| www.above.com/marketplace/javascript/tipsy.jquery.js?1728959580 |  103.224.182.24 | 200 OK | 7.4 kB |
URL GET www.above.com/marketplace/javascript/tipsy.jquery.js?1728959580 IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeJavaScript source, ASCII text, with very long lines (7616), with no line terminators Hash56ccb13ec814588911fe6024422076c2 680a17ef9ee11fa2bf506a081fc45bee077e1a98 c6af965ebc838783da92ec9f5d1c8ff25051458ed48f833328334c777da3f4e0
GET /marketplace/javascript/tipsy.jquery.js?1728959580 HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "1cee-6247ac598cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1982
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.35 | 200 OK | 48 kB |
URL GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.35:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.above.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 10:12:20 GMT
expires: Fri, 27 Mar 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 176128
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| kit.fontawesome.com/61d644614c.css |  172.64.147.188 | 200 OK | 399 B |
URL GET kit.fontawesome.com/61d644614c.css IP172.64.147.188:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjectfontawesome.com FingerprintFC:32:90:2B:CD:63:94:32:F0:48:71:9F:50:A4:58:6D:8F:0C:D0:4D ValidityThu, 27 Feb 2025 21:23:34 GMT - Wed, 28 May 2025 22:23:32 GMT
File typeASCII text, with very long lines (399), with no line terminators Hasha56f577284530bacf84482f222f1b5ce f492ef43a09a53d078db9c9b6aa66a679ba1483f 924c7310b514884a12fe85a4a82d2a164ff18cddd07640fb168ca61507945f5e
GET /61d644614c.css HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.above.com
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
content-type: text/css
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=300, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: GB60y1D4dTGj1HSMZ17h
cf-cache-status: HIT
server: cloudflare
cf-ray: 927ee7d5cebe568f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DQB7CZVNQD&cid=1572007403.1743246469>m=45je53q1v871550789z8853238206za200zb853238206&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062~102964103&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062~102964103&z=1821973996 | 142.250.178.67 | 200 OK | 42 B |
URL GET www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DQB7CZVNQD&cid=1572007403.1743246469>m=45je53q1v871550789z8853238206za200zb853238206&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062~102964103&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062~102964103&z=1821973996 IP142.250.178.67:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.google.no FingerprintF2:05:97:F0:57:2B:A2:B3:28:EF:72:32:F4:69:9F:14:E9:B2:3B:16 ValidityMon, 10 Mar 2025 08:38:47 GMT - Mon, 02 Jun 2025 08:38:46 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DQB7CZVNQD&cid=1572007403.1743246469>m=45je53q1v871550789z8853238206za200zb853238206&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062~102964103&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062~102964103&z=1821973996 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Mar 2025 11:07:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=fuk9485ev72v | 142.250.74.68 | 200 OK | 73 kB |
URL GET www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=fuk9485ev72v IP142.250.74.68:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.google.com FingerprintB5:4D:C5:27:B4:49:22:F3:21:DF:88:3D:E6:05:D6:A1:02:98:C7:E2 ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
File typeHTML document, ASCII text, with very long lines (56645) Hash14f4521becb60e72e32ba60c55253a1a f93d4a3dcabe362fa738c2e4e8fdffb2b99093c9 f22fc37dc281da52fa10d3113bd05faa96b3a6c57bc9ffaba4faaef69ab5686d
GET /recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=fuk9485ev72v HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 29 Mar 2025 11:07:49 GMT
content-security-policy: script-src 'nonce-b-LAScylP064LLgHnIu9Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/ccm/collect?en=page_view&dr=ww25.best-targeted-traffic.com&dl=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fbest-targeted-traffic.com&scrsrc=www.googletagmanager.com&frm=0&rnd=546033689.1743246469&dt=best-targeted-traffic.com%20-%20Above.com%20Marketplace&auid=53226773.1743246469&navt=n&npa=1&did=dZTQ1Zm&gdid=dZTQ1Zm>m=45be53q1h1za200zb853238206&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102482433~102788824~102803279~102813109~102887799~102926062&tft=1743246469334&tfd=3362&apve=1 | 142.250.74.68 | 200 OK | 0 B |
URL POST www.google.com/ccm/collect?en=page_view&dr=ww25.best-targeted-traffic.com&dl=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fbest-targeted-traffic.com&scrsrc=www.googletagmanager.com&frm=0&rnd=546033689.1743246469&dt=best-targeted-traffic.com%20-%20Above.com%20Marketplace&auid=53226773.1743246469&navt=n&npa=1&did=dZTQ1Zm&gdid=dZTQ1Zm>m=45be53q1h1za200zb853238206&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102482433~102788824~102803279~102813109~102887799~102926062&tft=1743246469334&tfd=3362&apve=1 IP142.250.74.68:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.google.com FingerprintB5:4D:C5:27:B4:49:22:F3:21:DF:88:3D:E6:05:D6:A1:02:98:C7:E2 ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ccm/collect?en=page_view&dr=ww25.best-targeted-traffic.com&dl=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fbest-targeted-traffic.com&scrsrc=www.googletagmanager.com&frm=0&rnd=546033689.1743246469&dt=best-targeted-traffic.com%20-%20Above.com%20Marketplace&auid=53226773.1743246469&navt=n&npa=1&did=dZTQ1Zm&gdid=dZTQ1Zm>m=45be53q1h1za200zb853238206&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102482433~102788824~102803279~102813109~102887799~102926062&tft=1743246469334&tfd=3362&apve=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.above.com
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/3 200 OK
content-type: text/plain
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
date: Sat, 29 Mar 2025 11:07:49 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.above.com
access-control-expose-headers: date,vary,vary,vary,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.above.com/js/login.js?1728959580 | 103.224.182.24 | 200 OK | 2.1 kB |
URL GET www.above.com/js/login.js?1728959580 IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeJavaScript source, ASCII text, with very long lines (2390), with no line terminators Hashde2f60588d4f560d82e8eaa65d383f15 6121736748ed90b791d922cf956ed321b34980ad c347cfa5029446d72b74c37ad9e5636dda91ee3aa4fe9551a8a4b2f4099ea6b8
GET /js/login.js?1728959580 HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "844-6247ac598cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 849
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.above.com/marketplace/img/saletrans.png | 103.224.182.24 | 200 OK | 921 B |
URL GET www.above.com/marketplace/img/saletrans.png IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typePNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced Hash8ca54dafff20896d30c5744ff1b6d93c 9b912b35fbdea230369e1b624c94934e2c37e67e a4e477b67d678a3de314adfb048d71e6279bbbb172b27e423ea8f230d9aae637
GET /marketplace/img/saletrans.png HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/css/offer_new.css?1730682562
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:48 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "399-6247ac598cf00"
accept-ranges: bytes
content-length: 921
content-type: image/png
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js | 142.250.178.35 | 200 OK | 562 kB |
URL GET www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js IP142.250.178.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=fuk9485ev72v CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
Size562 kB (561652 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 221651
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Mar 2025 09:00:31 GMT
expires: Wed, 25 Mar 2026 09:00:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 24 Mar 2025 02:01:29 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 353238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol111%2Cpid-bodis-gcontrol444%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis01_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.best-targeted-traffic.com%2F%3Fcaf%3D1%26bpt%3D345%26unq%3D27y325223543eiwxvex%26version%3D1.8%26pais%3DUnknown%26subid1%3D20250329-2207-1673-9a78-6066be60c64b&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2876836166450698&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107&format=r7&nocache=7541743246463959&num=0&output=afd_ads&domain_name=ww25.best-targeted-traffic.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1743246463960&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=https%3A%2F%2Fww25.best-targeted-traffic.com%2Finstall.php%3Funq%3D27y325223543eiwxvex%26version%3D1.8%26pais%3DUnknown%26subid1%3D20250329-2207-1673-9a78-6066be60c64b | 142.250.178.78 | 200 OK | 1.1 kB |
URL GET syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol111%2Cpid-bodis-gcontrol444%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis01_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.best-targeted-traffic.com%2F%3Fcaf%3D1%26bpt%3D345%26unq%3D27y325223543eiwxvex%26version%3D1.8%26pais%3DUnknown%26subid1%3D20250329-2207-1673-9a78-6066be60c64b&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2876836166450698&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107&format=r7&nocache=7541743246463959&num=0&output=afd_ads&domain_name=ww25.best-targeted-traffic.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1743246463960&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=https%3A%2F%2Fww25.best-targeted-traffic.com%2Finstall.php%3Funq%3D27y325223543eiwxvex%26version%3D1.8%26pais%3DUnknown%26subid1%3D20250329-2207-1673-9a78-6066be60c64b IP142.250.178.78:443
Requested byhttps://ww25.best-targeted-traffic.com/install.php?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog Fingerprint47:7F:1D:15:F5:CA:9E:50:B7:5D:F0:5E:E9:66:E5:02:F8:3D:AD:E6 ValidityMon, 10 Mar 2025 08:39:05 GMT - Mon, 02 Jun 2025 08:39:04 GMT
File typeHTML document, ASCII text, with very long lines (1201), with no line terminators Hashc092f328f0093e42edd7fac732423b7f b6286b7ea2e62501d1a17ef9c047dec04c397728 461b9310b5db7bad117de6355cfbde5f3770fe4a1e40b9f4bdd82f5c52c70667
GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol111%2Cpid-bodis-gcontrol444%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis01_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.best-targeted-traffic.com%2F%3Fcaf%3D1%26bpt%3D345%26unq%3D27y325223543eiwxvex%26version%3D1.8%26pais%3DUnknown%26subid1%3D20250329-2207-1673-9a78-6066be60c64b&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2876836166450698&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107&format=r7&nocache=7541743246463959&num=0&output=afd_ads&domain_name=ww25.best-targeted-traffic.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1743246463960&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=https%3A%2F%2Fww25.best-targeted-traffic.com%2Finstall.php%3Funq%3D27y325223543eiwxvex%26version%3D1.8%26pais%3DUnknown%26subid1%3D20250329-2207-1673-9a78-6066be60c64b HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.best-targeted-traffic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sat, 29 Mar 2025 11:07:44 GMT
expires: Sat, 29 Mar 2025 11:07:44 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-gNWM4aPhZrFiu_cxv75gOA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 595
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.above.com/marketplace/img/salecard7.png | 103.224.182.24 | 200 OK | 2.3 kB |
URL GET www.above.com/marketplace/img/salecard7.png IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typePNG image data, 62 x 36, 8-bit/color RGBA, non-interlaced Hash9cea6ce8faf882d027859402ac5330bf 751bfcc5d12922f2ecdbd73e66917e3a907d1540 4aa3c13048e3198ef592d8c49d0e11a4051cab070a68d107129e28aea2e8f433
GET /marketplace/img/salecard7.png HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "919-6247ac598cf00"
accept-ranges: bytes
content-length: 2329
content-type: image/png
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.google.com/adsense/domains/caf.js?abp=1&bodis=true | 142.250.74.68 | 200 OK | 144 kB |
URL GET www.google.com/adsense/domains/caf.js?abp=1&bodis=true IP142.250.74.68:443
Requested byhttps://ww25.best-targeted-traffic.com/listing CertificateIssuerGoogle Trust Services Subject*.google.com FingerprintB5:4D:C5:27:B4:49:22:F3:21:DF:88:3D:E6:05:D6:A1:02:98:C7:E2 ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
File typeJavaScript source, ASCII text, with very long lines (1831) Size144 kB (144128 bytes) Hash4c7e880c2aefa6029d37243d98154abe 1c1907176debe4f203a6033184ab8755b11e8fad 12d2eb6f0e3265d35c62ccfbbdc8539cc77baf957ffd3b27aee100ebcfc42231
GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.best-targeted-traffic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 29 Mar 2025 11:07:45 GMT
expires: Sat, 29 Mar 2025 11:07:45 GMT
cache-control: private, max-age=3600
etag: "15473499877488930535"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ww25.best-targeted-traffic.com/_zc | 199.59.243.228 | 200 OK | 181 B |
URL POST ww25.best-targeted-traffic.com/_zc IP199.59.243.228:443
Requested byhttps://ww25.best-targeted-traffic.com/listing CertificateIssuerLet's Encrypt Subjectww25.best-targeted-traffic.com Fingerprint43:42:EA:52:DC:8D:C0:91:DB:BC:89:EA:70:8F:99:FE:E7:4D:8D:AE ValidityTue, 28 Jan 2025 15:03:33 GMT - Mon, 28 Apr 2025 15:03:32 GMT
File typeASCII text, with no line terminators Hashc5dc9472a0806162d66aed787b88c3d8 e2378f50c6fc12e32da443458eb84724465f21c3 bb62ba2fd918b961df8945de4d8a2dd08b6caf50a651b2225b76d0e59b7476ac
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /_zc HTTP/1.1
Host: ww25.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww25.best-targeted-traffic.com/listing
Content-Type: application/json
Content-Length: 6181
Origin: https://ww25.best-targeted-traffic.com
DNT: 1
Connection: keep-alive
Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 29 Mar 2025 11:07:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Content-Length: 180
X-Version: 2.147.0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665; expires=Sat, 29 Mar 2025 11:22:45 GMT; Max-Age=900; path=/; httponly
Connection: close
|
|
| www.google.com/recaptcha/api2/webworker.js?hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb | 142.250.74.68 | 200 OK | 102 B |
URL GET www.google.com/recaptcha/api2/webworker.js?hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb IP142.250.74.68:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=fuk9485ev72v CertificateIssuerGoogle Trust Services Subject*.google.com FingerprintB5:4D:C5:27:B4:49:22:F3:21:DF:88:3D:E6:05:D6:A1:02:98:C7:E2 ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
File typeASCII text, with no line terminators Hashe8fea68fc4f3bad81518a42ff35f72a9 2c32b99f6c1675cc7f0ed5c0c323c5192726d558 b67733509d82d3aa189d99fa0fa466b48b82265b9a701cb150410cbf35f55aab
GET /recaptcha/api2/webworker.js?hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=fuk9485ev72v
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
expires: Sat, 29 Mar 2025 11:07:49 GMT
date: Sat, 29 Mar 2025 11:07:49 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: same-site
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.above.com/css/marketplace.css?1738746734 | 103.224.182.24 | 200 OK | 78 kB |
URL GET www.above.com/css/marketplace.css?1738746734 IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeASCII text, with very long lines (330) Hash1e4eb6dfc7f14ea257e7e0f0fc7ad899 4d871a2e220ab1c061288fd3a3d9a18131ef9c0b 605ea22c729ab4a350ff5dfbdf901f848b23135d22d4e1ad6e96a3e02f23e71d
GET /css/marketplace.css?1738746734 HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Wed, 05 Feb 2025 09:12:14 GMT
etag: "13246-62d61856f3780-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15099
content-type: text/css
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.above.com/css/jquery-ui.css | 103.224.182.24 | 200 OK | 34 kB |
URL GET www.above.com/css/jquery-ui.css IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeASCII text, with very long lines (1339), with CRLF line terminators Hash4388194ca25d7020db6aef97be384330 fcd17609d3722848269052de88fb5585f7d6efc1 28e8833941f30721dd2d1571ff4e49704fcd00e71cfd4181cf2ee884f01aa82b
GET /css/jquery-ui.css HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:32:59 GMT
etag: "8554-6247ac5898cc0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6379
content-type: text/css
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/styles__ltr.css | 142.250.178.35 | 200 OK | 79 kB |
URL GET www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/styles__ltr.css IP142.250.178.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=ththya5ny3cj CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashada37a51f2c5a7fc2d0a7e8e01ee2089 74095bb0eaa20a9b7636fd4e9361fb41115a5cbc cc4b8a3c3cbb7f77dbc336386223eb1e26dc401a9d754e8630ee0989846261a4
GET /recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 42057
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Mar 2025 08:40:57 GMT
expires: Wed, 25 Mar 2026 08:40:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 24 Mar 2025 02:01:29 GMT
content-type: text/css
vary: Accept-Encoding
age: 354412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.35 | 200 OK | 15 kB |
URL GET fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=ththya5ny3cj CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 09:35:39 GMT
expires: Fri, 27 Mar 2026 09:35:39 GMT
cache-control: public, max-age=31536000
age: 178330
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js | 104.18.11.207 | 200 OK | 60 kB |
URL GET stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js IP104.18.11.207:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjectbootstrapcdn.com Fingerprint90:B1:98:4A:7E:D6:37:CF:9B:DC:7D:67:82:58:17:6C:F7:F6:11:DE ValiditySun, 16 Mar 2025 01:14:49 GMT - Sat, 14 Jun 2025 02:14:23 GMT
File typeJavaScript source, ASCII text, with very long lines (59765) Hash02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.above.com
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: gzip
etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 09/17/2023 22:21:35
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0d03bd63409ae5d485a63e7b225e3670
cdn-cache: HIT
cf-cache-status: HIT
age: 23075339
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 927ee7d5ea21b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| js.hsadspixel.net/fb.js | 104.17.223.152 | 200 OK | 5.8 kB |
IP104.17.223.152:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjecthsadspixel.net Fingerprint2C:EA:F6:D9:6C:07:51:E5:C1:E3:3E:35:47:59:19:FC:D3:18:E8:E4 ValidityWed, 05 Feb 2025 04:44:41 GMT - Tue, 06 May 2025 05:44:30 GMT
File typeASCII text, with very long lines (5973), with no line terminators Hasha41bfe065c5a85cab66e0ee62b8a763e 8d879113c3d4a8c16e1b3c442cceb18a41737f7d 986f6cc2445c333b5204bc9593a89f2476d31fa2c19794ac559fbca439fe9551
GET /fb.js HTTP/1.1
Host: js.hsadspixel.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:48 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Thu, 27 Mar 2025 20:17:50 UTC
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: v09kbVXVn.zVEYFozLJWJsD0KdfkOb3Z
etag: W/"dafe41dca401e18de0d0b2120474fe80"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: 2P341D1CM41RS53soM9aNCibWJBEFzT3qkVt6r9MGkbMAw16eBQ75Q==
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.1636/bundles/pixels-release.js&cfRay=9271a19b9b6d18db-WAW
cache-control: max-age=600
x-hs-target-asset: adsscriptloaderstatic/static-1.1636/bundles/pixels-release.js
x-content-type-options: nosniff
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 1
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: e02065a4-6798-42f0-8ade-0d8fc54c61b9
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-554d564d77-7v9sh
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: e02065a4-6798-42f0-8ade-0d8fc54c61b9
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 342
set-cookie: __cf_bm=yUWsXi1ZuZ_N5X28ti0Ugd_P1xFENM9B1Pf_A7w3P1w-1743246468-1.0.1.1-e_jYoOIcAC57oKL.jYz78t7Cb_TIoywpFENgAUvzlG_1cPyGFQlAzJ7SYj6tLC1TCT5.StpLpbN5Ee7tNKv0ah_deZknv7pxcZ8K0iSKjS4; path=/; expires=Sat, 29-Mar-25 11:37:48 GMT; domain=.hsadspixel.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 927ee7ddaf09b523-OSL
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto | 142.250.178.42 | 200 OK | 5.5 kB |
URL GET fonts.googleapis.com/css?family=Roboto IP142.250.178.42:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint69:99:38:F9:7C:82:8E:AC:7D:DA:EA:3E:1C:E4:7F:52:1B:36:41:AA ValidityMon, 10 Mar 2025 08:37:02 GMT - Mon, 02 Jun 2025 08:37:01 GMT
File typeASCII text, with very long lines (5629), with no line terminators Hash3af53c9b2184e923474841b09b5d6325 042438d06490f04d9356dae560068da292f9b630 987b0178c6861f5c944bd5ce1df677a778e5873d15462e5480e02b0c0bd03d7a
GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 29 Mar 2025 11:07:47 GMT
date: Sat, 29 Mar 2025 11:07:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.35 | 200 OK | 48 kB |
URL GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.35:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.above.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 10:12:20 GMT
