get.hundredpercentmargin.com/click?pid=1336&offer_id=77990&sub1=Pn8eteZcax-655b3cf1d573e11cbd0edc03&sub5=e61bc2fc&link=https%3A%2F%2Fbbtl.trkwebz03.com%2F%2Ft%2Fclk%3Fid%3DRlGXHgYLS0LXnUpZ8AHz&s1=e61bc2fc&s2=Pn8eteZcax-655ac4581f38245a1f76b665&%2F%2Fmain%2Fd_php%3Fs=1&offer_id=77990&sub1=Pn8eteZcax-655b00970a42ca770f264686&sub5=e61bc2fc&%2F=%2F
302 Found 0 B URL User Request GET HTTP/2 get.hundredpercentmargin.com/click?pid=1336&offer_id=77990&sub1=Pn8eteZcax-655b3cf1d573e11cbd0edc03&sub5=e61bc2fc&link=https%3A%2F%2Fbbtl.trkwebz03.com%2F%2Ft%2Fclk%3Fid%3DRlGXHgYLS0LXnUpZ8AHz&s1=e61bc2fc&s2=Pn8eteZcax-655ac4581f38245a1f76b665&%2F%2Fmain%2Fd_php%3Fs=1&offer_id=77990&sub1=Pn8eteZcax-655b00970a42ca770f264686&sub5=e61bc2fc&%2F=%2F
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerSectigo Limited
Subjectget.hundredpercentmargin.com
Fingerprint2E:DD:D5:31:DE:DD:A0:B7:66:73:C7:3C:A1:88:90:E9:99:A6:1F:E7
ValidityMon, 20 Nov 2023 00:00:00 GMT - Sat, 07 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=1336&offer_id=77990&sub1=Pn8eteZcax-655b3cf1d573e11cbd0edc03&sub5=e61bc2fc&link=https%3A%2F%2Fbbtl.trkwebz03.com%2F%2Ft%2Fclk%3Fid%3DRlGXHgYLS0LXnUpZ8AHz&s1=e61bc2fc&s2=Pn8eteZcax-655ac4581f38245a1f76b665&%2F%2Fmain%2Fd_php%3Fs=1&offer_id=77990&sub1=Pn8eteZcax-655b00970a42ca770f264686&sub5=e61bc2fc&%2F=%2F HTTP/1.1
Host: get.hundredpercentmargin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Mon, 20 Nov 2023 11:03:14 GMT
content-length: 0
location: https://link.heavenstrack.com/click?pid=10&offer_id=185&sub1=655b3cf278bf7b00015aa9dd&sub2=1336&sub5=e61bc2fc
x-adjust-use-original-forwarded-for: 1
referer:
referrer-policy: no-referrer
set-cookie: afclick=655b3cf278bf7b00015aa9dd; expires=Tue, 19 Nov 2024 11:03:14 GMT; secure; SameSite=None
afoffers={"77990":1700478194}; expires=Tue, 19 Nov 2024 11:03:14 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
link.heavenstrack.com/click?pid=10&offer_id=185&sub1=655b3cf278bf7b00015aa9dd&sub2=1336&sub5=e61bc2fc
302 Found 0 B URL User Request GET HTTP/2 link.heavenstrack.com/click?pid=10&offer_id=185&sub1=655b3cf278bf7b00015aa9dd&sub2=1336&sub5=e61bc2fc
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3B:C1:BF:87:27:58:85:DC:6B:EE:06:21:0A:85:11:FD:DB:25:84:CD
ValiditySat, 04 Feb 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=10&offer_id=185&sub1=655b3cf278bf7b00015aa9dd&sub2=1336&sub5=e61bc2fc HTTP/1.1
Host: link.heavenstrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 20 Nov 2023 11:03:15 GMT
content-length: 0
location: https://gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=655b3cf38a6c160001341d6d; expires=Tue, 19 Nov 2024 11:03:15 GMT; secure; SameSite=None
afoffers={"185":1700478195}; expires=Tue, 19 Nov 2024 11:03:15 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3oiKKmHDpRicFNvRO6qzC0%2FKNcGJ6KBIKU5onjCkPMvnqHxWsYDF3EMRwupzyvZUElDBj8KyWOFRUKmv854BR9gT1U%2FXjRNcia0aDkJvgX8KMxQCNXWlWmDKZNqE%2FRD67COPua8Jdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8290348efa9f56a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
200 OK 31 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
IP
Requested by https://gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (65447)
Hash 00727d1d5d9c90f7de826f1a4a9cc632
ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
GET /ajax/libs/jquery/3.6.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamingworldz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 04:50:53 GMT
expires: Fri, 15 Nov 2024 04:50:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 367942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
200 OK 9.8 kB URL GET HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 10574732
cache-control: public,max-age=31536000
content-type: application/javascript
