rainbowvisit.com/af1916cbaae1f0d7ec43a0e40a401851a/?sid1=MSL&sid2=MzIzMjM2MzAzNjM1N2UzMjM0MzgzNTMxMzczNTM4MzUzMTdlNjIzNTMwMzA2NDY4NjQ2MQ==
23.229.58.100 6.6 kB URL rainbowvisit.com/af1916cbaae1f0d7ec43a0e40a401851a/?sid1=MSL&sid2=MzIzMjM2MzAzNjM1N2UzMjM0MzgzNTMxMzczNTM4MzUzMTdlNjIzNTMwMzA2NDY4NjQ2MQ==
IP 23.229.58.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 237963d909ca517c81ee3731f71bf8c4
1bd474ee7e2a8cc2c946daf7fcd3acff89380b2d
5f5b2699fa681198a89c457a5d9bcd1c7e7410ad69a0455f791e55fbcd39bb24
GET /af1916cbaae1f0d7ec43a0e40a401851a/?sid1=MSL&sid2=MzIzMjM2MzAzNjM1N2UzMjM0MzgzNTMxMzczNTM4MzUzMTdlNjIzNTMwMzA2NDY4NjQ2MQ== HTTP/1.1
Host: rainbowvisit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Jun 2023 16:58:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.33
Set-Cookie: clkcheck4740=c6e016ee3e6f6ced927728ffd82641a7_107974; expires=Mon, 03-Jul-2023 16:58:50 GMT; Max-Age=2592000; path=/; SameSite=Lax
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0c2c7b69894efc120cd8bab945a227b2
11800be962b5b0cf260591d3c55113d217cbfa3b
61fdd82d5869d4eb3e250031c6a63be89e282cfdc50e3a7f04de1e6ba17044f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 16:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
142.250.74.72 44 kB URL www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
IP 142.250.74.72:0
File type ASCII text, with very long lines (2271)
Hash 46d18af0571d7999884315fd11677d07
0b297660892045f756adb5c4a1d3601310c11b51
63c61ad01ee55d501a499d8998901ddfee06c7fe13c384cef58833bf72972d86
GET /gtm.js?id=GTM-MB79N3N HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://rainbowvisit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Jun 2023 16:45:32 GMT
expires: Sat, 03 Jun 2023 16:45:32 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Jun 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43941
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rainbowvisit.com/fp.php
23.229.58.100 0 B IP 23.229.58.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp.php HTTP/1.1
Host: rainbowvisit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 761
Origin: http://rainbowvisit.com
DNT: 1
Connection: keep-alive
Referer: http://rainbowvisit.com/af1916cbaae1f0d7ec43a0e40a401851a/?sid1=MSL&sid2=MzIzMjM2MzAzNjM1N2UzMjM0MzgzNTMxMzczNTM4MzUzMTdlNjIzNTMwMzA2NDY4NjQ2MQ==
Cookie: clkcheck4740=c6e016ee3e6f6ced927728ffd82641a7_107974
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Jun 2023 16:58:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.33
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0c2c7b69894efc120cd8bab945a227b2
11800be962b5b0cf260591d3c55113d217cbfa3b
61fdd82d5869d4eb3e250031c6a63be89e282cfdc50e3a7f04de1e6ba17044f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 16:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0c2c7b69894efc120cd8bab945a227b2
11800be962b5b0cf260591d3c55113d217cbfa3b
61fdd82d5869d4eb3e250031c6a63be89e282cfdc50e3a7f04de1e6ba17044f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 16:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KQWFTZ7
142.250.74.72200 OK 43 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KQWFTZ7
IP 142.250.74.72:443
Requested by https://advertiserpages.com/notfound/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (2271)
Hash 165e301b6a7cda3e97ef9af406573d0a
bbe3acb1fddeb46aacfcde204f94d44c532cf2e7
e583bc300ec00f73dac3e05db04ebb339873e6cfb59fb5493e4a52fe282cb11a
GET /gtm.js?id=GTM-KQWFTZ7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://advertiserpages.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Jun 2023 16:45:33 GMT
expires: Sat, 03 Jun 2023 16:45:33 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Jun 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42565
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.aimtell.com/trackpush/trackpush.min.js
104.18.31.151200 OK 13 kB URL GET HTTP/2 cdn.aimtell.com/trackpush/trackpush.min.js
IP 104.18.31.151:443
Requested by https://advertiserpages.com/notfound/
Certificate IssuerCloudflare, Inc.
