| my.rtmark.net/gid.js?userId=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r IP139.45.195.8:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash5c7e462f97c67d159c51a3c700ed7f7b 9508fe4957224accace66e51a268c2c07e1aa563 6e0920fccfd175012f49baf7a9ccbd23f23921ea049d651b9256d1b37ad9c41a
GET /gid.js?userId=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://lifteque.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; expires=Sat, 03 May 2025 15:57:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 15:57:32 GMT
content-length: 0
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 731
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: bc28b1c452307d12cc38cf0fac967ab4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/js/v-index.mjs.19622407.js | 188.114.96.1 | 200 OK | 8.5 kB |
URL GET HTTP/3lifteque.top/js/v-index.mjs.19622407.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (35287), with no line terminators Hash1de1ec2d8e7940b88970d8fbce40ed6d 510aa24127fb8bc3578d9ca4628b2eea5a84ce01 b473156bef833bcfb2e84658093f1ebc1e64011dcba904e26ccb31f1cad8b762
GET /js/v-index.mjs.19622407.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-89d7"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oFpSbssdXfFt1xvR7RhCJBx1IOML%2BRbeI0Y9K1QWcczZX9xw4GultQL6WYL8iD6y01tg1T8oMndMUjV47cFRM0jWn03vO7VwkcLhJWxZP6EN%2FPwO0YGtj%2B0BaWXEhfk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172846c19568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-dom-to-react.js.26fdf751.js | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3lifteque.top/js/v-dom-to-react.js.26fdf751.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (1085), with no line terminators Hashb9187a6f31bd6c7c0cfe0bcb37ecf60a 1150c33a65703059e43c0d85b1680aa04d4d60e6 a5f216a4ea67c8f005b6cededba525ee330a2d4f8caedc8232f44e4e163e5ebd
GET /js/v-dom-to-react.js.26fdf751.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7650-43d"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yz2ZkzwbuI7m8N6BL%2FNHpPndq1DjKLhX3%2FMoQfaLj9Rx2NMuaPtY9EmbSaU3WlGmyPFpJpHG%2Brhv01pGR4FWs5SZv2Uw6tUU4VHraz5nb93H%2BOlkWH4IOZP%2BH2VhdP8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172848c34568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/s-storageService.js.bb9f7a22.js | 188.114.96.1 | 200 OK | 819 B |
URL GET HTTP/3lifteque.top/js/s-storageService.js.bb9f7a22.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (2170), with no line terminators Hasha804db09269d602a8a7a50877b60fc86 7aa84eb6c94037c3bfabdf407060ba7b9ca73ff3 f5e3a988f32cdcd8ccdff165e33a1807acdde6426cecbb464c315306ff5e6f6f
GET /js/s-storageService.js.bb9f7a22.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:31 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-87a"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ct7r1%2B2EqTx2CnTT6G%2F5STnZsW03GpxNXkB93t5SEUZURCtJLQs5nqgD5bYEu6JVriNA29G5EowO5qOvext1kF10I2x7DQvWZ9OkmSzfDzWggH%2FBZqAwF%2Br%2Fqunp1fU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172824976568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| offpichuan.com/track?offer_id=2058&z=4534663&request_var=4&variable2=11drp05kjpcj5&oaid=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r | 139.45.197.237 | 200 OK | 182 B |
URL GET HTTP/2offpichuan.com/track?offer_id=2058&z=4534663&request_var=4&variable2=11drp05kjpcj5&oaid=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r IP139.45.197.237:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectoffpichuan.com Fingerprint8B:DE:51:B7:81:9E:EA:DE:73:A4:3D:67:F9:5E:6F:7B:F4:D6:77:5A ValidityMon, 15 Apr 2024 21:54:27 GMT - Sun, 14 Jul 2024 21:54:26 GMT
Hash518fbbd5a95951cd6212498955368d69 f6b781a48dee7d09f5b29745c4ced1397642bbe1 f8c19e1cf3423fb386d154c3effb94bc2774d81de6af91588f731e2ce2b6a4f8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?offer_id=2058&z=4534663&request_var=4&variable2=11drp05kjpcj5&oaid=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/json
content-length: 182
x-trace-id: 0658af43e059c36d39916e28af0ce50f
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 812
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: fa42d14dfbda926b15a28adef566ce6f