date: Mon, 20 Nov 2023 11:03:19 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
200 OK 20 kB URL GET HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65371)
Hash ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
GET /ajax/bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 19664880
cache-control: public,max-age=31536000
content-type: text/css
date: Mon, 20 Nov 2023 11:03:19 GMT
etag: "0e914f2cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:10:18 GMT
server: ECAcc (ska/F740)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19629
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (65451)
Hash 220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 04:51:09 GMT
expires: Fri, 15 Nov 2024 04:51:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 367930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rfdcxz.com/common_tpls/compactML/css/epcpag3.css
200 OK 7.3 kB URL GET HTTP/2 rfdcxz.com/common_tpls/compactML/css/epcpag3.css
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint25:05:CD:E5:51:AD:EF:9C:05:42:40:72:B6:4C:B0:A3:F7:96:37:3C
ValiditySun, 05 Nov 2023 14:50:01 GMT - Sat, 03 Feb 2024 14:50:00 GMT
File type ASCII text, with very long lines (39871), with no line terminators
Hash 6fe368146ae67b4d80fd8c673e2510df
6a487c32401568a93c9ddc2203eb37c69cdbd03f
1c9ef7d3c3e409dec361b4af0d511f68c2bb39b4458f872fb4c0a6ddab9108b5
GET /common_tpls/compactML/css/epcpag3.css HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Cookie: PHPSESSID=eed71513cb79936ed6011e1e6c9a7bfb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: text/css
content-length: 7346
last-modified: Thu, 17 Aug 2023 15:02:51 GMT
etag: W/"64de369b-9bbf"
content-encoding: gzip
section-io-cache-id: 43495bc1601c3865c9a1816c3e6b62f7
vary: Accept-Encoding
x-varnish: 1216249 163919
age: 9165
via: 1.1 varnish-84f56c8bcd-vlnhn (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: d8ba73d7856cfb6a624c1923ed7aea48
X-Firefox-Spdy: h2
rfdcxz.com/common_tpls/images/ajax-loader.gif
200 OK 3.2 kB URL GET HTTP/2 rfdcxz.com/common_tpls/images/ajax-loader.gif
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint25:05:CD:E5:51:AD:EF:9C:05:42:40:72:B6:4C:B0:A3:F7:96:37:3C
ValiditySun, 05 Nov 2023 14:50:01 GMT - Sat, 03 Feb 2024 14:50:00 GMT
File type GIF image data, version 89a, 32 x 32\012- data
Hash be1cede97289c13920048f238fd37b85
313b867d11fc0dd6bc6ca47c334bbcf18956ca76
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
GET /common_tpls/images/ajax-loader.gif HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Cookie: PHPSESSID=eed71513cb79936ed6011e1e6c9a7bfb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: image/gif
content-length: 3208
last-modified: Mon, 07 Oct 2013 22:49:23 GMT
etag: "52533a73-c88"
section-io-cache-id: 475b670e67ef5019460efbc84fcde695
x-varnish: 1974001 721052
age: 9113
via: 1.1 varnish-84f56c8bcd-dg8mz (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: fb5be14bcb6a5d91def065ba7218b54b
X-Firefox-Spdy: h2
rfdcxz.com/common_tpls/images/icons/password.png
200 OK 1.5 kB URL GET HTTP/2 rfdcxz.com/common_tpls/images/icons/password.png
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint25:05:CD:E5:51:AD:EF:9C:05:42:40:72:B6:4C:B0:A3:F7:96:37:3C
ValiditySun, 05 Nov 2023 14:50:01 GMT - Sat, 03 Feb 2024 14:50:00 GMT
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash 6f100f1cdbdce928118ffa4c9293ca5b
6b1a3593e792d4c00187d60560dd03fb42df1156
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
GET /common_tpls/images/icons/password.png HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Cookie: PHPSESSID=eed71513cb79936ed6011e1e6c9a7bfb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: image/png
content-length: 1452
last-modified: Tue, 22 Aug 2017 16:34:59 GMT
etag: "599c5d33-5ac"