expires: Fri, 27 Mar 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 176128
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-318991084&l=dataLayer&cx=c>m=45He53q1v853238206za200&tag_exp=102482433~102509683~102788824~102803279~102813109~102887800~102926062 | 142.250.178.72 | 200 OK | 277 kB |
URL GET www.googletagmanager.com/gtag/js?id=AW-318991084&l=dataLayer&cx=c>m=45He53q1v853238206za200&tag_exp=102482433~102509683~102788824~102803279~102813109~102887800~102926062 IP142.250.178.72:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.google-analytics.com Fingerprint16:BA:A3:B5:22:51:BB:87:46:7F:17:3F:9D:14:B3:35:F0:FE:B1:8D ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
File typeJavaScript source, ASCII text, with very long lines (2361) Size277 kB (276653 bytes) Hash772c064913e46521184f4f4117a43d81 b76f70f51212637a9e0a67eb8dc4fcd9c456f7f2 06f87520436f5457ae60f8d591702c1609780cc8d03da5939ac30b7d0b138f76
GET /gtag/js?id=AW-318991084&l=dataLayer&cx=c>m=45He53q1v853238206za200&tag_exp=102482433~102509683~102788824~102803279~102813109~102887800~102926062 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 29 Mar 2025 11:07:49 GMT
expires: Sat, 29 Mar 2025 11:07:49 GMT
cache-control: private, max-age=900
last-modified: Sat, 29 Mar 2025 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 99448
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js | 142.250.178.35 | 200 OK | 562 kB |
URL GET www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js IP142.250.178.35:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
Size562 kB (561652 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 221651
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Mar 2025 09:00:31 GMT
expires: Wed, 25 Mar 2026 09:00:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 24 Mar 2025 02:01:29 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 353238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ka-p.fontawesome.com/releases/v6.7.2/css/pro-v4-shims.min.css?token=61d644614c | 172.64.147.188 | 200 OK | 21 kB |
URL GET ka-p.fontawesome.com/releases/v6.7.2/css/pro-v4-shims.min.css?token=61d644614c IP172.64.147.188:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjectfontawesome.com FingerprintFC:32:90:2B:CD:63:94:32:F0:48:71:9F:50:A4:58:6D:8F:0C:D0:4D ValidityThu, 27 Feb 2025 21:23:34 GMT - Wed, 28 May 2025 22:23:32 GMT
File typeASCII text, with very long lines (20910) Hash16a7fd1893a8ccb2831787fd35aaecea ade84eb9590a677516534209462ead1a84f0b272 f49c87c75bbfc7ff6fc8d0102a969b152cca0aad522f2883cd14354ce47b3c5e
GET /releases/v6.7.2/css/pro-v4-shims.min.css?token=61d644614c HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kit.fontawesome.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
content-type: text/css
content-length: 4088
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "676048a5-ff8"
last-modified: Mon, 16 Dec 2024 15:35:01 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 8862821
accept-ranges: bytes
server: cloudflare
cf-ray: 927ee7d82af00b65-OSL
X-Firefox-Spdy: h2
|
|
| ka-p.fontawesome.com/releases/v6.7.2/css/pro-v4-font-face.min.css?token=61d644614c | 172.64.147.188 | 200 OK | 6.9 kB |
URL GET ka-p.fontawesome.com/releases/v6.7.2/css/pro-v4-font-face.min.css?token=61d644614c IP172.64.147.188:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjectfontawesome.com FingerprintFC:32:90:2B:CD:63:94:32:F0:48:71:9F:50:A4:58:6D:8F:0C:D0:4D ValidityThu, 27 Feb 2025 21:23:34 GMT - Wed, 28 May 2025 22:23:32 GMT
File typeASCII text, with very long lines (6983), with no line terminators Hash2877ab61f66c2709e6c8824b6182148c 94aa5037ac190d2e160b4c012518532946f868b9 0a9ba572f9d483a6377f6e9139082017d16f03d4bf1e43fc61787e2e2b06bd6d
GET /releases/v6.7.2/css/pro-v4-font-face.min.css?token=61d644614c HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kit.fontawesome.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
content-type: text/css
content-length: 1737
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "676048a4-6c9"
last-modified: Mon, 16 Dec 2024 15:35:00 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 1398070
accept-ranges: bytes
server: cloudflare
cf-ray: 927ee7d83b0e0b65-OSL
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js | 142.250.178.35 | 200 OK | 562 kB |
URL GET www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js IP142.250.178.35:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
Size562 kB (561652 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.above.com
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 221651
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Mar 2025 09:00:31 GMT
expires: Wed, 25 Mar 2026 09:00:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 24 Mar 2025 02:01:29 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 353237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| syndicatedsearch.goog/adsense/domains/caf.js | 142.250.178.78 | 200 OK | 144 kB |
URL GET syndicatedsearch.goog/adsense/domains/caf.js IP142.250.178.78:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol111%2Cpid-bodis-gcontrol444%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis01_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.best-targeted-traffic.com%2F%3Fcaf%3D1%26bpt%3D345%26unq%3D27y325223543eiwxvex%26version%3D1.8%26pais%3DUnknown%26subid1%3D20250329-2207-1673-9a78-6066be60c64b&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2876836166450698&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107&format=r7&nocache=7541743246463959&num=0&output=afd_ads&domain_name=ww25.best-targeted-traffic.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1743246463960&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=https%3A%2F%2Fww25.best-targeted-traffic.com%2Finstall.php%3Funq%3D27y325223543eiwxvex%26version%3D1.8%26pais%3DUnknown%26subid1%3D20250329-2207-1673-9a78-6066be60c64b CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog Fingerprint47:7F:1D:15:F5:CA:9E:50:B7:5D:F0:5E:E9:66:E5:02:F8:3D:AD:E6 ValidityMon, 10 Mar 2025 08:39:05 GMT - Mon, 02 Jun 2025 08:39:04 GMT
File typeJavaScript source, ASCII text, with very long lines (1831) Size144 kB (144144 bytes) Hash5361250b0594673c03a348c22a33ba52 a96d69f0462cb5df431ce4fa5e5e1efd51b4a346 a3ea3b39a1687d4239c83fa15ff4c959be272b47272805438321de2f6eb3bbef
GET /adsense/domains/caf.js HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 29 Mar 2025 11:07:44 GMT
expires: Sat, 29 Mar 2025 11:07:44 GMT
cache-control: private, max-age=3600
etag: "10452579923770056967"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ww25.best-targeted-traffic.com/_fd | 199.59.243.228 | 200 OK | 5.4 kB |
URL POST ww25.best-targeted-traffic.com/_fd IP199.59.243.228:443
Requested byhttps://ww25.best-targeted-traffic.com/listing CertificateIssuerLet's Encrypt Subjectww25.best-targeted-traffic.com Fingerprint43:42:EA:52:DC:8D:C0:91:DB:BC:89:EA:70:8F:99:FE:E7:4D:8D:AE ValidityTue, 28 Jan 2025 15:03:33 GMT - Mon, 28 Apr 2025 15:03:32 GMT
File typeASCII text, with very long lines (5425), with no line terminators Hash1a03fbe5e453c6b76161e32f3d17692c 0b7d712440c6295435018d91b18eb8e9846dacc1 f5e441faa80e9f4ab891bcfba63553e7a602ec2fa1145eab594921ead3a59b4d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /_fd HTTP/1.1
Host: ww25.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww25.best-targeted-traffic.com/listing
Content-Type: application/json
Origin: https://ww25.best-targeted-traffic.com
DNT: 1
Connection: keep-alive
Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/1.1 200 OK
Date: Sat, 29 Mar 2025 11:07:44 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 5425
X-Request-Id: 09da2d8f-a85f-43e3-a80a-85188be8781b
Set-Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665; expires=Sat, 29 Mar 2025 11:22:45 GMT
Connection: close
|
|
| fonts.googleapis.com/css?family=Patua+One | 142.250.178.42 | 200 OK | 387 B |
URL GET fonts.googleapis.com/css?family=Patua+One IP142.250.178.42:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint69:99:38:F9:7C:82:8E:AC:7D:DA:EA:3E:1C:E4:7F:52:1B:36:41:AA ValidityMon, 10 Mar 2025 08:37:02 GMT - Mon, 02 Jun 2025 08:37:01 GMT
File typeASCII text, with very long lines (395), with no line terminators Hash19ba623d0e266cb7f035ed537c679444 4fc792280e281474d5c5a7036976502f8958276f e8b05700e597da5b75dc73f29dbd2b53c8f26fb9ad80ec39ef83df96732b4695
GET /css?family=Patua+One HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 29 Mar 2025 11:07:47 GMT
date: Sat, 29 Mar 2025 11:07:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.above.com/js/tipsy.jquery.js | 103.224.182.24 | 200 OK | 7.4 kB |
URL GET www.above.com/js/tipsy.jquery.js IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeJavaScript source, ASCII text, with very long lines (7616), with no line terminators Hash56ccb13ec814588911fe6024422076c2 680a17ef9ee11fa2bf506a081fc45bee077e1a98 c6af965ebc838783da92ec9f5d1c8ff25051458ed48f833328334c777da3f4e0
GET /js/tipsy.jquery.js HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "1cee-6247ac598cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1982
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.above.com/marketplace/img/for-sale-backgrounds/forsalebg1.jpg | 103.224.182.24 | 200 OK | 224 kB |
URL GET www.above.com/marketplace/img/for-sale-backgrounds/forsalebg1.jpg IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1698, components 3 Size224 kB (224053 bytes) Hashb6f37afce57d9a9955bd072e44a7cddc d764ac842fe203453365bb93ad6813c7660493c8 95eea6743a6b2fff58d0cebe7be2f737093caa053475fd2943f00baa69a260e6
GET /marketplace/img/for-sale-backgrounds/forsalebg1.jpg HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "36b35-6247ac598cf00"
accept-ranges: bytes
content-length: 224053
content-type: image/jpeg
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.above.com/marketplace/javascript/capswarn.js?1728959580 | 103.224.182.24 | 200 OK | 1.9 kB |
URL GET www.above.com/marketplace/javascript/capswarn.js?1728959580 IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeJavaScript source, ASCII text, with very long lines (1987), with no line terminators Hash6bcc3e6c8341d6420e9f84ce50ed8c9e b13396cce7143781b7eedecafa57bb480b625798 1ca3650ee12eb64105b2a39e712da550cbf8cd25ff89528a6a115e6be5f61289
GET /marketplace/javascript/capswarn.js?1728959580 HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "74c-6247ac598cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 720
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.above.com/marketplace/javascript/jquery-migrate-1.2.1.min.js?1728959580 | 103.224.182.24 | 200 OK | 7.2 kB |
