04:26 GMT; Max-Age=600; path=/; domain=12665a401041.tc2qwerty.com
traffic-visited-domain=megawinner.xyz; expires=Fri, 24 May 2024 16:54:26 GMT; Max-Age=2592000; path=/; domain=.tc2qwerty.com
traffic-back=ok; expires=Wed, 24 Apr 2024 16:54:56 GMT; Max-Age=30; path=/; domain=.tc2qwerty.com
location: https://www.megawinner.xyz/dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream
X-Firefox-Spdy: h2
|
| www.megawinner.xyz/dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream | 94.237.92.126 | 200 OK | 62 kB |
URL User Request GET HTTP/2www.megawinner.xyz/dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream IP94.237.92.126:443
CertificateIssuerLet's Encrypt Subject*.megawinner.xyz FingerprintE1:3F:35:F8:78:45:55:BE:FA:4F:C2:BE:D0:9B:8A:89:8A:6E:FE:37 ValidityFri, 19 Apr 2024 07:20:12 GMT - Thu, 18 Jul 2024 07:20:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream HTTP/1.1
Host: www.megawinner.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Wed, 24 Apr 2024 16:54:26 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|