section-io-cache-id: 8d3b544d0a3ec3613f5c72b4025bf442
x-varnish: 134149 491573
age: 9176
via: 1.1 varnish-84f56c8bcd-dg8mz (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 6d8ee498b89ff66e57c79da4d7300085
X-Firefox-Spdy: h2
rfdcxz.com/common_tpls/images/icons/email.png
200 OK 1.3 kB URL GET HTTP/2 rfdcxz.com/common_tpls/images/icons/email.png
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint25:05:CD:E5:51:AD:EF:9C:05:42:40:72:B6:4C:B0:A3:F7:96:37:3C
ValiditySun, 05 Nov 2023 14:50:01 GMT - Sat, 03 Feb 2024 14:50:00 GMT
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash a86d99b9176d82a211cfa29b2f0b353f
62947ddfd87e3a21869818885e4bfa4e55ad0c11
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
GET /common_tpls/images/icons/email.png HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Cookie: PHPSESSID=eed71513cb79936ed6011e1e6c9a7bfb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: image/png
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-4e6"
section-io-cache-id: 3b2fa858fada78eb90d3a00a55e9c9d8
x-varnish: 1378249 327831
age: 9062
via: 1.1 varnish-84f56c8bcd-vlnhn (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 8747803b1f85a03bdb7c427620826ae4
X-Firefox-Spdy: h2
rfdcxz.com/common_tpls/images/icons/fname.png
200 OK 1.6 kB URL GET HTTP/2 rfdcxz.com/common_tpls/images/icons/fname.png
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint25:05:CD:E5:51:AD:EF:9C:05:42:40:72:B6:4C:B0:A3:F7:96:37:3C
ValiditySun, 05 Nov 2023 14:50:01 GMT - Sat, 03 Feb 2024 14:50:00 GMT
File type PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c846870756544f39604e671d4111b9d
304938c74246e228fa82d8ca40201c3db6098074
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d
GET /common_tpls/images/icons/fname.png HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Cookie: PHPSESSID=eed71513cb79936ed6011e1e6c9a7bfb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: image/png
content-length: 1649
last-modified: Tue, 28 Nov 2017 20:52:02 GMT
etag: "5a1dcc72-671"
section-io-cache-id: c5a57669058ebbbddbb17d40c31bffa0
x-varnish: 1378250 393235
age: 9165
via: 1.1 varnish-84f56c8bcd-vlnhn (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 134dd0b84d08a6c66254869eaa114c74
X-Firefox-Spdy: h2
rfdcxz.com/common_tpls/images/icons/address.png
200 OK 1.2 kB URL GET HTTP/2 rfdcxz.com/common_tpls/images/icons/address.png
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint25:05:CD:E5:51:AD:EF:9C:05:42:40:72:B6:4C:B0:A3:F7:96:37:3C
ValiditySun, 05 Nov 2023 14:50:01 GMT - Sat, 03 Feb 2024 14:50:00 GMT
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash b579e9868402d708e54e1a980166c444
1c58e2890b934c0b1ab057f3ac28bedd2a082d19
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb
GET /common_tpls/images/icons/address.png HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Cookie: PHPSESSID=eed71513cb79936ed6011e1e6c9a7bfb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: image/png
content-length: 1167
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-48f"
section-io-cache-id: bb034f1e05005b59a381ce2fe8098e3f
x-varnish: 134150 2457677
age: 9176
via: 1.1 varnish-84f56c8bcd-dg8mz (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 047c9c1aa56b9a91c45ef304ff925884
X-Firefox-Spdy: h2
rfdcxz.com/common_tpls/js/iframeResizer.contentWindow.min.js
200 OK 5.0 kB URL GET HTTP/2 rfdcxz.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint25:05:CD:E5:51:AD:EF:9C:05:42:40:72:B6:4C:B0:A3:F7:96:37:3C
ValiditySun, 05 Nov 2023 14:50:01 GMT - Sat, 03 Feb 2024 14:50:00 GMT
File type ASCII text, with very long lines (12990)
Hash 2cf9df789476bc39b9906030f639660d
de708b4a0fe32f3d77505675eb119b671327a6b4
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Cookie: PHPSESSID=eed71513cb79936ed6011e1e6c9a7bfb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: 405221f87ba28690f872a0823231cd1e
