URL User Request GET HTTP/2IP67.199.248.11:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerDigiCert Inc Subjectbit.ly FingerprintA2:9E:97:EA:E4:51:06:C6:7B:BF:11:55:77:67:F5:8F:E5:7A:F7:0A ValidityFri, 12 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text Hash6c11a641993dff84d5e17e4efc186b81 9ab2b016ac40cce221cfa3e3f0c79737317702a0 f50382f2f65ae5dae25bf2c24832a08b7fc4830cb9b2cdf5860ebfc427159b33
GET /3oESCzo HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 02 Jun 2023 10:07:51 GMT
content-type: text/html; charset=utf-8
content-length: 121
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://dg947.app.link/59HNnzIffAb
referrer-policy: unsafe-url
set-cookie: _bit=n52a7P-538b28bd6d1f6548c3-00r; Domain=bit.ly; Expires=Wed, 29 Nov 2023 10:07:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
| xu4wsa.dorte.cc/34546de4235m342356?_branch_match_id=1193121134850946192&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT0m3NDHXSywo0MvJzMvWN7X08Mur8kxLc0wCANurYFwiAAAA | 194.50.153.18 | 200 OK | 0 B |
URL User Request GET HTTP/1.1xu4wsa.dorte.cc/34546de4235m342356?_branch_match_id=1193121134850946192&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT0m3NDHXSywo0MvJzMvWN7X08Mur8kxLc0wCANurYFwiAAAA IP194.50.153.18:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /34546de4235m342356?_branch_match_id=1193121134850946192&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT0m3NDHXSywo0MvJzMvWN7X08Mur8kxLc0wCANurYFwiAAAA HTTP/1.1
Host: xu4wsa.dorte.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 10:07:52 GMT
Server: Apache/2.4.38 (Debian)
Access-Control-Allow-Origin: *
Set-Cookie: zcknrt_34546de4235m342356=0; expires=Sat, 03-Jun-2023 10:07:52 GMT; Max-Age=86400; path=/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
| xu4wsa.dorte.cc/favicon.ico | 194.50.153.18 | 302 Found | 0 B |
URL GET HTTP/1.1xu4wsa.dorte.cc/favicon.ico IP194.50.153.18:80
Requested byhttp://xu4wsa.dorte.cc/34546de4235m342356?_branch_match_id=1193121134850946192&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT0m3NDHXSywo0MvJzMvWN7X08Mur8kxLc0wCANurYFwiAAAA
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: xu4wsa.dorte.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://xu4wsa.dorte.cc/34546de4235m342356?_branch_match_id=1193121134850946192&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT0m3NDHXSywo0MvJzMvWN7X08Mur8kxLc0wCANurYFwiAAAA
Cookie: zcknrt_34546de4235m342356=0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 02 Jun 2023 10:07:53 GMT
Server: Apache/2.4.38 (Debian)
Access-Control-Allow-Origin: *
Location: https://duckduckgo.com
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
| dg947.app.link/59HNnzIffAb | 54.230.111.23 | 307 Temporary Redirect | 0 B |
URL User Request GET HTTP/2dg947.app.link/59HNnzIffAb IP54.230.111.23:443
CertificateIssuerAmazon Subjectappipv4.link Fingerprint45:47:07:24:84:A1:30:C2:74:DB:10:B8:3D:79:44:35:1D:7F:86:B9 ValidityTue, 25 Apr 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /59HNnzIffAb HTTP/1.1
Host: dg947.app.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
location: http://xu4wsa.dorte.cc/34546de4235m342356?_branch_match_id=1193121134850946192&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT0m3NDHXSywo0MvJzMvWN7X08Mur8kxLc0wCANurYFwiAAAA
server: openresty
date: Fri, 02 Jun 2023 10:07:52 GMT
set-cookie: _s=9fZD0hzOxqMuvAhSt14TDhnX7umD7NuPvRjNrwk3AU6S3hsxK1zWIxNm%2B7z1YIc1; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Sat, 01 Jun 2024 10:07:52 GMT; Secure
last-modified: Fri, 02 Jun 2023 10:07:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CW7FKxlOWGDH82LFzCEZpB_q7basCa-zWhp_oJm9PmjoF1F4JSs0mQ==
X-Firefox-Spdy: h2
|
IP40.114.177.156:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://xu4wsa.dorte.cc/34546de4235m342356?_branch_match_id=1193121134850946192&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT0m3NDHXSywo0MvJzMvWN7X08Mur8kxLc0wCANurYFwiAAAA CertificateIssuerDigiCert Inc Subject*.duckduckgo.com Fingerprint33:B1:D3:E2:07:1C:32:53:7B:06:2C:6B:E0:80:29:EF:AD:E7:87:C5 ValidityThu, 20 Oct 2022 00:00:00 GMT - Mon, 20 Nov 2023 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: duckduckgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://xu4wsa.dorte.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 10:07:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
etag: W/"6479a150-178f"
strict-transport-security: max-age=31536000
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
x-frame-options: SAMEORIGIN
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: origin
expect-ct: max-age=0
expires: Fri, 02 Jun 2023 10:07:52 GMT
cache-control: no-cache
content-encoding: br
X-Firefox-Spdy: h2
|