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ofklefkian.com/zone?&pub=0&zone_id=6163303&is_mobile=false&domain=lifteque.top&var=4534663&ymid=4&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2ofklefkian.com/zone?&pub=0&zone_id=6163303&is_mobile=false&domain=lifteque.top&var=4534663&ymid=4&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest IP139.45.197.251:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectofklefkian.com Fingerprint04:A9:FE:8D:C9:B9:EE:6F:3A:C4:29:EA:19:AD:C3:1D:7D:3E:14:02 ValiditySun, 14 Apr 2024 05:38:05 GMT - Sat, 13 Jul 2024 05:38:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6163303&is_mobile=false&domain=lifteque.top&var=4534663&ymid=4&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest HTTP/1.1
Host: ofklefkian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 15:57:32 GMT
content-length: 0
x-trace-id: fdf2ff1124d3b35d6fce35583428ad04
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| lifteque.top/js/_rtc.f86a36d7.js | 188.114.96.1 | 200 OK | 5.2 kB |
URL GET HTTP/3lifteque.top/js/_rtc.f86a36d7.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (12222), with no line terminators Hash128d6eec0793a7e02c314d2f6245f260 c9f09311c3f229b770f38d0cc69b422430f1c748 bf1606ac64db254cc565a094e7162a96f31f7e48ddece56fc92c654559e5abb8
GET /js/_rtc.f86a36d7.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:31 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-2fbe"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EYCZOSwWrc7nucrtKHpgI8KyojUGSJgXo6UZXsJeITgzALLV5q3w8O4bmwL0m4rof4KFvA77q1BXEzwt6OXbJJ%2Bpj4E2wm7H5pDoPzOfuWw7cpLTCFVmE7w2RNzmMdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172824966568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/_core-survey.1b09882a.js | 188.114.96.1 | 200 OK | 45 kB |
URL GET HTTP/3lifteque.top/js/_core-survey.1b09882a.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators Hash0190c361e1a4f2f7239f497544c5e616 27a6eae98d28880bd36f9024c7bdae0f41623a5c de932ff55d7e505890689d887ac80b2ca7bcfbd491f49445d0314c982bcb99a4
GET /js/_core-survey.1b09882a.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:31 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=169676
etag: W/"662b7651-296cc"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z4UepAmZ216AoKS8LNCwcd4f4dOjZSKI74RBhIz5CDc0LLWWOS1u78C3zTRL4NekIDbe9iis9%2BnKLcwNf%2BMC23P4rd1BebvEYCEIz1sSMUTC52DJYqXl2Wk6zxVdsN8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172824983568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 812
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: be75a3e27cf23e812b80159fd2f051d2
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 179 B |
IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashe038f5feccc9daf849b54fcb2e2be299 d45b65b1beb71aed233f69c15151c62a45ab7470 aa70ac485ebebd44bb4024121629e67b66ff1176ed2cfb9f4a7d4ed174e0506d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 157
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/json; charset=utf-8
content-length: 179
x-trace-id: 988b5f1c9a73a37c8629402563fe7b61
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/js/config/sd/sd-2058-en.js?v=10 | 188.114.96.1 | 200 OK | 17 kB |
URL GET HTTP/3lifteque.top/js/config/sd/sd-2058-en.js?v=10 IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (5303), with no line terminators Hash8ded63297a4b1d80303f3b5786b11b88 496f1b5e9e02c6fad4a7c6a74e5f8c7c7b0c2f7e 09ec15954c9b83a06e3509cc8a2d0f0c5ee387a61d3b4ebc400606ee1dbe30c8
GET /js/config/sd/sd-2058-en.js?v=10 HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-14b7"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bl9YzPUOevzf2QLvi3j%2BdVma83qoNE2eEJgEei1FtZE3lgmf1Q1ThJk9CtMRtR%2FOKiqUP3f2R7yv8DNAaSSeFbJwrY4DT7l25wq999dHnyVxWIGcR5DsuXNtIOWcppU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172835aec568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 15:57:32 GMT
content-length: 0
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/img/betting/sport-betting/ball.webp | 188.114.96.1 | 200 OK | 2.9 kB |
URL GET HTTP/3lifteque.top/img/betting/sport-betting/ball.webp IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeRIFF (little-endian) data, Web/P image Hash825112e52d4395f2fea6284419244dfd 319282ad0d2a1da4c6cacd67784c7ddc897b33ec 97e541db3f4df8ef84da4e7269993281662249d4f0b5f01010801c5d73dddb23
GET /img/betting/sport-betting/ball.webp HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lifteque.top/css/betting-survey.e1fedc09.css
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: image/webp
content-length: 2850