x-varnish: 1378251 163895
age: 9169
via: 1.1 varnish-84f56c8bcd-vlnhn (Varnish/7.2)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 5eb757ba856dd26ace05c0f1b8ce3572
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
200 OK 4.2 kB URL GET HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (26366)
Hash 715826d7cea0f100c00238e5e5dc92b4
ea2a076f73ed3826287a726f35ae5e54136f2cee
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rfdcxz.com/
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 2021034
accept-ranges: bytes
server: cloudflare
cf-ray: 829034ac7a4b0b02-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
200 OK 54 kB URL GET HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65397)
Hash 486b13730aafe2a39cdaf1666679fa5b
aa0f52f048688ada20d921fef78cf15684a25f04
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rfdcxz.com/
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 2006861
accept-ranges: bytes
server: cloudflare
cf-ray: 829034ac7a4a0b02-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
200 OK 2.6 kB URL GET HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (27832)
Hash 1cb05a2f9541200e1fa0a2cd0abc7663
fdf3292a6db22945eb79e08d847834205b749c6f
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rfdcxz.com/
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 2021034
accept-ranges: bytes
server: cloudflare
cf-ray: 829034ac7a4f0b02-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9V1s.ttf
200 OK 69 kB URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9V1s.ttf
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type TrueType Font data, 13 tables, 1st "GDEF", 8 names, Microsoft, language 0x409\012- data
Hash 614a91afc751f09d049231f828801c20
cf83e7582e60ed83f67c7d68b4f7482ac9fc6958
fcff04f4bec2b3636f05ed894dc1f9a752c4cb587ee49857ec7a82abaf6ca016
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9V1s.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 68742
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Nov 2023 21:48:46 GMT
expires: Thu, 14 Nov 2024 21:48:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:10:11 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 393273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrFJA.ttf
200 OK 70 kB URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrFJA.ttf
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type TrueType Font data, 13 tables, 1st "GDEF", 8 names, Microsoft, language 0x409\012- data
Hash cd6b896a19b4babd1a2fa07498e9fc47
52f9413b264e8ecefbbf12830e3dfadebbf72986
cdedb1729acac414ed01744a11da7badb86adf13108e7bd3fa161b9323f7fe54
GET /s/poppins/v20/pxiEyp8kv8JHgFVrFJA.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 69472
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Nov 2023 21:51:07 GMT
expires: Thu, 14 Nov 2024 21:51:07 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:04:00 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 393132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kit.fontawesome.com/b314bdf1b3.js
200 OK 4.3 kB URL GET HTTP/2 kit.fontawesome.com/b314bdf1b3.js
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash c072dce68367542072f9e1d5e7411991
eeadd4971235d63bd79fe3ec48f439689c7e9f16
2d8229d5ca81755b676355f1d3e7c5feff100eb11548ccfe33cdcfcf177dd5c8
GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F5fhk12SLyH3GPEADYrC
cf-cache-status: HIT
server: cloudflare
cf-ray: 829034aad9100b02-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
200 OK 565 B URL GET HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (588), with no line terminators
Hash bdcf60bde5544e1017e1f2e60888a9c7
6fb24309b7ff90c1c99d19c0c7a127a16508840e