Subjectaimtell.com
Fingerprint1C:CD:DA:C4:62:7E:59:6E:A3:E5:F3:89:A3:BD:88:CA:D9:F0:F7:3D
ValiditySat, 08 Apr 2023 00:00:00 GMT - Sun, 07 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (47826), with no line terminators
Hash 7a95f30092a14e733916e5ba4212fe20
95d879028d85b8646a4ccc20781de227b5100769
0caf43fb08d17c0d3cecba626ba9fb455e231464d33931ff03c0cd3e4dbe5a4f
GET /trackpush/trackpush.min.js HTTP/1.1
Host: cdn.aimtell.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://advertiserpages.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 16:45:33 GMT
content-type: text/javascript
content-length: 13293
last-modified: Wed, 31 May 2023 16:01:52 GMT
etag: "a4c9e416bb6100ab1a641b855964c419"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HEgBtG_62b0QpoqVGLzDGszJmt4v3sB3Yyh9Wd2JxJY-nRtITA6Cdw==
age: 2449
cf-cache-status: HIT
expires: Sun, 04 Jun 2023 16:45:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d19683c98a0fac0-OSL
X-Firefox-Spdy: h2
signals.aimtell.com/pageview?id_site=26914&v=3.976&support=0&state=default&wl=0&ref=aHR0cHM6Ly9hZHZlcnRpc2VycGFnZXMuY29tL25vdGZvdW5kLw==
104.18.31.151200 OK 43 B URL POST HTTP/2 signals.aimtell.com/pageview?id_site=26914&v=3.976&support=0&state=default&wl=0&ref=aHR0cHM6Ly9hZHZlcnRpc2VycGFnZXMuY29tL25vdGZvdW5kLw==
IP 104.18.31.151:443
Requested by https://advertiserpages.com/notfound/
Certificate IssuerCloudflare, Inc.
Subjectaimtell.com
Fingerprint1C:CD:DA:C4:62:7E:59:6E:A3:E5:F3:89:A3:BD:88:CA:D9:F0:F7:3D
ValiditySat, 08 Apr 2023 00:00:00 GMT - Sun, 07 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /pageview?id_site=26914&v=3.976&support=0&state=default&wl=0&ref=aHR0cHM6Ly9hZHZlcnRpc2VycGFnZXMuY29tL25vdGZvdW5kLw== HTTP/1.1
Host: signals.aimtell.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advertiserpages.com
DNT: 1
Connection: keep-alive
Referer: https://advertiserpages.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Jun 2023 16:45:33 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: https://advertiserpages.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse, Aimtell-Signal, Aimtell-Iso
aimtell-hash-exists: 0
aimtell-iso: NO
aimtell-signal: 0
aimtell-traverse: 0
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d19683d291afac0-OSL
X-Firefox-Spdy: h2
advertiserpages.com/notfound/
172.67.213.118200 OK 2.1 kB URL User Request GET HTTP/2 advertiserpages.com/notfound/
IP 172.67.213.118:443
Certificate IssuerLet's Encrypt
Subjectadvertiserpages.com
FingerprintD7:6F:D4:FF:14:D4:6A:76:08:B0:6D:3F:84:9E:66:9D:9D:80:81:6A
ValiditySun, 07 May 2023 04:53:42 GMT - Sat, 05 Aug 2023 04:53:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2252), with no line terminators
Hash de26cc31735fc5928adfc8768f559105
0e03bde8bbecebd42d0cef8ab39183473d544c23
b7475efe31b5ced625e1d941a6db2df79666a870322fd496a6a4c4c943f4e00d
Analyzer Verdict Alert quad9 Sinkholed
GET /notfound/ HTTP/1.1
Host: advertiserpages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rainbowvisit.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 16:45:33 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DxNC9GTNkMq%2FdBc%2BQQQ8Is5IzFLSN96cDa%2FJ74APfWENAGAa4WixqIDz%2Bpwshj%2FtPF1zMxAqPpjVkX5lTJyzeojETsSRajDETBc4SjYEQzVyNhfNcQqytSq1oCNeBzGT0mx8CFDz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d196838bf0db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
advertiserpages.com/favicon.ico
172.67.213.118404 Not Found 162 B URL GET HTTP/3 advertiserpages.com/favicon.ico
IP 172.67.213.118:443
Requested by https://advertiserpages.com/notfound/
Certificate IssuerLet's Encrypt
Subjectadvertiserpages.com
FingerprintD7:6F:D4:FF:14:D4:6A:76:08:B0:6D:3F:84:9E:66:9D:9D:80:81:6A
ValiditySun, 07 May 2023 04:53:42 GMT - Sat, 05 Aug 2023 04:53:41 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 42b7c03ebcddafdb2aa3078e3a9ceb69
57570cf4712b36bce96f68228e6c72137c2156dd
a225bf8186e767cfb73fec2ac55678c083a3c2abd042bc1cf85f820bced5ec9f
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: advertiserpages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://advertiserpages.com/notfound/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 03 Jun 2023 16:45:33 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWvjeI%2F9O1wHdyTL%2FXJZQICktXNrYu%2BCwof6C9yQW6oBZl3b7IX1fUQWDHkluDSNNtuB25B4mJQJLeQb5VMhJmVPnNkySRpbX1s8YT0wAZYbMGgBA3IwQXyGA8aque9XiVy9t%2FMB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d19683c0fe40b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400