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-b22"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z8FjdGdodU3jNj3PQ0be4sALKz%2FOUNqdh%2FBw1T4p339Lne2%2FtUPOn6B2V%2BS8sQhJvSPJqFgJEBCWTyjdNoMOS9QlANrk20Wtm%2FMnbJ0lU4%2FOCI2e74LaOLG%2Fm35uyjc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172862de0568d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1776
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 84c057e5930147b00d060c24d90bad9d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/js/v-node.js.28d8082c.js | 188.114.96.1 | 200 OK | 4.0 kB |
URL GET HTTP/3lifteque.top/js/v-node.js.28d8082c.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (6251), with no line terminators Hashf61d0e9af048cd71962dcb945f405c63 aefdc99a8057ced201da8aba0640905dd05375d8 1d383bb00e9e3a4d2f58354b41bc0ffc60516bcdcf4486516b8638236b0aeb9d
GET /js/v-node.js.28d8082c.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-186b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tjjX4l07TGt1oYBpgFgpnxy34j5WITdt48LnRuemZ847wL6jFRbomAxcnvePOe1oLJXwFpG8IB6NO%2B4mDM%2FCYgJrntsaLC1ZmWMBMkiTGNI8phDwg5%2FWrZDx%2FNLvtF4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172848c2e568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=e3d41204-87cb-4a37-98e9-d431fa3f0757 | 37.48.68.71 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=e3d41204-87cb-4a37-98e9-d431fa3f0757 IP37.48.68.71:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=e3d41204-87cb-4a37-98e9-d431fa3f0757 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1449
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 03 May 2024 15:57:32 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://lifteque.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| lifteque.top/js/config/dict/cookie-consent-1.json?v=10 | 188.114.96.1 | 200 OK | 10 kB |
URL GET HTTP/3lifteque.top/js/config/dict/cookie-consent-1.json?v=10 IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
Hash4f1c632e971c4261f927ed0cf67bfdee 18c72b10719ca98b61b1f1f84e4b01f0ed8b3763 2bfa8e9b4326caea44f0d0c0345a31f34f19d47ae2e60fbc7c557df9ceffdca6
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/json
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-1a65"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B9Kzz6i3fMDDadIx%2FMpwruT6QNJ0STaLhAfmx8vUnmE69dWZP3w8GpWIieNfgWRnJYwfXLeX9KBvzOmk06GSYBMo%2FVRE3rxwfPlhKaHwVHUd%2Bdspxw7DBQlAl5FWSRc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172837b0c568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/pfe/current/micro.tag.min.js?z=6163303&sw=/sw/sw6163303.js&var=4534663&var_3=null&var_4=null&ymid=4&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 | 188.114.96.1 | 200 OK | 18 kB |
URL GET HTTP/3lifteque.top/pfe/current/micro.tag.min.js?z=6163303&sw=/sw/sw6163303.js&var=4534663&var_3=null&var_4=null&ymid=4&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (27174), with no line terminators Hash75c26ccd65e96e912725399ff3ce66e9 d300939979d2048844dc5ac80c51ed8121126f4e c9db5c92934b273ad485c58710d6fbc2d580c2923a99bb456b18cb5e1465f5cf
GET /pfe/current/micro.tag.min.js?z=6163303&sw=/sw/sw6163303.js&var=4534663&var_3=null&var_4=null&ymid=4&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-6a26"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Duxin5ae05ulecBZt22U3iIDCqSMj%2B4oT3OX0EQNxW1wDaeEA9MB%2BWwf6r9dEdvthOjOF%2B2hU62QVYxqZ00hKS%2FxCPlSXcHrnP8DEtTVzP8i4F4k7CnDd8%2F0EdygrqE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172843bde568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 IP139.45.195.8:0
CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Cookie: ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 15:57:56 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; expires=Sat, 03 May 2025 15:57:56 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/js/s-checkLocalStorageAvailable.ts.f2fef93d.js | 188.114.96.1 | 200 OK | 330 B |
URL GET HTTP/3lifteque.top/js/s-checkLocalStorageAvailable.ts.f2fef93d.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (338), with no line terminators Hash9a78659da737fccc89546e61f0eb6213 84e705584bdbc81715e0326742f426c2f472d3a9 bb46fe2e65cc91e5a01a8e731754fdc9b8f30813835a673bd96b48672ac82d60