d701601406acfca6bfc0c58b411446e3e0e96c659f35c143355d3dd72c390952
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Nov 2023 11:03:19 GMT
date: Mon, 20 Nov 2023 11:03:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kit.fontawesome.com/b314bdf1b3/110588222/kit-upload.css
200 OK 0 B URL GET HTTP/2 kit.fontawesome.com/b314bdf1b3/110588222/kit-upload.css
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b314bdf1b3/110588222/kit-upload.css HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rfdcxz.com/
Origin: https://rfdcxz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: text/css
content-length: 0
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926, public, must-revalidate
etag: 54af53b207eef226d6511e0a88e3038e
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F5MezCgPIcrmgmudvsxh
cf-cache-status: HIT
age: 1116546
accept-ranges: bytes
server: cloudflare
cf-ray: 829034ac5a3b0b02-OSL
X-Firefox-Spdy: h2
bestlnd.com/ep.php/LA-prmagms:81260/69853:affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc?crpx=Vspv112039796
302 Found 29 kB URL GET HTTP/2 bestlnd.com/ep.php/LA-prmagms:81260/69853:affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc?crpx=Vspv112039796
IP
Requested by https://gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
Certificate IssuerAmazon
Subjectfirstlnd.com
FingerprintC2:31:F7:32:02:DF:6A:34:F9:25:A1:C0:95:73:C5:49:82:1A:56:BF
ValidityWed, 03 May 2023 00:00:00 GMT - Fri, 31 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ep.php/LA-prmagms:81260/69853:affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc?crpx=Vspv112039796 HTTP/1.1
Host: bestlnd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamingworldz.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 20 Nov 2023 11:03:17 GMT
content-type: text/html; charset=UTF-8
location: https://fstjoins.com/signup/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc
set-cookie: AWSALB=iuqL7Ke0gO+Qt/7ewO92vSUaA6qT8n9KspI6iBYA/xuPJx/8nV3MQBaN1S2Bw0rXG+1i9tCdDwwAM81xssGBS1dMJnS/X9TFUXxKnkTtmPPp0QV5mif0KSIxtPhW; Expires=Mon, 27 Nov 2023 11:03:17 GMT; Path=/
AWSALBCORS=iuqL7Ke0gO+Qt/7ewO92vSUaA6qT8n9KspI6iBYA/xuPJx/8nV3MQBaN1S2Bw0rXG+1i9tCdDwwAM81xssGBS1dMJnS/X9TFUXxKnkTtmPPp0QV5mif0KSIxtPhW; Expires=Mon, 27 Nov 2023 11:03:17 GMT; Path=/; SameSite=None; Secure
vip_id=69853.47727-68400; expires=Thu, 23-Nov-2023 11:03:17 GMT; Max-Age=259200; path=/
server: Apache
X-Firefox-Spdy: h2
rfdcxz.com/common_tpls/js/form_support.js?v=1101202201
200 OK 3.8 kB URL GET HTTP/2 rfdcxz.com/common_tpls/js/form_support.js?v=1101202201
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint25:05:CD:E5:51:AD:EF:9C:05:42:40:72:B6:4C:B0:A3:F7:96:37:3C
ValiditySun, 05 Nov 2023 14:50:01 GMT - Sat, 03 Feb 2024 14:50:00 GMT
File type ASCII text, with very long lines (4261), with no line terminators
Hash bd72340aa5a6ac08cf9a0fdbd650579c
c0550503cbb35b4abcc5618fc78a0cb18c26c89c
783abe18fe8132421d19b383088f95e95a9ee6ac64b85bd2e2b178b481ab2ca4
GET /common_tpls/js/form_support.js?v=1101202201 HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Cookie: PHPSESSID=eed71513cb79936ed6011e1e6c9a7bfb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 18 Nov 2022 21:23:38 GMT
etag: W/"6377f7da-ed7"
section-io-cache-id: c8ed8e7159526fcb2369e404280c4a7b
x-varnish: 134148 1966131
age: 9176
via: 1.1 varnish-84f56c8bcd-dg8mz (Varnish/7.2)
section-io-cache: Hit
content-encoding: gzip
section-io-id: d9eef31601f7a63b4e61164229006fa1
X-Firefox-Spdy: h2
rfdcxz.com/acct/trk/?rtid=1115324933
200 OK 21 B URL GET HTTP/2 rfdcxz.com/acct/trk/?rtid=1115324933
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint25:05:CD:E5:51:AD:EF:9C:05:42:40:72:B6:4C:B0:A3:F7:96:37:3C
ValiditySun, 05 Nov 2023 14:50:01 GMT - Sat, 03 Feb 2024 14:50:00 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 6c588f9a9c5dd7c333707ffb2fad855a