URL GET www.above.com/marketplace/javascript/jquery-migrate-1.2.1.min.js?1728959580 IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeJavaScript source, ASCII text, with very long lines (7367), with no line terminators Hash54e23b7bacfb944993ce6615e78b8fb1 4b67aa2c97227369b21bad5ca680a26bd5ebc17e 8a8b595257bcf17a3d95b9d65a84ac35588fc02479e3e1f979c5bff6783cd84d
GET /marketplace/javascript/jquery-migrate-1.2.1.min.js?1728959580 HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "1c20-6247ac598cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3068
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.above.com/marketplace/css/offer_new.css?1730682562 | 103.224.182.24 | 200 OK | 11 kB |
URL GET www.above.com/marketplace/css/offer_new.css?1730682562 IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
Hashe24fae2625ee0697bb620cf9a0ef78d7 84b0cb899228de9dff79bc3351740b53a6ad8b3d 75466d6837c42229875e84c6c202ef44fccc28c4660c9244e038dbbac996e1e9
GET /marketplace/css/offer_new.css?1730682562 HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Mon, 04 Nov 2024 01:09:22 GMT
etag: "2974-6260bef53b480-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2480
content-type: text/css
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.above.com/marketplace/img/salecard6.png | 103.224.182.24 | 200 OK | 2.1 kB |
URL GET www.above.com/marketplace/img/salecard6.png IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typePNG image data, 84 x 36, 8-bit/color RGBA, non-interlaced Hashdbcc211821aef990a244a3fcbbfb9afd 258a37fff68791bbd2a0fd9f03763371b3eb5790 88b5f57e461c3320b40afe7e12d6327e0b27032f402688240dc00489f8fd10a6
GET /marketplace/img/salecard6.png HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "859-6247ac598cf00"
accept-ranges: bytes
content-length: 2137
content-type: image/png
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.35 | 200 OK | 15 kB |
URL GET fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=fuk9485ev72v CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 09:35:39 GMT
expires: Fri, 27 Mar 2026 09:35:39 GMT
cache-control: public, max-age=31536000
age: 178330
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.above.com/marketplace/javascript/overlib_mini.js?1728959580 | 103.224.182.24 | 200 OK | 37 kB |
URL GET www.above.com/marketplace/javascript/overlib_mini.js?1728959580 IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeASCII text, with very long lines (3235), with CRLF line terminators Hashebdab84eb06767ddb0c8fb406c832da9 1bef302c303fcfdc92b7391c724d3533fc0a92e4 a161f84f77a4da38e322f2181e1ee6bca6f7d95ae3eff6bddd1bbfdd51f2dab4
GET /marketplace/javascript/overlib_mini.js?1728959580 HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "9163-6247ac598cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10473
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 142.250.178.35 | 200 OK | 2.2 kB |
URL GET www.gstatic.com/recaptcha/api2/logo_48.png IP142.250.178.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=ththya5ny3cj CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 17:58:48 GMT
expires: Thu, 03 Apr 2025 17:58:48 GMT
cache-control: public, max-age=604800
age: 148141
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.above.com/js/email_check.js?1728959580 | 103.224.182.24 | 200 OK | 603 B |
URL GET www.above.com/js/email_check.js?1728959580 IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeASCII text, with very long lines (688), with no line terminators Hash7cc3bec5b9895b173273f29290ac310b 298bca3bc4d86483f6301d3d66b65a4b2ca92d03 8bc75adf1ce21ed2bc218299bdc31036f2d3d2184ff705a1b93c649dcdf85811
GET /js/email_check.js?1728959580 HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "25b-6247ac598cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 251
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| ka-p.fontawesome.com/releases/v6.7.2/css/pro.min.css?token=61d644614c | 172.64.147.188 | 200 OK | 483 kB |
URL GET ka-p.fontawesome.com/releases/v6.7.2/css/pro.min.css?token=61d644614c IP172.64.147.188:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjectfontawesome.com FingerprintFC:32:90:2B:CD:63:94:32:F0:48:71:9F:50:A4:58:6D:8F:0C:D0:4D ValidityThu, 27 Feb 2025 21:23:34 GMT - Wed, 28 May 2025 22:23:32 GMT
File typeASCII text, with very long lines (65364) Size483 kB (483279 bytes) Hash70dd04a5b8835528deb928cbefbf00cc 5735b9cf8112aeca8293179f8a47903416f9db93 96d337d11501960ed43bce88c7d244685acc2131fc0216154da8cc1c7423f632
GET /releases/v6.7.2/css/pro.min.css?token=61d644614c HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kit.fontawesome.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
content-type: text/css
content-length: 82455
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "676048a5-14217"
last-modified: Mon, 16 Dec 2024 15:35:01 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 8862821
accept-ranges: bytes
server: cloudflare
cf-ray: 927ee7d82af50b65-OSL
X-Firefox-Spdy: h2
|
|
| js.hs-scripts.com/4372769.js | 104.16.140.209 | 200 OK | 2.0 kB |
URL GET js.hs-scripts.com/4372769.js IP104.16.140.209:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjecths-scripts.com Fingerprint42:7B:44:66:14:6D:41:40:4B:1B:F9:F9:CF:A7:C3:21:BD:BA:40:BD ValiditySat, 22 Mar 2025 01:57:10 GMT - Fri, 20 Jun 2025 02:56:47 GMT
File typeASCII text, with very long lines (2058), with no line terminators Hash77311e412bb28476107e47206824d289 443d9aa453271d4e34e82850367f84ffd88c82b5 2578b2f6967ebef9ec51514a7bd114e0a6c0941589efa4267e983fa951dbda8f
GET /4372769.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:48 GMT
content-type: application/javascript;charset=utf-8
content-length: 624
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 178267a3-ec27-4e44-9ad4-c21a8676e961
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-max-age: 3600
access-control-allow-origin: https://www.above.com
last-modified: Sat, 29 Mar 2025 11:06:42 GMT
cf-cache-status: HIT
expires: Sat, 29 Mar 2025 11:09:18 GMT
cache-control: public, max-age=90
accept-ranges: bytes
set-cookie: __cf_bm=iwumsB6QZuEaefTl3lO74owOCRn2tdvWEWhJuz93FTs-1743246468-1.0.1.1-N.ajkTFzUe88Ndbwtlo0SrDWTqK_CsS_ZOWx.yIoTEyosbGlxLu4Bvx3Cv8hkdhGwvcR1LMrqvMdYsJQ_qW7RRgL6aU6nxshU6vD5xO8wtk; path=/; expires=Sat, 29-Mar-25 11:37:48 GMT; domain=.hs-scripts.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 927ee7dcaa7e0b3d-OSL
X-Firefox-Spdy: h2
|
|
| ww25.best-targeted-traffic.com/_fd?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b | 199.59.243.228 | 200 OK | 5.4 kB |
URL POST ww25.best-targeted-traffic.com/_fd?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b IP199.59.243.228:443
Requested byhttps://ww25.best-targeted-traffic.com/install.php?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b CertificateIssuerLet's Encrypt Subjectww25.best-targeted-traffic.com Fingerprint43:42:EA:52:DC:8D:C0:91:DB:BC:89:EA:70:8F:99:FE:E7:4D:8D:AE ValidityTue, 28 Jan 2025 15:03:33 GMT - Mon, 28 Apr 2025 15:03:32 GMT
File typeASCII text, with very long lines (5429), with no line terminators Hash23927b060564dad8919e6b1d084524b4 0aa122fd74f638940c9a5e6d731c2ccc3a9758df fc521b5a8f1a66e53ec8b25be5277dd460b406a86e19f6a04ff5b3e1a52ce606
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /_fd?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b HTTP/1.1
Host: ww25.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww25.best-targeted-traffic.com/install.php?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b
Content-Type: application/json
Origin: https://ww25.best-targeted-traffic.com
DNT: 1
Connection: keep-alive
Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/1.1 200 OK
Date: Sat, 29 Mar 2025 11:07:43 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 5429
X-Request-Id: a83c23a5-b8a0-41b5-9b87-d2107562f075
Set-Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665; expires=Sat, 29 Mar 2025 11:22:43 GMT
Connection: close
|
|
| syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol111%2Cpid-bodis-gcontrol444%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis01_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.best-targeted-traffic.com%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2876836166450698&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107&format=r7&nocache=4301743246465426&num=0&output=afd_ads&domain_name=ww25.best-targeted-traffic.com&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1743246465427&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=https%3A%2F%2Fww25.best-targeted-traffic.com%2Flisting&referer=https%3A%2F%2Fww25.best-targeted-traffic.com%2Finstall.php%3Funq%3D27y325223543eiwxvex%26version%3D1.8%26pais%3DUnknown%26subid1%3D20250329-2207-1673-9a78-6066be60c64b | 142.250.178.78 | 200 OK | 1.3 kB |
URL GET syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol111%2Cpid-bodis-gcontrol444%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis01_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.best-targeted-traffic.com%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2876836166450698&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107&format=r7&nocache=4301743246465426&num=0&output=afd_ads&domain_name=ww25.best-targeted-traffic.com&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1743246465427&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=https%3A%2F%2Fww25.best-targeted-traffic.com%2Flisting&referer=https%3A%2F%2Fww25.best-targeted-traffic.com%2Finstall.php%3Funq%3D27y325223543eiwxvex%26version%3D1.8%26pais%3DUnknown%26subid1%3D20250329-2207-1673-9a78-6066be60c64b IP142.250.178.78:443
Requested byhttps://ww25.best-targeted-traffic.com/listing CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog Fingerprint47:7F:1D:15:F5:CA:9E:50:B7:5D:F0:5E:E9:66:E5:02:F8:3D:AD:E6 ValidityMon, 10 Mar 2025 08:39:05 GMT - Mon, 02 Jun 2025 08:39:04 GMT
File typeHTML document, ASCII text, with very long lines (1398), with no line terminators Hash8a64ca2cfa4a522cd6198e08890843c3 064ec9f9df0f33b80b67dcfcd6532d1f777a3b08 5729ac0c3676b003341b6cc43db396834bb48a48b58ca271c7d0a924673248c7
GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol111%2Cpid-bodis-gcontrol444%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis01_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.best-targeted-traffic.com%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2876836166450698&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107&format=r7&nocache=4301743246465426&num=0&output=afd_ads&domain_name=ww25.best-targeted-traffic.com&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1743246465427&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=https%3A%2F%2Fww25.best-targeted-traffic.com%2Flisting&referer=https%3A%2F%2Fww25.best-targeted-traffic.com%2Finstall.php%3Funq%3D27y325223543eiwxvex%26version%3D1.8%26pais%3DUnknown%26subid1%3D20250329-2207-1673-9a78-6066be60c64b HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.best-targeted-traffic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sat, 29 Mar 2025 11:07:45 GMT