GET /js/s-checkLocalStorageAvailable.ts.f2fef93d.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:31 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-14a"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sihlGHFSEzu%2FF%2FIfAoXr881LxbDf6JLuz0Qs9pRpw0DNv7HpJua4rOLqNpVsF0YVgAOkDsnst9w3kohHFMGz2b%2FspQPY%2FMBFL05aJ%2Bzh%2B%2B8RVLPZ8tLWqJ6C3DGjy%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e17282497a568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/_each-land-config.3299fec3.js | 188.114.96.1 | 200 OK | 72 kB |
URL GET HTTP/3lifteque.top/js/_each-land-config.3299fec3.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash0ba3468fb169d838d511e11b5b33eaef fb53785cd4dcc6e5cf0fcebfcafed46a3968cbe9 6de414b4180a6f11c4f5a9ba570d5e97ac8e596b1f9c1bb86872a11ecd416384
GET /js/_each-land-config.3299fec3.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:31 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72043
etag: W/"662b7651-1196b"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LbdLx3sC2bjwqJooVAAqzzP%2BOWkLt8UWYhMgTDH9XXrUWQNSlLlsoxRXDBmuTGFQlzN4dRVo5%2F8z6ROTR75VNCDf6wSFal7Q%2B7oDOUyEa9RZyBJ7emXCjrS31mrx7m4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172824980568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/pfe/current/stattag.js | 188.114.96.1 | 200 OK | 19 kB |
URL GET HTTP/3lifteque.top/pfe/current/stattag.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (19053), with no line terminators Hash3a74216e872211a9c770302bb7d4a63f 7e63556174a7d66eee407218e503ec0aae2c0f9e 03405209d89a927b81d53eb13968663069760776389c5400bb79d11bd9f78f78
GET /pfe/current/stattag.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-4a6d"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=inyNPM70lU2ABz8HprNUUbFUfYExtwcLUqT9LBhRCjR7TtD5uLOTbFdyaXGfsOQ5IhF0QvIELcvtIx09FrTp%2FtH4dn%2BZJAW8%2FwlM%2BRSoVHf550ChJuyeO0iDCrXNN8c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172865e2d568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-react-dom.production.min.js.c3329619.js | 188.114.96.1 | 200 OK | 129 kB |
URL GET HTTP/3lifteque.top/js/v-react-dom.production.min.js.c3329619.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size129 kB (129356 bytes) Hashc53e5e3d8c5ca5f1c4edbce65426edfc 36cc2e7e0b893d82bf5f457c7a62374019d0f7aa ed83bf6bc001bd6f841c76b67aedfd3bc02cb28fb5537a1d55804f5ad0515e39
GET /js/v-react-dom.production.min.js.c3329619.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=129359
etag: W/"662b7650-1f94f"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hPn6iV4glP6jtzeIidolUmXe%2BT7qyE49q1bJU6AUUtLl%2BnhJciZDk91YNddPdxvxeSLGTKPojgaN5dqrPbQcjv2sYkSKFfecKnA79w%2BI2WWBZ%2B8gAHiBm5zuGOq9lZE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172824981568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/sw/sw6163303.js?var=4534663&var_3=null&var_4=null&ymid=4&ab2_ttl=5184000000 | 188.114.96.1 | 200 OK | 1.3 kB |
URL GET HTTP/3lifteque.top/sw/sw6163303.js?var=4534663&var_3=null&var_4=null&ymid=4&ab2_ttl=5184000000 IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (1381), with no line terminators Hash99ca62b8570692fe312e2964de2a4ae6 07581b877763ac8a4e236c921f531eb5795d5073 8f020a46cce62a09cfc76c053bdb8b9b059fc5f3a2837a1ba450156630fcb614
GET /sw/sw6163303.js?var=4534663&var_3=null&var_4=null&ymid=4&ab2_ttl=5184000000 HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-529"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2BweBsEyCa4yyC1VaWMymZT4VyxY0htNGcmt%2BCwj4K8oBKixV0YaLcmDQxJ9Wvsc%2F3TNqOrrhW6n3VcaOzoG85jMmp11yenAfCdxisy144uuyqSyoOA3XFcr2n5uUL4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e17285bd59568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/css/_core-survey.d3ac2ee0.css | 188.114.96.1 | 200 OK | 83 B |
URL GET HTTP/3lifteque.top/css/_core-survey.d3ac2ee0.css IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with no line terminators Hash30d726a40ffe74d794b282ca1795b44c b43155653a1b9cc8d257687df9a75e0f204db348 4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
GET /css/_core-survey.d3ac2ee0.css HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:31 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=84
etag: W/"662b7650-54"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NXUM3W%2FPW2yEE1tJkz1zJ7JWy1bZ3WAfiFtY5ZHU4rxHABsh1%2B4r4Y5ZlM93sEZ%2B8nMc76POR6I1WWT6iqjzpEG%2Bs6ygzaTPbTokcacwndsljUI%2FlVSfa0iQXJCeOP4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172824986568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-index.js.da9f7529.js | 188.114.96.1 | 200 OK | 41 kB |