c550721df56380249bd70866e375f5ad87830636
01e34dbf2a0d0fc3f68141c38d4c9df6cfc6d08c9f5ac8aa8c89f769b7490594
GET /acct/trk/?rtid=1115324933 HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Cookie: PHPSESSID=eed71513cb79936ed6011e1e6c9a7bfb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:20 GMT
content-type: text/json;charset=UTF-8
content-length: 21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 1409883
age: 0
via: 1.1 varnish-84f56c8bcd-vlnhn (Varnish/7.2)
section-io-cache: Miss
section-io-id: a2f9ecb35fc8202e1bb88b8b3c6b2114
X-Firefox-Spdy: h2
fstjoins.com/signup/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc
302 Found 29 kB URL GET HTTP/2 fstjoins.com/signup/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc
IP
ASN #54994 QUANTILNETWORKS
Requested by https://gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
Certificate IssuerGlobalSign nv-sa
Subject*.fstjoins.com
Fingerprint72:F7:B4:92:A8:69:B1:2E:87:5A:1A:EA:29:4F:7A:BB:E1:E6:19:DC
ValidityThu, 23 Feb 2023 21:23:25 GMT - Tue, 26 Mar 2024 21:23:24 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /signup/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc HTTP/1.1
Host: fstjoins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamingworldz.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 20 Nov 2023 11:03:18 GMT
content-type: text/html; charset=UTF-8
server: PWS/8.3.1.0.8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=a29b2b47182fe9218137bfbeef0157bf; path=/; secure; SameSite=None
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
via: 1.1 PS-LAX-01iL8141:0 (W), 1.1 PSfgblPAR2ff185:8 (W), 1.1 PSfgblPAR1nw230:11 (W)
x-px: ms PSfgblPAR1nw230CDG,ms PSfgblPAR2ff185CDG,ms PS-LAX-01iL8141LAX(origin)
x-ws-request-id: 655b3cf6_PSfgblPAR1nw230_31134-62282
X-Firefox-Spdy: h2
rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
200 OK 29 kB URL GET HTTP/2 rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
IP
Requested by https://gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
Certificate IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint25:05:CD:E5:51:AD:EF:9C:05:42:40:72:B6:4C:B0:A3:F7:96:37:3C
ValiditySun, 05 Nov 2023 14:50:01 GMT - Sat, 03 Feb 2024 14:50:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933 HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamingworldz.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=eed71513cb79936ed6011e1e6c9a7bfb; path=/; secure; SameSite=None
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 1409878
age: 0
via: 1.1 varnish-84f56c8bcd-vlnhn (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: e1939958531a3944dcf5e0fb796cf8f8
X-Firefox-Spdy: h2
rfdcxz.com/common_tpls/js/validate_form_v2.js?jsv=35
200 OK 26 kB URL GET HTTP/2 rfdcxz.com/common_tpls/js/validate_form_v2.js?jsv=35
IP
Requested by https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Certificate IssuerLet's Encrypt
Subjectrfdcxz.com
Fingerprint25:05:CD:E5:51:AD:EF:9C:05:42:40:72:B6:4C:B0:A3:F7:96:37:3C
ValiditySun, 05 Nov 2023 14:50:01 GMT - Sat, 03 Feb 2024 14:50:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /common_tpls/js/validate_form_v2.js?jsv=35 HTTP/1.1
Host: rfdcxz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfdcxz.com/611994e60ad/?epcVIP=73.1066.a38&email=&password=&firstname=&lastname=&zip=&act=epc69853.47727-68400.affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc&epcCID=96B05e25BfVdw67bF8t8Q927eayb86w6V&rtid=1115324933
Cookie: PHPSESSID=eed71513cb79936ed6011e1e6c9a7bfb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 19 Oct 2023 00:24:58 GMT
etag: W/"6530775a-6590"
section-io-cache-id: b4217e24c2d1e50cbd12a136e10fc627
x-varnish: 2794335 1671252
age: 9176