expires: Sat, 29 Mar 2025 11:07:45 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-vQUUuCj_M6wh98KEJN_hYA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.above.com/marketplace/img/saletrans1.png | 103.224.182.24 | 200 OK | 922 B |
URL GET www.above.com/marketplace/img/saletrans1.png IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typePNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced Hash10aae7da08c52a6d244e8d6f805fa6d4 7c55e716418896915eecca9bf14849fb9ed4333f 02b7eda11d39fbe5ed770c98d791936d3caf3be5d9a0cea7877781810619801d
GET /marketplace/img/saletrans1.png HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/css/offer_new.css?1730682562
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:48 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "39a-6247ac598cf00"
accept-ranges: bytes
content-length: 922
content-type: image/png
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js | 142.250.178.35 | 200 OK | 562 kB |
URL GET www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js IP142.250.178.35:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
Size562 kB (561652 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.above.com
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 221651
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Mar 2025 09:00:31 GMT
expires: Wed, 25 Mar 2026 09:00:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 24 Mar 2025 02:01:29 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 353237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.hs-banner.com/v2/4372769/banner.js | 172.64.147.16 | 200 OK | 70 kB |
URL GET js.hs-banner.com/v2/4372769/banner.js IP172.64.147.16:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjecths-banner.com FingerprintCE:4F:E9:61:06:DC:89:FC:BC:74:D4:8D:C2:0E:70:0C:7A:F9:40:E9 ValidityThu, 20 Mar 2025 21:45:58 GMT - Wed, 18 Jun 2025 22:45:56 GMT
File typeJavaScript source, ASCII text, with very long lines (64952) Hash5ad39a248e42a5af2f038f4cb5638a99 3bfa1f5a4b3f49317fce825da14f0b9293c1da32 e10f8e53f1efbad05852284a58cced7a3b01b143da2985d3bf985f83c4fe8767
GET /v2/4372769/banner.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:48 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: 9ZtzedSzyBmCrN6XiAjwaBqH1mjSTvMboCVWy5SaeNfFK+2BUO5nPvxeVdV9ELeIdJzAPbDT2nECsAfmwPa/+g==
x-amz-request-id: MJQAK4NFA375X4D9
last-modified: Thu, 30 Jan 2025 18:50:57 GMT
etag: W/"5ad39a248e42a5af2f038f4cb5638a99"
x-amz-server-side-encryption: AES256
cache-control: max-age=300,public
x-amz-version-id: PneNP50_6Ze8v0lcC6RYk3m4.rxFt7zn
access-control-allow-origin: https://www.above.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Sat, 29 Mar 2025 11:08:10 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 25
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 1357b0a7-5195-4877-87ab-1537ec752533
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-fbbff5ddb-l9kkw
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 1357b0a7-5195-4877-87ab-1537ec752533
cf-cache-status: HIT
set-cookie: __cf_bm=f7fIsOWRkTpNaV5hxRfFW1DufOK2NivOsvL6wEZbNxE-1743246468-1.0.1.1-tnkjzJtxGTv4HLR0OfUHO0jQaLmqi3.w5dlX_E00tqY2DQ9WgZUkWc6xhnHMGM88NEgSeZCG8x83HEfMgm0yGu1H7FlL2lAL_Kk0K64kPz8; path=/; expires=Sat, 29-Mar-25 11:37:48 GMT; domain=.hs-banner.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 927ee7ddade8712b-OSL
X-Firefox-Spdy: h2
|
|
| www.above.com/marketplace/javascript/auction.js?1728959580 | 103.224.182.24 | 200 OK | 64 kB |
URL GET www.above.com/marketplace/javascript/auction.js?1728959580 IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeJavaScript source, ASCII text, with very long lines (497), with CRLF line terminators Hash71a9f640ac87069aa8c9f51bdd43a633 814ea30aa3c7c3e562ce039c9226114168c6b2d5 4fb7419767ea26388b5dc69fe9abdabb02598724c228e86fa8c5c8f0fae1c419
GET /marketplace/javascript/auction.js?1728959580 HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "f8c3-6247ac598cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11672
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,700italic,800,800italic | 142.250.178.42 | 200 OK | 46 kB |
URL GET fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,700italic,800,800italic IP142.250.178.42:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint69:99:38:F9:7C:82:8E:AC:7D:DA:EA:3E:1C:E4:7F:52:1B:36:41:AA ValidityMon, 10 Mar 2025 08:37:02 GMT - Mon, 02 Jun 2025 08:37:01 GMT
File typeASCII text, with very long lines (1572) Hash98b885ec4c7bf27484615e33b57c6984 caf9266de892dd7e7419fc092b608d3e3ac02b50 ff185fa9c687cda6bac7e5cc5c6095c75df740754625d7ced02e4c8187f2d0c4
GET /css?family=Open+Sans:400,400italic,600,600italic,700,700italic,800,800italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 29 Mar 2025 11:07:47 GMT
date: Sat, 29 Mar 2025 11:07:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=4372769 | 104.18.242.108 | 200 OK | 115 B |
URL GET api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=4372769 IP104.18.242.108:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjecthubapi.com FingerprintD1:C3:49:1C:00:F2:15:97:4B:C7:FF:79:3A:55:FF:B4:E0:AF:6F:53 ValidityWed, 05 Mar 2025 17:47:15 GMT - Tue, 03 Jun 2025 18:47:13 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash7d3e6afe36aab1fb564d62dbb359f78a c7b52aee6e5702a32a7fed04c67964e99daec2a6 9476dc948c3f4468eace766e44d6ea0ebbce7e922581d0cff09c0358435f1ab6
GET /hs-script-loader-public/v1/config/pixels-and-events/json?portalId=4372769 HTTP/1.1
Host: api.hubapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.above.com
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:49 GMT
content-type: application/json;charset=utf-8
cf-ray: 927ee7dedde856cc-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: https://www.above.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-max-age: 180
x-content-type-options: nosniff
x-hubspot-correlation-id: 72a115e2-0457-4136-b0af-3f72ec139725
set-cookie: __cf_bm=a24GFvYMDSTmzps8wlDk.cu.8BE_.5fuw_MMHBp1O0Q-1743246469-1.0.1.1-ibNT1Th.PCqnhNgviH20eNf1ACnq0N0TcHV148LJd16eUnDkQsBHkHBgE6okr6w6_nbeMBCZZ4.x6o1LiWcw8Eq4t12PbfnKJ8zyaHJfRUY; path=/; expires=Sat, 29-Mar-25 11:37:49 GMT; domain=.hubapi.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2Fl%2BN%2BI0oQDfEey410wKv%2BKLfP4670W9sXz79U8%2FY%2B4sOH8eHCte1SCiGY2kbzvYFlHTs1MjZvG%2B4oOkLNbXI%2BQ0akH4MbdXix44dOFxj%2FXJSeWD4gJOPTJyhJxSYQ6d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ww25.best-targeted-traffic.com/install.php?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b | 199.59.243.228 | 200 OK | 1.4 kB |
URL User Request GET ww25.best-targeted-traffic.com/install.php?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b IP199.59.243.228:443
CertificateIssuerLet's Encrypt Subjectww25.best-targeted-traffic.com Fingerprint43:42:EA:52:DC:8D:C0:91:DB:BC:89:EA:70:8F:99:FE:E7:4D:8D:AE ValidityTue, 28 Jan 2025 15:03:33 GMT - Mon, 28 Apr 2025 15:03:32 GMT
File typeHTML document, ASCII text, with very long lines (1432), with no line terminators Hashe44314a7758e190e0623d0e94bd5a93c 94799523f1a2e00d56098a449d6d742b8f493a84 c83b68b6baef56cae80710eaf8ffdcc2d7156863493e3ea879d5f69286c634e7
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /install.php?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b HTTP/1.1
Host: ww25.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 29 Mar 2025 11:07:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1390
X-Request-Id: 74315e7f-872a-424f-b4f6-bebad3bea665
Cache-Control: no-store, max-age=0
Accept-Ch: sec-ch-prefers-color-scheme
Critical-Ch: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_HNDLVdSsf8+qu6w0rSKrxXISc00ES03R7rahg/+92/K4VixLgMuYwvGQyHgHitShJWfbVfmFWfR8Fesx3cgrOQ==
Set-Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665; expires=Sat, 29 Mar 2025 11:22:43 GMT; path=/
Connection: close
|
|
| ww25.best-targeted-traffic.com/_zc | 199.59.243.228 | 200 OK | 181 B |
URL POST ww25.best-targeted-traffic.com/_zc IP199.59.243.228:443
Requested byhttps://ww25.best-targeted-traffic.com/install.php?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b CertificateIssuerLet's Encrypt Subjectww25.best-targeted-traffic.com Fingerprint43:42:EA:52:DC:8D:C0:91:DB:BC:89:EA:70:8F:99:FE:E7:4D:8D:AE ValidityTue, 28 Jan 2025 15:03:33 GMT - Mon, 28 Apr 2025 15:03:32 GMT
File typeASCII text, with no line terminators Hash9d453677e0377e7059a9f05ca47798f4 4c7c84deaa107a3f697783a4971c84935d3a5433 322de106bfaf0cfdb7023a080b5d4c09db8e930b96e66c1eca62a0ab20883ad4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /_zc HTTP/1.1
Host: ww25.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww25.best-targeted-traffic.com/install.php?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b
Content-Type: application/json
Content-Length: 6373
Origin: https://ww25.best-targeted-traffic.com
DNT: 1
Connection: keep-alive
Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 29 Mar 2025 11:07:44 GMT
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Content-Length: 176
X-Version: 2.147.0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665; expires=Sat, 29 Mar 2025 11:22:44 GMT; Max-Age=900; path=/; httponly
Connection: close
|
|
| www.above.com/marketplace/javascript/jquery-2.1.1.min.js | 103.224.182.24 | 200 OK | 84 kB |
URL GET www.above.com/marketplace/javascript/jquery-2.1.1.min.js IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeJavaScript source, ASCII text, with very long lines (32061) Hashe40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
GET /marketplace/javascript/jquery-2.1.1.min.js HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Wed, 05 Feb 2025 09:12:14 GMT
etag: "14915-62d61856f3780-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 29497
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.above.com/marketplace/javascript/timer.js?1728959580 | 103.224.182.24 | 200 OK | 1.4 kB |
URL GET www.above.com/marketplace/javascript/timer.js?1728959580 IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeASCII text, with very long lines (1569), with no line terminators Hash91c1bc0deb9c8b3613242102cbe502e5 5d37a558c2f8a01d9cf8dfe5bca8e23b740eb2f4 8db724ba69320b70c3f44b7ca6525a64b693c454f6eafa24fe96353a2a20cb9d
GET /marketplace/javascript/timer.js?1728959580 HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "5a0-6247ac598cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 608
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| code.jquery.com/ui/1.12.0/themes/smoothness/jquery-ui.css | 151.101.194.137 | 200 OK | 37 kB |