URL GET HTTP/3lifteque.top/js/v-index.js.da9f7529.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (40985), with no line terminators Hash47a5b821c80a532b5e989cf87d451283 c0f9e87128e1d7d634649fb3c7b6c08f714e79bc 2526538666fe9c7811b9afaf71794b4f8cb4f0751f62872e1a0d8c3a6c131f07
GET /js/v-index.js.da9f7529.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:31 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=40988
etag: W/"662b7651-a01c"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BDYKPT%2BYgPfJL36CCl0e5Vw75Z%2FuRwRBQ3mqZYdXI77C8eenM%2BE3X%2FPKRcU2v85W9wrWUG%2Bv%2BqF0Dbc02ZZwcJ8OzchH8%2Fw1EyEuyIpyWHmPFIQURxSl89VocHETgsk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172824970568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/src_js_parts_replaceUrlTermsAndRedirect_ts.9d33b37f.js | 188.114.96.1 | 200 OK | 347 B |
URL GET HTTP/3lifteque.top/js/src_js_parts_replaceUrlTermsAndRedirect_ts.9d33b37f.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (357), with no line terminators Hash9ece9fc849871b7d08fa384867d6260a 49abdc7c36433be2cc6f22f08463f7ab5ebea6b4 b2845a23412d099e6a272b613412c8001899103c31678add71c60fe1b00df6d6
GET /js/src_js_parts_replaceUrlTermsAndRedirect_ts.9d33b37f.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7650-15b"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FsaUuDj8MDigNYV2777%2Bmz8EzquN25%2BnvLIq%2Bzv%2B069%2FgkFdcSyiIZLLPazSMhpPUG33lbjwl4mwj7ebqOKxw%2F%2BeOK89mjAo%2B9Nji2lMzDrvoHb58y9x1jmeZ1F1Lzs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172848c3a568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/css/src_js_components_Footer_Footer_tsx.ae79160e.css | 188.114.96.1 | 200 OK | 383 B |
URL GET HTTP/3lifteque.top/css/src_js_components_Footer_Footer_tsx.ae79160e.css IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (383), with no line terminators Hash8a1e27d3fe40dacdf45f3c2a0c72c3dc c4244fdf92ac42303ec5435499115d0e928804d9 d4c729196d5c4de3a3d812ffca60afe93a1b66f20163107b8f065cfdca1e6190
GET /css/src_js_components_Footer_Footer_tsx.ae79160e.css HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=384
etag: W/"662b7650-180"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MNiI%2BxVM34mQsVZbespBqz5JPNVrXK6a9%2FH%2BIBfq9M%2F%2FEKKMlap6A8EmpXjuFySP4WukELNPes%2FU6InzPE0XSxNjXPAlaCjlSW2Eoaeb%2F6Bo4sPmzMWGleeqfWIcx%2BM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172848c3b568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| offpichuan.com/rotate?zz=4326388;5592664;5592658;5592700;5592651;5592702;5622941&var=4534663&ymid=4&uid=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r | 139.45.197.237 | 200 OK | 3.6 kB |
URL GET HTTP/2offpichuan.com/rotate?zz=4326388;5592664;5592658;5592700;5592651;5592702;5622941&var=4534663&ymid=4&uid=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r IP139.45.197.237:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectoffpichuan.com Fingerprint8B:DE:51:B7:81:9E:EA:DE:73:A4:3D:67:F9:5E:6F:7B:F4:D6:77:5A ValidityMon, 15 Apr 2024 21:54:27 GMT - Sun, 14 Jul 2024 21:54:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3610), with no line terminators Hash24a4ed67229d14dee56f891ba242d768 1177fc63bb01d30709ed30740824a9540c7e6959 3219a501fc27d6b16aa62eb7e23e5d81e2db6f6537f3717c155fe152b368a0c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=4326388;5592664;5592658;5592700;5592651;5592702;5622941&var=4534663&ymid=4&uid=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 15:57:33 GMT
content-type: application/javascript
x-trace-id: 362e2a07b4c9affe2dcb74fb21e1890d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://lifteque.top
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; expires=Sat, 03 May 2025 15:57:33 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| lifteque.top/img/betting/sport-betting/boxring.webp | 188.114.96.1 | 200 OK | 15 kB |
URL GET HTTP/3lifteque.top/img/betting/sport-betting/boxring.webp IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 594x396, Scaling: [none]x[none], YUV color, decoders should clamp Hash0e255e2d6a693f6e9a839b87a2308dbb de83ed899c718b915263078d26a6e36038c279b9 d3ad332009f256aad9f3e57c4bd627b9a95568755d87602f3a25a09767e36076
GET /img/betting/sport-betting/boxring.webp HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lifteque.top/css/betting-survey.e1fedc09.css