via: 1.1 varnish-84f56c8bcd-dg8mz (Varnish/7.2)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 69ae2162848ce16f716d050f5c3787d4
X-Firefox-Spdy: h2
gamingworldz.com/viparea/css/styles.css
200 OK 3.7 kB URL GET HTTP/3 gamingworldz.com/viparea/css/styles.css
IP
Requested by https://gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
Certificate IssuerGoogle Trust Services LLC
Subjectgamingworldz.com
Fingerprint6F:FC:1E:0E:32:E2:E7:FE:8C:67:66:FA:5C:2B:45:0B:92:B8:DC:89
ValiditySat, 28 Oct 2023 14:46:25 GMT - Fri, 26 Jan 2024 14:46:24 GMT
File type ASCII text, with very long lines (4085), with no line terminators
Hash dcb93fcaacc9330256400143ceb98984
e7348220f0e1d2c76903e9385f0c98e35d85952b
016650f46592566a280f80a0c4a79d423396b508737fa9d9a79087b53a9ae839
GET /viparea/css/styles.css HTTP/1.1
Host: gamingworldz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 11:03:15 GMT
content-type: text/css
last-modified: Sun, 15 Jan 2023 23:09:27 GMT
etag: W/"e5b-5f2558ee3f7c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 694
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUbue3ssXrh6%2FP2WSPCJ6J248rQVO3cwK9EQDKA3etzXRnNdGL0%2FOlomDX8%2FzUpmDhMZfWgC3y8CT25UaJeHvpstj%2FgxHuwunEcllyZkTB3ojzYINwdj3hesqozY49uUcixJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82903491e8c8569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
gamingworldz.com/viparea/js/js.js
200 OK 177 B URL GET HTTP/3 gamingworldz.com/viparea/js/js.js
IP
Requested by https://gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
Certificate IssuerGoogle Trust Services LLC
Subjectgamingworldz.com
Fingerprint6F:FC:1E:0E:32:E2:E7:FE:8C:67:66:FA:5C:2B:45:0B:92:B8:DC:89
ValiditySat, 28 Oct 2023 14:46:25 GMT - Fri, 26 Jan 2024 14:46:24 GMT
File type ASCII text, with no line terminators
Hash 13392b860eba0195993846ad921f5999
92ec6be384ce8b449d5ed6d4da080b5943f88a36
d3bf805cdd3cdc0e0c8d5bc4196371cf4972000197806e7cf14828d4d864d80f
GET /viparea/js/js.js HTTP/1.1
Host: gamingworldz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 11:03:15 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 23:09:28 GMT
etag: W/"b1-5f2558ef33a00"
cache-control: max-age=14400
cf-cache-status: HIT
age: 694
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Mxw322g3yk3sQazC7PgoHb%2F2b93yAGWDb9t7QPv2dY0Wv5vXx%2FW7yMvmlIe82iFBwIjM2y4dvFTrmj6fOtzN4V52n%2BzTD0xElEVFezviE9RwlzI7WZ6vdYcYbnMVXOORUIl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82903491f8d8569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
200 OK 892 B URL User Request GET HTTP/2 gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
IP
Certificate IssuerGoogle Trust Services LLC
Subjectgamingworldz.com
Fingerprint6F:FC:1E:0E:32:E2:E7:FE:8C:67:66:FA:5C:2B:45:0B:92:B8:DC:89
ValiditySat, 28 Oct 2023 14:46:25 GMT - Fri, 26 Jan 2024 14:46:24 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (974), with no line terminators
Hash 4fe1ffb75ac9a2f8874c9993caca2083
9944945c3cfe6f70f677c3cf356a83ab9bb2d26d
e879514ba3a0e85d08368ce48ac511b4e5b5f5036fb8bd0fae954572c5c15e07
GET /viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc HTTP/1.1
Host: gamingworldz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 11:03:15 GMT
content-type: text/html
x-powered-by: PHP/5.4.16
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BieiagJc%2BN1Un5%2ByeqOcmxBTXGN7qY0565BZ5AOT%2BvOnhdJRL6blF3Z5nFjhj3C9oL8%2FmzGCtFYy44SGpa6vRBAsHsH2YBpkVwrrOOmFuGl4y8LtcuLsyk9SGO%2F8Kw5tJUj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8290348ffbb4b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
activertr.com/cr.php?cid=1146&ACT=69853&TRK=affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc
302 Found 29 kB URL GET HTTP/2 activertr.com/cr.php?cid=1146&ACT=69853&TRK=affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc
IP