URL GET code.jquery.com/ui/1.12.0/themes/smoothness/jquery-ui.css IP151.101.194.137:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5 ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
File typeASCII text, with very long lines (2363) Hash3bfc176d69c2b71a38c126f18b493c64 3c42763d09ff39c1954ec8b0264d748828f19fd3 38ab5953a468c8084db2452a42bdc59a6be197bab8dad4105c040b63186155e9
GET /ui/1.12.0/themes/smoothness/jquery-ui.css HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-8ed4"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 29 Mar 2025 11:07:47 GMT
age: 3034406
x-served-by: cache-lga21965-LGA, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 472, 2807
x-timer: S1743246468.620809,VS0,VE0
vary: Accept-Encoding
content-length: 8424
X-Firefox-Spdy: h2
|
|
| www.above.com/css/lity.min.css | 103.224.182.24 | 200 OK | 3.2 kB |
URL GET www.above.com/css/lity.min.css IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeASCII text, with very long lines (3285), with no line terminators Hash8b32463affe0ac9c7fb2069d1b875cb2 2c334c2caf7270a204c6550af0d36bf6f5f07643 a6fc3b8a9180b8de4cc586960db38ad6935daff568569444f847ba9f2b5a585f
GET /css/lity.min.css HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:32:59 GMT
etag: "ca3-6247ac5898cc0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1031
content-type: text/css
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KKGWZHB | 142.250.178.72 | 200 OK | 311 kB |
URL GET www.googletagmanager.com/gtm.js?id=GTM-KKGWZHB IP142.250.178.72:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.google-analytics.com Fingerprint16:BA:A3:B5:22:51:BB:87:46:7F:17:3F:9D:14:B3:35:F0:FE:B1:8D ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
File typeJavaScript source, ASCII text, with very long lines (4932) Size311 kB (311356 bytes) Hash87963c2727b4856d08054623564b87c9 1bf3d408bc2c373817ee790356501379f373924c 3fa813b26fe8b7210b9524416f02c3a56707d538972da48b1adadfd9f95831be
GET /gtm.js?id=GTM-KKGWZHB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 29 Mar 2025 11:07:48 GMT
expires: Sat, 29 Mar 2025 11:07:48 GMT
cache-control: private, max-age=900
last-modified: Sat, 29 Mar 2025 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1262:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1262:0
report-to: {"group":"ascgcycc:1262:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1262:0"}],}
server: Google Tag Manager
content-length: 105053
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.above.com/img/favicon.ico | 103.224.182.24 | 200 OK | 15 kB |
URL GET www.above.com/img/favicon.ico IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel Hash3884e25b4e3570f8a23468394a331c94 358ab3c2926d01c603cca2888bc45025da813550 d247edcb9af459e71e1ca2033bb417d07a5fc86a6dac9158578f922d64383e33
GET /img/favicon.ico HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:48 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:32:59 GMT
etag: "3aee-6247ac5898cc0"
accept-ranges: bytes
content-length: 15086
content-type: image/vnd.microsoft.icon
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js?render=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8 | 142.250.74.68 | 200 OK | 945 B |
URL GET www.google.com/recaptcha/api.js?render=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8 IP142.250.74.68:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.google.com FingerprintB5:4D:C5:27:B4:49:22:F3:21:DF:88:3D:E6:05:D6:A1:02:98:C7:E2 ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
File typeJavaScript source, ASCII text, with very long lines (945), with no line terminators Hash665a7d128ad9858036cf16d2f5661541 2c64397d679987b8a79a3b13210d38dbe0498c3e 4a1c4883f45ea6a6c1f2854b3921bf0af7e238a9cd6337158b86d582241b91f5
GET /recaptcha/api.js?render=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
expires: Sat, 29 Mar 2025 11:07:48 GMT
date: Sat, 29 Mar 2025 11:07:48 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.35 | 200 OK | 16 kB |
URL GET fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=fuk9485ev72v CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 09:18:45 GMT
expires: Fri, 27 Mar 2026 09:18:45 GMT
cache-control: public, max-age=31536000
age: 179344
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.above.com/marketplace/javascript/jquery.cycle.lite.js | 103.224.182.24 | 200 OK | 7.9 kB |
URL GET www.above.com/marketplace/javascript/jquery.cycle.lite.js IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeJavaScript source, ASCII text, with very long lines (8167), with no line terminators Hash915f437b7fd9def14fc963bb9d741f04 31c73c0dc06b7c87e15c8f4b1d821b105a48cd67 54ee69447a9ddd03303c37429c2f45beb403c463170ed0cef503fc9827c1510d
GET /marketplace/javascript/jquery.cycle.lite.js HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "1ef7-6247ac598cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2400
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.35 | 200 OK | 16 kB |
URL GET fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=ththya5ny3cj CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 09:18:45 GMT
expires: Fri, 27 Mar 2026 09:18:45 GMT
cache-control: public, max-age=31536000
age: 179344
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css | 104.18.11.207 | 200 OK | 160 kB |
URL GET stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css IP104.18.11.207:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjectbootstrapcdn.com Fingerprint90:B1:98:4A:7E:D6:37:CF:9B:DC:7D:67:82:58:17:6C:F7:F6:11:DE ValiditySun, 16 Mar 2025 01:14:49 GMT - Sat, 14 Jun 2025 02:14:23 GMT
File typeASCII text, with very long lines (65326) Size160 kB (160302 bytes) Hash816af0eddd3b4822c2756227c7e7b7ee c470239d4c7db36d56dc3a74a080c62218c6edc4 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.above.com
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: gzip
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 07/07/2023 01:23:40
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1055
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: f3992971ecb8ae5a7cb9e5e379ed4fc1
cdn-cache: HIT
cf-cache-status: HIT
age: 24968415
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 927ee7d5ea1db4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.above.com/marketplace/javascript/validations.js?1728959580 | 103.224.182.24 | 200 OK | 12 kB |
URL GET www.above.com/marketplace/javascript/validations.js?1728959580 IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash44ac8089f992d6f1a906ba7c5e09d756 2f3527866e59951180997e26b4cde7c5e78bdf33 c6e0970e64ce8c2dbc0756d1f7dad29adb6aca546d7e81fbb3fbf0a6f7f72096
GET /marketplace/javascript/validations.js?1728959580 HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "2def-6247ac598cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2713
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.above.com/js/pswmeter.min.js | 103.224.182.24 | 200 OK | 3.0 kB |
URL GET www.above.com/js/pswmeter.min.js IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeASCII text, with very long lines (3100), with no line terminators Hashea9d1edca59d23725e83ff20aa5acdf1 4b177d7a4c347ef65de28b84c4cca84f61d00e65 7679ee07311b57b245547102c6a4209734fa46f24426211087298b914002b4ae
GET /js/pswmeter.min.js HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "b9f-6247ac598cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 923
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.above.com/marketplace/img/saletick.png | 103.224.182.24 | 200 OK | 3.2 kB |
URL GET www.above.com/marketplace/img/saletick.png IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typePNG image data, 50 x 36, 8-bit/color RGBA, non-interlaced Hash4c14580a6907d78e9187109360e3986a a7b112aba1e32eee37d6882cb0b91fc8791c7aa8 4dc79b2bd0abf05d4d37104dda327e1881e6b2a978a0f9b36bcf4e5f4e12cb97
GET /marketplace/img/saletick.png HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "c99-6247ac598cf00"
accept-ranges: bytes
content-length: 3225
content-type: image/png
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2 | 142.250.74.35 | 200 OK | 21 kB |
URL GET fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2 IP142.250.74.35:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20612, version 1.0 Hashb07da7aa3e4f363c5cdbc11312239e8c 47bf5b2f24ea4a4caafccc89b9d2a6677ef9e3b8 e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa
GET /s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.above.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20612
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 09:13:18 GMT
expires: Fri, 27 Mar 2026 09:13:18 GMT
cache-control: public, max-age=31536000
age: 179670
last-modified: Wed, 08 Jan 2025 18:23:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js?render=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8 | 142.250.74.68 | 200 OK | 945 B |
URL GET www.google.com/recaptcha/api.js?render=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8 IP142.250.74.68:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint2F:CC:05:C5:14:C4:CD:A4:26:05:31:F9:67:40:7C:D3:39:74:34:0C ValidityMon, 10 Mar 2025 08:37:46 GMT - Mon, 02 Jun 2025 08:37:45 GMT
File typeJavaScript source, ASCII text, with very long lines (945), with no line terminators Hash665a7d128ad9858036cf16d2f5661541 2c64397d679987b8a79a3b13210d38dbe0498c3e 4a1c4883f45ea6a6c1f2854b3921bf0af7e238a9cd6337158b86d582241b91f5
GET /recaptcha/api.js?render=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sat, 29 Mar 2025 11:07:47 GMT
date: Sat, 29 Mar 2025 11:07:47 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.usemessages.com/conversations-embed.js | 104.16.75.142 | 200 OK | 95 kB |
URL GET js.usemessages.com/conversations-embed.js IP104.16.75.142:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjectusemessages.com Fingerprint95:1E:A9:A8:2E:65:15:A7:92:EC:D9:FE:78:9A:2C:D2:FC:9E:92:3A ValiditySat, 01 Feb 2025 18:47:24 GMT - Fri, 02 May 2025 19:47:21 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hasheb75e0147c62be18491867ec787147f3 fcae0bfe85512134a6285d040e3ee9e02868befa ce1922a4396277f351793492f38888057f56be195b7fa1aa6be4f5439417d768
GET /conversations-embed.js HTTP/1.1
Host: js.usemessages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:48 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Fri, 28 Mar 2025 14:47:03 UTC
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: H3fsljKULv7XtIi9sEsO1Ito_z_VEEJh
etag: W/"eb75e0147c62be18491867ec787147f3"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: 2JM0RXTkyDvk26SByNUMzn2JPRsG0Cgke9DYfCwKO--QDPJ3tuRt1w==
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.21193/bundles/project.js&cfRay=9277fa822e9e0afa-FRA
cache-control: max-age=600
x-hs-target-asset: conversations-embed/static-1.21193/bundles/project.js
x-content-type-options: nosniff
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 3