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: image/webp
content-length: 15354
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-3bfa"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHXc2gcmBGYAyQWsEt2z30h8zIbiNG7J1ZLrvbsHKxTCyzg9QOySjhPNulT3U%2BNEgmuqpI2dtP8FnSrCkisCzW4LG7DHAqwzA9OrLY08IQU3CLn4gnt6%2FMBx8uX2p2M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172862ddc568d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-redux-toolkit.esm.js.fe3487ca.js | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/3lifteque.top/js/v-redux-toolkit.esm.js.fe3487ca.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (11319), with no line terminators Hash5aa3676547abc9a38889c09e69ca968d d19ea919192e86f97c34c0a5959ad05c52299aec 21648e7ba668a077e403b6bd1a38f05d55d987737b959d57e3b3c53787107eb7
GET /js/v-redux-toolkit.esm.js.fe3487ca.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:31 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-2c37"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gbhJIvNXsBZbwSKm71SwZ3Z2xaCpWodJ0bUU42YuDZLMZaWOT1uqKWxyJaHqjddUT%2FFpLlGCQM6GoyZptiEHIH3bGTC6PMT8adRFOjD%2Bd3eRkaYcX3%2Fm2pF%2BMSddLuQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e17282497c568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/s-checkSessionStorageAvailable.ts.e8412d91.js | 188.114.96.1 | 200 OK | 330 B |
URL GET HTTP/3lifteque.top/js/s-checkSessionStorageAvailable.ts.e8412d91.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (338), with no line terminators Hash6eb1ccbb769935debb74de9858287720 5302f94074f05eb22f05368dfe3464b85c89fb48 1e016cce8f09ded837e6e46c9e26d5dddccc19bbfa89c9dc583c04d85e2c7bb4
GET /js/s-checkSessionStorageAvailable.ts.e8412d91.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:31 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7650-14a"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JEaZcT1qnr50Z5JRskfvw1lg9n%2BZtCkI0Dhp%2Bt9yueYJViZXEb94Myvar8wsGJ9BCE0qfS5u8xJLcIzI54vvIl3ZICD43S02iL%2BbIv3AMw%2FUaKon5tP9EhkIWnGaz0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172824978568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-domparser.js.97173b2e.js | 188.114.96.1 | 200 OK | 1.7 kB |
URL GET HTTP/3lifteque.top/js/v-domparser.js.97173b2e.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (1772), with no line terminators Hash46dd2964e007bc585a8f72ed695089e8 d02de9abf34cf05d707899e2562c067a8e5326bc 96d95d967e2f5ca4a1be19cf0d21f756ba2d0295ad5f4e967048054e85f6072f
GET /js/v-domparser.js.97173b2e.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-6b8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbMolqpcV7iynCOBnTAIC%2BwCmGuyhjvrl7IJdHfdFyZu3SX9kzyzdVZMAYhjFnHG2d%2FZZ6Z%2FXWV%2Fa%2FGdDilh7lV5vOiilTI7XjcBHORqrpCWGi05HwMC4%2FvytluGetk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172848c33568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/src_js_components_Footer_Footer_tsx.412b820b.js | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3lifteque.top/js/src_js_components_Footer_Footer_tsx.412b820b.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators Hash5127f6cbde5f1ef64abffedd42cc5f3a 22b88da4ed5ee1a1040cf551c63a2ab822dc227a 00c01c9a9cf0c66ac7e1b9faf1a3679085c27101d8cec28a4b1b162e845d7f26
GET /js/src_js_components_Footer_Footer_tsx.412b820b.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-48d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vxJgeoAtuL7uERTlalGtZciLB2yittnOxY%2FoX%2B8Nm%2B%2FltvP6m3jxfLY9p6MAnGiVxVyLHrnVbJzXThD47C6T3rCJ3Q6k%2B0%2BAQkxxoPsavMBQ8IHM%2BGQVi7gNM%2Fj1wEM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172848c3d568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 | 188.114.96.1 | 200 OK | 7.2 kB |
URL User Request GET HTTP/2lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeHTML document, ASCII text, with very long lines (7439), with no line terminators Hash6a87a446091747cfee195cf1635c4ef4 e43e9720f9f2c4fafdd0ed1454af13af7cd36f6e 67f355bf059ee9758e7a112d94e434ceae1e38e950a96b46175b0da54523de81
GET /betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 15:57:31 GMT
content-type: text/html
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L3pRqnANrPBY4njkR%2F1tCnVp2VioXMTBGqjAh%2BJiJ5%2FRHgY3oOXtO3ZpXu0qovlkcSsprKELAD%2F%2B3RPWe7HiTLL97A%2BL9B0s%2Flq5Z8LpWoQMUb6yduBTNXShoyt3nFg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172809d30b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lifteque.top/js/SurveyContainer.e2959212.js | 188.114.96.1 | 200 OK | 57 kB |