Requested by https://gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
Certificate IssuerAmazon
Subjectreadyrtr.com
FingerprintF1:FF:87:50:B6:C6:6A:04:D4:04:FB:5B:8B:D3:6B:60:2D:4F:31:47
ValiditySat, 27 May 2023 00:00:00 GMT - Mon, 24 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cr.php?cid=1146&ACT=69853&TRK=affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc HTTP/1.1
Host: activertr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamingworldz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 20 Nov 2023 11:03:16 GMT
content-type: text/html; charset=UTF-8
location: https://bestlnd.com/ep.php/LA-prmagms:81260/69853:affs-10-207-1336.655b3cf38a6c160001341d6d.e61bc2fc?crpx=Vspv112039796
set-cookie: AWSALB=zsylhs0JsNQfTLcFZq+pJuHA8Xv9kkNM2OY7TRx3z2AY9vsiQRa6B8i6AAbGe/UJsWJxRUhJ2OFA4WMEr4SEluc6iHcJPdPoYsdIJOHi1PCL7dIX7fQ6XrJcOyxj; Expires=Mon, 27 Nov 2023 11:03:16 GMT; Path=/
AWSALBCORS=zsylhs0JsNQfTLcFZq+pJuHA8Xv9kkNM2OY7TRx3z2AY9vsiQRa6B8i6AAbGe/UJsWJxRUhJ2OFA4WMEr4SEluc6iHcJPdPoYsdIJOHi1PCL7dIX7fQ6XrJcOyxj; Expires=Mon, 27 Nov 2023 11:03:16 GMT; Path=/; SameSite=None; Secure
hskp=Vspv112039796%2C; expires=Mon, 04-Dec-2023 11:03:16 GMT; Max-Age=1209600
skip=-1700478196%2C4083; expires=Mon, 20-Nov-2023 11:13:16 GMT; Max-Age=600
1146_4083_0=1700478196; expires=Tue, 21-Nov-2023 11:03:16 GMT; Max-Age=86400
server: Apache
X-Firefox-Spdy: h2
gamingworldz.com/viparea/images/bg.jpg
404 Not Found 219 B URL GET HTTP/3 gamingworldz.com/viparea/images/bg.jpg
IP
Requested by https://gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
Certificate IssuerGoogle Trust Services LLC
Subjectgamingworldz.com
Fingerprint6F:FC:1E:0E:32:E2:E7:FE:8C:67:66:FA:5C:2B:45:0B:92:B8:DC:89
ValiditySat, 28 Oct 2023 14:46:25 GMT - Fri, 26 Jan 2024 14:46:24 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash c340baff8fb1077807b4de55b41437a3
3316723199b8452cf6934a0159571e3ccfdd6196
7606a067ff68424752c26913b69ef98df995f5b634fec3b2d94b82f7e3afa35f
GET /viparea/images/bg.jpg HTTP/1.1
Host: gamingworldz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamingworldz.com/viparea/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Mon, 20 Nov 2023 11:03:15 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LYp543NFrvRlSKeE6R%2Fw%2BVeRd%2BUdma8kuOE2YyAWZW3GlNuA50J8SE%2BnWqInd4Frern%2BZjjkiQTgOf4EU87%2BzAaXly0EWTm%2F2Kw40hYXuhObBa5GXMqMkJ4lFP2b6sQS7Zn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82903492391b569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
gamingworldz.com/viparea/images/favicon.ico
404 Not Found 224 B URL GET HTTP/3 gamingworldz.com/viparea/images/favicon.ico
IP
Requested by https://gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
Certificate IssuerGoogle Trust Services LLC
Subjectgamingworldz.com
Fingerprint6F:FC:1E:0E:32:E2:E7:FE:8C:67:66:FA:5C:2B:45:0B:92:B8:DC:89
ValiditySat, 28 Oct 2023 14:46:25 GMT - Fri, 26 Jan 2024 14:46:24 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash ecc5c5e1a35aa52f5af97423dc4c8f49
11a254757147d30eb48a7663cf7cd82a869ca402
a968531441b1d91f30acf7199e4fc9051a30fad74446651b75834d869409aaa0
GET /viparea/images/favicon.ico HTTP/1.1
Host: gamingworldz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamingworldz.com/viparea/?aff=affs-10-207-1336&cid=655b3cf38a6c160001341d6d&sub5=e61bc2fc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Mon, 20 Nov 2023 11:03:15 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYj%2Bs5NweOvo%2FD1z2a%2FuPGT72Rf1OJkLrPPBSO9G4swe%2B65Rqem2yyHj3T2a2132i%2B6gkcstrqBVTJd%2BFAGfGcX4QCkDElq2kzj2Rv2RWFNvY%2BbzjV0pqhpZR3uNxUXJZyPv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 829034937a76569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
52.38.121.186
35.204.59.16
104.18.40.68
163.171.131.207
84.234.73.183