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 9e08407c-1661-4d00-aea0-afb2d597c985
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-554d564d77-mz8np
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 9e08407c-1661-4d00-aea0-afb2d597c985
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 475
set-cookie: __cf_bm=pOryTncGuhCOaC_jHGgC8nP4IdvDl9XlEYJA.ztJtFA-1743246468-1.0.1.1-IzFWrzJBpAYxUL7U71_9CGbps0nWLLgkgGFO163Z5JN0EwC40GZ4etplzw7eZDo6ufnBl8I.rkmDVqhKFP54GcK.vARj5VOYc7ZffU6UzYw; path=/; expires=Sat, 29-Mar-25 11:37:48 GMT; domain=.usemessages.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 927ee7dd9d3bb51b-OSL
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js | 142.250.178.35 | 200 OK | 562 kB |
URL GET www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js IP142.250.178.35:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
Size562 kB (561652 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 221651
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Mar 2025 09:00:31 GMT
expires: Wed, 25 Mar 2026 09:00:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 24 Mar 2025 02:01:29 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 353238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ww25.best-targeted-traffic.com/bZnpIuwxy.js | 199.59.243.228 | 200 OK | 36 kB |
URL GET ww25.best-targeted-traffic.com/bZnpIuwxy.js IP199.59.243.228:443
Requested byhttps://ww25.best-targeted-traffic.com/listing CertificateIssuerLet's Encrypt Subjectww25.best-targeted-traffic.com Fingerprint43:42:EA:52:DC:8D:C0:91:DB:BC:89:EA:70:8F:99:FE:E7:4D:8D:AE ValidityTue, 28 Jan 2025 15:03:33 GMT - Mon, 28 Apr 2025 15:03:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /bZnpIuwxy.js HTTP/1.1
Host: ww25.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.best-targeted-traffic.com/listing
Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 29 Mar 2025 11:07:44 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 35693
X-Request-Id: a1a57126-54af-4154-be15-74100cad3701
Set-Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665; expires=Sat, 29 Mar 2025 11:22:44 GMT
Connection: close
|
|
| syndicatedsearch.goog/adsense/domains/caf.js | 142.250.178.78 | 200 OK | 144 kB |
URL GET syndicatedsearch.goog/adsense/domains/caf.js IP142.250.178.78:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol111%2Cpid-bodis-gcontrol444%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis01_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.best-targeted-traffic.com%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2876836166450698&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107&format=r7&nocache=4301743246465426&num=0&output=afd_ads&domain_name=ww25.best-targeted-traffic.com&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1743246465427&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=https%3A%2F%2Fww25.best-targeted-traffic.com%2Flisting&referer=https%3A%2F%2Fww25.best-targeted-traffic.com%2Finstall.php%3Funq%3D27y325223543eiwxvex%26version%3D1.8%26pais%3DUnknown%26subid1%3D20250329-2207-1673-9a78-6066be60c64b CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog Fingerprint47:7F:1D:15:F5:CA:9E:50:B7:5D:F0:5E:E9:66:E5:02:F8:3D:AD:E6 ValidityMon, 10 Mar 2025 08:39:05 GMT - Mon, 02 Jun 2025 08:39:04 GMT
File typeJavaScript source, ASCII text, with very long lines (1831) Size144 kB (144144 bytes) Hasha57de17e53ded0525f4e6e21eb6bce7b d7f17afc9fb051437d044a9bdb78eb11f43cc741 28dcefc8e2d516b62a71b7d54a93f5525b061212918abdde68be17a2d46ae66b
GET /adsense/domains/caf.js HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 29 Mar 2025 11:07:45 GMT
expires: Sat, 29 Mar 2025 11:07:45 GMT
cache-control: private, max-age=3600
etag: "776173769604924913"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.above.com/js/lity.min.js?1728959580 | 103.224.182.24 | 200 OK | 4.9 kB |
URL GET www.above.com/js/lity.min.js?1728959580 IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (5115), with no line terminators Hash38fc683fe188ca7db9c61c7b939d8714 4de679d678123af7338fd251002de38e787443ad b24319bf8e300c8e034fb2e0ad4b376c419c418b2468c7997ee8040777c67976
GET /js/lity.min.js?1728959580 HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "132e-6247ac598cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2263
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| ka-p.fontawesome.com/releases/v6.7.2/css/pro-v5-font-face.min.css?token=61d644614c | 172.64.147.188 | 200 OK | 52 kB |
URL GET ka-p.fontawesome.com/releases/v6.7.2/css/pro-v5-font-face.min.css?token=61d644614c IP172.64.147.188:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subjectfontawesome.com FingerprintFC:32:90:2B:CD:63:94:32:F0:48:71:9F:50:A4:58:6D:8F:0C:D0:4D ValidityThu, 27 Feb 2025 21:23:34 GMT - Wed, 28 May 2025 22:23:32 GMT
File typeASCII text, with very long lines (51326) Hash6d4240f3b4dfe30ce1db17794c5727a0 8434467851c1b2bf96d78e8566dfe50048fc4bcd 207393902fc5b673424da0b95213a3446c40ddf9aeb2b24b48e8a1eaa9d6a834
GET /releases/v6.7.2/css/pro-v5-font-face.min.css?token=61d644614c HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kit.fontawesome.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
content-type: text/css
content-length: 7189
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "676048a5-1c15"
last-modified: Mon, 16 Dec 2024 15:35:01 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 8862821
accept-ranges: bytes
server: cloudflare
cf-ray: 927ee7d83b0b0b65-OSL
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-DQB7CZVNQD&l=dataLayer&cx=c>m=45He53q1v853238206za200&tag_exp=102482433~102509683~102788824~102803279~102813109~102887800~102926062 | 142.250.178.72 | 200 OK | 464 kB |
URL GET www.googletagmanager.com/gtag/js?id=G-DQB7CZVNQD&l=dataLayer&cx=c>m=45He53q1v853238206za200&tag_exp=102482433~102509683~102788824~102803279~102813109~102887800~102926062 IP142.250.178.72:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.google-analytics.com Fingerprint16:BA:A3:B5:22:51:BB:87:46:7F:17:3F:9D:14:B3:35:F0:FE:B1:8D ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
File typeJavaScript source, ASCII text, with very long lines (11327) Size464 kB (464509 bytes) Hash7dd0dedc2784ab5688ee93f51e2c434f 818f414f08ff31c57e2fbae349883c6f46a16ed4 aebb38c6999d4fd1a06b95a071c7cbdaf043b40c3a8c71fd19c7532e1fe3b918
GET /gtag/js?id=G-DQB7CZVNQD&l=dataLayer&cx=c>m=45He53q1v853238206za200&tag_exp=102482433~102509683~102788824~102803279~102813109~102887800~102926062 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 29 Mar 2025 11:07:48 GMT
expires: Sat, 29 Mar 2025 11:07:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 148210
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.above.com/marketplace/img/above-mp.png | 103.224.182.24 | 200 OK | 4.4 kB |
URL GET www.above.com/marketplace/img/above-mp.png IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typePNG image data, 279 x 26, 8-bit/color RGBA, non-interlaced Hash8fc8e52e201d9acb5bb06ae37edc1206 29d2c03222ebdb6fc8a57339281cd1df2d40832d 0b7e8f59179c93398b409396dedc6d5f173e1fd8de15164a7cdad23a534d2032
GET /marketplace/img/above-mp.png HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "114b-6247ac598cf00"
accept-ranges: bytes
content-length: 4427
content-type: image/png
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| ww25.best-targeted-traffic.com/bDsprfdzP.js | 199.59.243.228 | 200 OK | 36 kB |
URL GET ww25.best-targeted-traffic.com/bDsprfdzP.js IP199.59.243.228:443
Requested byhttps://ww25.best-targeted-traffic.com/install.php?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b CertificateIssuerLet's Encrypt Subjectww25.best-targeted-traffic.com Fingerprint43:42:EA:52:DC:8D:C0:91:DB:BC:89:EA:70:8F:99:FE:E7:4D:8D:AE ValidityTue, 28 Jan 2025 15:03:33 GMT - Mon, 28 Apr 2025 15:03:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /bDsprfdzP.js HTTP/1.1
Host: ww25.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.best-targeted-traffic.com/install.php?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b
Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 29 Mar 2025 11:07:43 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 35693
X-Request-Id: 9714888d-5660-4134-93ff-e943b6ee498e
Set-Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665; expires=Sat, 29 Mar 2025 11:22:43 GMT
Connection: close
|
|
| www.google.com/adsense/domains/caf.js?abp=1&bodis=true | 142.250.74.68 | 200 OK | 144 kB |
URL GET www.google.com/adsense/domains/caf.js?abp=1&bodis=true IP142.250.74.68:443
Requested byhttps://ww25.best-targeted-traffic.com/install.php?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint2F:CC:05:C5:14:C4:CD:A4:26:05:31:F9:67:40:7C:D3:39:74:34:0C ValidityMon, 10 Mar 2025 08:37:46 GMT - Mon, 02 Jun 2025 08:37:45 GMT
File typeJavaScript source, ASCII text, with very long lines (1831) Size144 kB (144137 bytes) Hashc4632258583cdbb1a2c6e600f2dcee1c d0380c612860ce0c625a86d49d80f9e4f5cd2a50 05319de60b702c6d457746ce47c571838c0447746380bdc7b82a762e148aa6c5
GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.best-targeted-traffic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 29 Mar 2025 11:07:43 GMT
expires: Sat, 29 Mar 2025 11:07:43 GMT
cache-control: private, max-age=3600
etag: "131292222700955259"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.above.com/marketplace/javascript/1.11.2-jquery-ui.min.js | 103.224.182.24 | 200 OK | 240 kB |
URL GET www.above.com/marketplace/javascript/1.11.2-jquery-ui.min.js IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeJavaScript source, ASCII text, with very long lines (32157) Size240 kB (239564 bytes) Hash870b75c273a97501e7d1fb27776bafd0 a83caf65714ff3a56aded6088acb525e9d305881 7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054
GET /marketplace/javascript/1.11.2-jquery-ui.min.js HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Wed, 05 Feb 2025 09:12:14 GMT
etag: "3a7cc-62d61856f3780-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.above.com/marketplace/img/salecard5.png | 103.224.182.24 | 200 OK | 2.3 kB |
URL GET www.above.com/marketplace/img/salecard5.png IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typePNG image data, 75 x 36, 8-bit/color RGBA, non-interlaced Hashec613ce41eca3b5d98706b1912f1c8ca 4555dd8e6280384c6ab10f311075bdb9d0db38be 123e5c1578ccc41f785b8b544c56261bda8eef9a0123fd612fc0f7a871dc4a37
GET /marketplace/img/salecard5.png HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "91b-6247ac598cf00"
accept-ranges: bytes
content-length: 2331
content-type: image/png
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=ththya5ny3cj | 142.250.74.68 | 200 OK | 73 kB |