URL GET HTTP/3lifteque.top/js/SurveyContainer.e2959212.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (57003) Hash1716bf0d79004adf0eb2cdcd64159891 67852b096bcc8817fb0b9b98abf264e40a59310c 56cd17eb9def743ef4bc4909a6eacb77266b749181cfcaec4d478336b1c6ff21
GET /js/SurveyContainer.e2959212.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-defd"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W0vIIPmF8YwJYAau5pOXPbo73reR%2FNPN9A2109WiT3ac3bNvjxMWmcsxTE5yEMKoeGWuKQfxFauq0aA8SvOlo9uvpNHSHcBdEwYnMRy0dpSwNWAvG648keDPu09MU4M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172848c39568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/css/betting-survey.e1fedc09.css | 188.114.96.1 | 200 OK | 27 kB |
URL GET HTTP/3lifteque.top/css/betting-survey.e1fedc09.css IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (26716), with no line terminators Hash1c2b049c08235d0c389647b4a3fdd028 5e16e961c86591db4cd7f2eda6d87864ac84359c 7cf8566500e87b9e115597e1ad62c170b9848fabeb475f90d67b4b722dfa8c72
GET /css/betting-survey.e1fedc09.css HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=26723
etag: W/"662b7650-6863"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HgSYt%2FRfpg4cuK3S3yf4oQ4fnZVAQ8C5Q8sHrD91Op55ZLzaFG1mkRWlxRanvqNHKl3kdjfMqazLDoO3dxcByO9nVZeCTXGHjFP%2FFfxTyuG9VHaP5aDIhgCXMPfPewI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172834adb568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/BettingSurvey.ca3ef9f6.js | 188.114.96.1 | 200 OK | 2.2 kB |
URL GET HTTP/3lifteque.top/js/BettingSurvey.ca3ef9f6.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (2273), with no line terminators Hashae05ba2003a03f49524f07f9b5512250 8cf00a4c457e550d417223acca97a191e13f99fc 4147796684c5a6263e5990e94893d55dd21331e1679a22576f16303d9d7089a8
GET /js/BettingSurvey.ca3ef9f6.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-894"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2F6dpFEVCWY0NtzTnRZoG9%2BnLHmVCU7Cy3kWZ2c3Ch3yyjLWSuuXHUcyggmwuYStRUlRe1jFUNJZADWkw7Ib2RgSZKPvsuSoJ%2FBgvrmv51M%2BXVEfs0XH4p7uTvWcw1M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172848c3f568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-possibleStandardNamesOptimized.js.205abacb.js | 188.114.96.1 | 200 OK | 7.6 kB |
URL GET HTTP/3lifteque.top/js/v-possibleStandardNamesOptimized.js.205abacb.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (7923), with no line terminators Hashf80cb2aef29b4a80d135d1a598ce1dfa 0653306df1fd8d8591f84661643825e41684d3f6 43c16ae11cea687efa4ca55dec516b23257c3fcb22c9d3541041f1816aaa7b5b
GET /js/v-possibleStandardNamesOptimized.js.205abacb.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-1d99"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=02A%2FgMe5Jpf463eW4JP4ATA4BupYMhRA5GrX9sAIwW58oPJXh9E297%2BO7MOd%2B4nko4YU2mcLJ%2BWM2m1qUTFpuEvfEOg7PcZ7AklgzcENUDx0lvd1AzvKmWo4FpO3vwo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172848c2f568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-attributes-to-props.js.a2e7cd04.js | 188.114.96.1 | 200 OK | 702 B |
URL GET HTTP/3lifteque.top/js/v-attributes-to-props.js.a2e7cd04.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (718), with no line terminators Hash4f868b7a0330d32e1450766a54886355 4b5952301185e7b02e2cdcba80f4aea3de700c47 2435c4b396d0b35fca9f618a201479cdcd64e84d43a386eec071a4082d7a781f
GET /js/v-attributes-to-props.js.a2e7cd04.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-2be"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wSq8Z%2BDP3PxYzSD84wZO2yeP12awYq3MkXr55R%2F7nY8ORhQgKDY%2BJbFV52ZdEN6tY6IgGvxm5UlSBMkEYorPWJTmwGdBST5MWTidDIGaecchHo%2Bs31De%2Fw8M6O8GqS4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172848c35568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-html-to-dom.js.ff1ae7e0.js | 188.114.96.1 | 200 OK | 364 B |
URL GET HTTP/3lifteque.top/js/v-html-to-dom.js.ff1ae7e0.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (373), with no line terminators Hash57f543d4f79657dc92755e2f2031da65 4884f924743049d7812b58958633a40f65e159b5 0fcc39a4a2b765b1ed92a6093fe6dc70e0a886914746f5af6fda6e3d1dc7417d