URL GET www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=ththya5ny3cj IP142.250.74.68:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.google.com FingerprintB5:4D:C5:27:B4:49:22:F3:21:DF:88:3D:E6:05:D6:A1:02:98:C7:E2 ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
File typeHTML document, ASCII text, with very long lines (56645) Hasha9b693e8b325fa45e50f7bf8a4ae7265 2d34b5e8d00b016c4b3a5e50e42c0ca66fd6da18 4c8d93351910c7d4c32eb32ec30ccf53891e75e637a818f4d2e6ac20338e7a0a
GET /recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=ththya5ny3cj HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 29 Mar 2025 11:07:49 GMT
content-security-policy: script-src 'nonce-cxrjfV89m3si1vRpPciQ-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.above.com/marketplace/javascript/capswarn.js?1728959580 | 103.224.182.24 | 200 OK | 1.9 kB |
URL GET www.above.com/marketplace/javascript/capswarn.js?1728959580 IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeJavaScript source, ASCII text, with very long lines (1987), with no line terminators Hash6bcc3e6c8341d6420e9f84ce50ed8c9e b13396cce7143781b7eedecafa57bb480b625798 1ca3650ee12eb64105b2a39e712da550cbf8cd25ff89528a6a115e6be5f61289
GET /marketplace/javascript/capswarn.js?1728959580 HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:48 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "74c-6247ac598cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 720
content-type: application/javascript
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-DQB7CZVNQD>m=45je53q1v871550789z8853238206za200zb853238206&_p=1743246467386&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062~102964103&cid=1572007403.1743246469&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1743246468&sct=1&seg=0&dl=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fbest-targeted-traffic.com&dr=https%3A%2F%2Fww25.best-targeted-traffic.com%2F&dt=best-targeted-traffic.com%20-%20Above.com%20Marketplace&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2873 | 216.239.34.36 | 204 No Content | 0 B |
URL POST region1.analytics.google.com/g/collect?v=2&tid=G-DQB7CZVNQD>m=45je53q1v871550789z8853238206za200zb853238206&_p=1743246467386&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062~102964103&cid=1572007403.1743246469&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1743246468&sct=1&seg=0&dl=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fbest-targeted-traffic.com&dr=https%3A%2F%2Fww25.best-targeted-traffic.com%2F&dt=best-targeted-traffic.com%20-%20Above.com%20Marketplace&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2873 IP216.239.34.36:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.google-analytics.com Fingerprint16:BA:A3:B5:22:51:BB:87:46:7F:17:3F:9D:14:B3:35:F0:FE:B1:8D ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DQB7CZVNQD>m=45je53q1v871550789z8853238206za200zb853238206&_p=1743246467386&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062~102964103&cid=1572007403.1743246469&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1743246468&sct=1&seg=0&dl=https%3A%2F%2Fwww.above.com%2Fmarketplace%2Fbest-targeted-traffic.com&dr=https%3A%2F%2Fww25.best-targeted-traffic.com%2F&dt=best-targeted-traffic.com%20-%20Above.com%20Marketplace&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2873 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.above.com/
Origin: https://www.above.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.above.com
date: Sat, 29 Mar 2025 11:07:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:153:0
report-to: {"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js | 142.250.178.35 | 200 OK | 562 kB |
URL GET www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js IP142.250.178.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=ththya5ny3cj CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
Size562 kB (561652 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 221651
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Mar 2025 09:00:31 GMT
expires: Wed, 25 Mar 2026 09:00:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 24 Mar 2025 02:01:29 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 353238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/recaptcha/api2/webworker.js?hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb | 142.250.74.68 | 200 OK | 102 B |
URL GET www.google.com/recaptcha/api2/webworker.js?hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb IP142.250.74.68:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=ththya5ny3cj CertificateIssuerGoogle Trust Services Subject*.google.com FingerprintB5:4D:C5:27:B4:49:22:F3:21:DF:88:3D:E6:05:D6:A1:02:98:C7:E2 ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
File typeASCII text, with no line terminators Hashe8fea68fc4f3bad81518a42ff35f72a9 2c32b99f6c1675cc7f0ed5c0c323c5192726d558 b67733509d82d3aa189d99fa0fa466b48b82265b9a701cb150410cbf35f55aab
GET /recaptcha/api2/webworker.js?hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le8eZoUAAAAACvL0yuXhE6cd7XioIzzzi5a1br8&co=aHR0cHM6Ly93d3cuYWJvdmUuY29tOjQ0Mw..&hl=en&v=hbAq-YhJxOnlU-7cpgBoAJHb&size=invisible&cb=ththya5ny3cj
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
expires: Sat, 29 Mar 2025 11:07:49 GMT
date: Sat, 29 Mar 2025 11:07:49 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: same-site
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.above.com/marketplace/img/salecard3.png | 103.224.182.24 | 200 OK | 2.4 kB |
URL GET www.above.com/marketplace/img/salecard3.png IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typePNG image data, 72 x 36, 8-bit/color RGBA, non-interlaced Hash649e1781547b0142288b406635b5aafc 3b1f5797d8e7208c67f62772a0e31998a32c0607 71013ba1eb5d11670e7adffa291893a5762cb970703b1a62a789d9dbed564869
GET /marketplace/img/salecard3.png HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "983-6247ac598cf00"
accept-ranges: bytes
content-length: 2435
content-type: image/png
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| ww25.best-targeted-traffic.com/listing | 199.59.243.228 | 200 OK | 1.3 kB |
URL User Request GET ww25.best-targeted-traffic.com/listing IP199.59.243.228:443
CertificateIssuerLet's Encrypt Subjectww25.best-targeted-traffic.com Fingerprint43:42:EA:52:DC:8D:C0:91:DB:BC:89:EA:70:8F:99:FE:E7:4D:8D:AE ValidityTue, 28 Jan 2025 15:03:33 GMT - Mon, 28 Apr 2025 15:03:32 GMT
File typeHTML document, ASCII text, with very long lines (1368), with no line terminators Hash810e354576d45960e4592b026808c3fd 3e6e5a0099af1aa1ad0dafdb95d9f1905338b504 b3df2b0b808b43ebe616e5525c7fa0452b097948f3a74108c956a6517b929a7c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /listing HTTP/1.1
Host: ww25.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.best-targeted-traffic.com/install.php?unq=27y325223543eiwxvex&version=1.8&pais=Unknown&subid1=20250329-2207-1673-9a78-6066be60c64b
Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 29 Mar 2025 11:07:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1326
X-Request-Id: 1889ca96-3849-4cb6-9052-7a2bb5e5f828
Cache-Control: no-store, max-age=0
Accept-Ch: sec-ch-prefers-color-scheme
Critical-Ch: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_HEEXd7hSuVvRjjGf/Y79Rzj+aNSPsDy89DKSbekHglACqk1Ezb5+rkWW8wILJrCOqK31EsUOs3LCU/eVGxg06w==
Set-Cookie: parking_session=74315e7f-872a-424f-b4f6-bebad3bea665; expires=Sat, 29 Mar 2025 11:22:44 GMT
Connection: close
|
|
| www.above.com/marketplace/best-targeted-traffic.com | 103.224.182.24 | 200 OK | 115 kB |
URL User Request GET www.above.com/marketplace/best-targeted-traffic.com IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
Size115 kB (115004 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /marketplace/best-targeted-traffic.com HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.best-targeted-traffic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:46 GMT
server: Apache
set-cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
content-length: 23381
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.above.com/css/aboveGlobal.css?1743142363 | 103.224.182.24 | 200 OK | 49 kB |
URL GET www.above.com/css/aboveGlobal.css?1743142363 IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typeASCII text, with CRLF line terminators Hash585c903c9df56d5fb198126667260c90 407a9854e8e109c95171689d6760aec3173fda34 155d9e4220deb55ab5dbee8e5beee94ca90d063183ac6c9b06a35c150cd19a6e
GET /css/aboveGlobal.css?1743142363 HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Fri, 28 Mar 2025 06:12:43 GMT
etag: "bf75-63160f556ecc0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10623
content-type: text/css
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.above.com/marketplace/img/salecard4.png | 103.224.182.24 | 200 OK | 2.1 kB |
URL GET www.above.com/marketplace/img/salecard4.png IP103.224.182.24:443 ASN#133618 Trellian Pty. Limited
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerLet's Encrypt Subjectwww.above.com Fingerprint16:8F:C4:87:99:C5:E7:7D:FE:1C:AF:32:BE:C9:63:CD:50:98:21:9F ValidityThu, 13 Feb 2025 04:07:29 GMT - Wed, 14 May 2025 04:07:28 GMT
File typePNG image data, 71 x 36, 8-bit/color RGBA, non-interlaced Hash76380908d6615e4960997afebbd115da e8ede45332d84aafe5de75daabab2599850ccf6d f72a8c84c96387e0cb63fe4fe149ec32b6887b5c274cf99d2ab63eb5c8788ecd
GET /marketplace/img/salecard4.png HTTP/1.1
Host: www.above.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/marketplace/best-targeted-traffic.com
Cookie: PHPSESSID=cud679rmj515ch9cacoahrqb83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 29 Mar 2025 11:07:47 GMT
server: Apache
last-modified: Tue, 15 Oct 2024 02:33:00 GMT
etag: "860-6247ac598cf00"
accept-ranges: bytes
content-length: 2144
content-type: image/png
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-318991084 | 142.250.178.72 | 200 OK | 277 kB |
URL GET www.googletagmanager.com/gtag/js?id=AW-318991084 IP142.250.178.72:443
Requested byhttps://www.above.com/marketplace/best-targeted-traffic.com CertificateIssuerGoogle Trust Services Subject*.google-analytics.com Fingerprint16:BA:A3:B5:22:51:BB:87:46:7F:17:3F:9D:14:B3:35:F0:FE:B1:8D ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
File typeJavaScript source, ASCII text, with very long lines (2361) Size277 kB (276645 bytes) Hash4d210eb43249a645eb526209f94a674f a13d89cd605b77a4353a8b7f0eb6877edfc12fc5 2e5962936af1c8b3231a83ee8546e084de3f99f5fa3f6800d925797ff0c6738e
GET /gtag/js?id=AW-318991084 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.above.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 29 Mar 2025 11:07:49 GMT
expires: Sat, 29 Mar 2025 11:07:49 GMT
cache-control: private, max-age=900
last-modified: Sat, 29 Mar 2025 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 99440
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
0.0.0.0