GET /js/v-html-to-dom.js.ff1ae7e0.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-16c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bdQi3hfRWb2XPvFlb055Jm7IrIU8UhpKWp9fhbGU7VvjPlBkXscMQ9Dd2tolK%2FevooTxi11ZseOaR8sLD3MkASd161Wbu5ZYwjqOZLiSEK3QWTk5j%2F92H%2BJRnblnfZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172848c36568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-constants.js.49317f47.js | 188.114.96.1 | 200 OK | 600 B |
URL GET HTTP/3lifteque.top/js/v-constants.js.49317f47.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (664), with no line terminators Hashcf8c486ed295e4a6a30f4fb155bf9fd3 9942a3d40672242af15f2d5cc95df2c06872914f 83c4b13e336b66f673d082c8b9b2b20fb98772916cb5da52f9e48c929cafc9cb
GET /js/v-constants.js.49317f47.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-258"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zlBAI8EvvvkuW1NBB%2FX7MPXTnA2UIp%2F5UJUbvggD9Nj36XvyiDQhbp8ieusqloCR1tDyxIfJLJglybs867PYs8FCxEvQ15XVMZ1%2BsKx6ZE8nxPRlw0aRx09wz9LrtPM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172848c38568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/img/betting/sport-betting/betting1.webp | 188.114.96.1 | 200 OK | 2.3 kB |
URL GET HTTP/3lifteque.top/img/betting/sport-betting/betting1.webp IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 140x140, Scaling: [none]x[none], YUV color, decoders should clamp Hashcd54542028a12acdd77d280eb13feb3e 0bbaa5c4160b215bc37b9987ec95d9b5bffd5d34 61ef8ac2711f65c63e419159da12b2fd640138153ac2503ab5f7680619a1f490
GET /img/betting/sport-betting/betting1.webp HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: image/webp
content-length: 2276
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-8e4"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lpCJK5z8CfVUJYVgxGpKDV8FQ644LZvweQIawTNqdcaAK7JefV7%2BuuRBs5Dp8fjgFF%2B0siyvA42QcrwDnfaQyR0AFq06kTYLIqn2fDdAria2tjWW7JjxetoGUgLV8gY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172864e19568d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-utilities.js.d1112fc4.js | 188.114.96.1 | 200 OK | 2.6 kB |
URL GET HTTP/3lifteque.top/js/v-utilities.js.d1112fc4.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (2645), with no line terminators Hash3f45699a0edf3555d230727e3e1ba866 f30b9f52153e77b9ce60a30ecb15f36657792908 1b312ac32a5c37ffe1c4bf861a048a76d807155fe494adf5dd356d067367f488
GET /js/v-utilities.js.d1112fc4.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:32 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-a11"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0JlxSKcskA6bPQlv%2FDYwvaP0CwMX88hJ35MLhT3a3vbX2pZLDp4Q7BM6ki8XebHoFJdk1heaxfQNnOFZsWWaTceOcyP7lvuandVk%2F2Yaomy2sQdAhzV2YnFvSar8%2BQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172848c31568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/favicon.ico | 188.114.96.1 | 200 OK | 1.2 kB |
IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash668ba1a9fa1890ba16cb8adc28d3dad8 5e35223b2541265114eaf61b9da2556c812fea17 7746cf1b553433822522f2dc432f55fe64eee1f1cf823ef6adfde02e58e1d7e2
GET /favicon.ico HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r; syncedCookie=true; oaidts=1714751852; ID=zwnddypjpkoctwlsz3nnoxp5mbv7fb6r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:33 GMT
content-type: image/x-icon
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-47e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ar5VFBLRm7utCBHpH0SMqsYvJhkLdHlbfT2BZUgk7H6BGTpUHXiTLHDkLBQQk10Mvlpr3QkDFe8v3PCptfRRq%2F%2FD%2BmD450WN3MgMZx7F7vWbu2LXO9rkN5RXOedZeGs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e17288b899568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/betting-survey.6c005c50.js | 188.114.96.1 | 200 OK | 577 B |
URL GET HTTP/3lifteque.top/js/betting-survey.6c005c50.js IP188.114.96.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=11drp05kjpcj5 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (599), with no line terminators Hash92a8eb7e6933f05ba71973db5945d5f3 ab4cd9925577ca2565c41ac942044b7678fb20f4 090cbd9c1d09a8110e5d2d44441721c5cbfe036d6ef7d967b8c4e5873bfc5e70
GET /js/betting-survey.6c005c50.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 15:57:31 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-241"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HG3yurP%2FTI%2FDOeWB3Qp0Zh9BNopkc2CgA9saE8o7cZRTFbolWmhqx3I%2FI2PUDmBJ34yacgKHh0TQf5S30NxjRGH6AtqOXV1ZTCINQEcxxJ9W967R6FAz1OmmJduSoz8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e172824984568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|