| www.ourfastcdn.com/vas-lps/28/control2.png | 194.242.11.186 | 200 OK | 2.0 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/28/control2.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint88:38:CE:4C:42:DD:02:8A:F4:DC:D3:6F:0B:14:B8:09:1D:14:CE:1C ValiditySat, 23 Mar 2024 21:08:58 GMT - Fri, 21 Jun 2024 21:08:57 GMT
File typePNG image data, 122 x 27, 8-bit/color RGBA, non-interlaced Hash625658ed84935aa9eed6df10dc5ce290 4cb0f5197954b415427bf8e6037fb670d369a462 f21be5f35ccd78826c7ac02f43d12a9c6bb731b29b2c273c1fe9c094ef77808e
GET /vas-lps/28/control2.png HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 May 2024 19:23:07 GMT
content-type: image/png
content-length: 2016
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Mon, 19 Jun 2023 11:00:44 GMT
cdn-cachedat: 05/03/2024 19:23:07
cdn-storageserver: DE-661
cdn-fileserver: 648
cdn-proxyver: 1.04
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a46978728b090c32dc4816079ff2a399
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/vas-lps/28/control.png | 194.242.11.186 | 200 OK | 803 B |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/28/control.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint88:38:CE:4C:42:DD:02:8A:F4:DC:D3:6F:0B:14:B8:09:1D:14:CE:1C ValiditySat, 23 Mar 2024 21:08:58 GMT - Fri, 21 Jun 2024 21:08:57 GMT
File typePNG image data, 101 x 27, 8-bit colormap, non-interlaced Hash1144b874544ea15711a194a7b6380c72 d11c9302f765d73871beea659dea23c6ca622ae6 16fef922aae5b8602922ee7dac45d96fee372f1c9ed2370296cbad2b4639dc33
GET /vas-lps/28/control.png HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 May 2024 19:23:07 GMT
content-type: image/png
content-length: 803
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Mon, 19 Jun 2023 11:00:45 GMT
cdn-cachedat: 05/03/2024 19:23:07
cdn-storageserver: DE-664
cdn-fileserver: 634
cdn-proxyver: 1.04
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 022fc5a17e5226e36911c3646ca3c8b1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/vas-lps/28/logo2.png | 194.242.11.186 | 200 OK | 7.6 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/28/logo2.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint88:38:CE:4C:42:DD:02:8A:F4:DC:D3:6F:0B:14:B8:09:1D:14:CE:1C ValiditySat, 23 Mar 2024 21:08:58 GMT - Fri, 21 Jun 2024 21:08:57 GMT
File typePNG image data, 724 x 125, 8-bit gray+alpha, non-interlaced Hash61735b937097ee2b297c1ade459d675c 480bc17d45ae24a82fd7cfda444c510d4800df4d 9e26a9c398064ab68220367aef456098243b18d56b47baa8c47c6f9de464cddb
GET /vas-lps/28/logo2.png HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 May 2024 19:23:07 GMT
content-type: image/png
content-length: 7614
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Mon, 19 Jun 2023 11:00:42 GMT
cdn-cachedat: 05/03/2024 19:23:07
cdn-storageserver: DE-680
cdn-fileserver: 639
cdn-proxyver: 1.04
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: c6651aada4546b836b6b61bb2fce510d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/content/loading.gif | 194.242.11.186 | 200 OK | 173 kB |
URL GET HTTP/2www.ourfastcdn.com/content/loading.gif IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint88:38:CE:4C:42:DD:02:8A:F4:DC:D3:6F:0B:14:B8:09:1D:14:CE:1C ValiditySat, 23 Mar 2024 21:08:58 GMT - Fri, 21 Jun 2024 21:08:57 GMT
File typeGIF image data, version 89a, 630 x 636 Size173 kB (172593 bytes) Hashe5ed5c6288d5d294a607ac99a13d8b02 a06b3c444b8a1076702d992a0f9a14a18fb22134 28f8977a12f0de984d665663073a824c7c834ef19de692ee066d396c19cfcfee
GET /content/loading.gif HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 May 2024 19:23:07 GMT
content-type: image/gif
content-length: 172593
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Wed, 15 Feb 2023 18:02:52 GMT
cdn-cachedat: 05/03/2024 16:11:25
cdn-storageserver: DE-663
cdn-fileserver: 548
cdn-proxyver: 1.04
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1d755dbddd34832f47b27b0bf3d30d99
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/vas-lps/28/bg.jpg | 194.242.11.186 | 200 OK | 150 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/28/bg.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint88:38:CE:4C:42:DD:02:8A:F4:DC:D3:6F:0B:14:B8:09:1D:14:CE:1C ValiditySat, 23 Mar 2024 21:08:58 GMT - Fri, 21 Jun 2024 21:08:57 GMT
File typeJPEG image data, baseline, precision 8, 1920x1080, components 3 Size150 kB (150502 bytes) Hash55d0a4fab941f6374fc699a7705f19d1 82bb65c6972610d907450c1e5f3833c7be3e5dd7 6fc56cef5d396523134b9402be4a094f133bdec8ef594bce87e5ed2fda7c2faa
GET /vas-lps/28/bg.jpg HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ourfastcdn.com/vas-lps/28/style5.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 May 2024 19:23:07 GMT
content-type: image/jpeg
content-length: 150502
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Mon, 19 Jun 2023 11:00:47 GMT
cdn-cachedat: 05/03/2024 19:23:07
cdn-storageserver: DE-663
cdn-fileserver: 633
cdn-proxyver: 1.04
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2b848e1275bb2a632734ddb071bc89a8
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fd.sla-alacrity.com/token?partner=partner:624cdcca924feb5a3e92521f09031dca18fe2259&service=campaign:9f322d8dc286dcf4366a9770ba998d7aef0b0f37&ref=&fetch_usage=true | 108.157.229.87 | 200 OK | 3.4 kB |
URL GET HTTP/2fd.sla-alacrity.com/token?partner=partner:624cdcca924feb5a3e92521f09031dca18fe2259&service=campaign:9f322d8dc286dcf4366a9770ba998d7aef0b0f37&ref=&fetch_usage=true IP108.157.229.87:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hash196d184b0f61cd79ff8bd881468552f2 61b89d45458c35a4cb84ec838f320b57759e2689 4f06f865e8ddc1cb972784b852fff759a73a5a81da142848966dbb51eff39ac3
GET /token?partner=partner:624cdcca924feb5a3e92521f09031dca18fe2259&service=campaign:9f322d8dc286dcf4366a9770ba998d7aef0b0f37&ref=&fetch_usage=true HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Fri, 03 May 2024 19:23:07 GMT
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-headers: Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
vary: Accept, Origin
etag: W/"3658269f305d2a7df313bfac52af6e68"
cache-control: max-age=0, private, must-revalidate
x-request-id: c50191a6-6231-469b-8705-c5ca6093742c
x-runtime: 0.022555
x-cache: Miss from cloudfront
via: 1.1 3130c9b603e4215bb05d32cd39e3843c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: h3_F-QfXRxCoiqs3W0-Dpv9-t7adc92sarzb8wKFX0zoDryhLaAlww==
X-Firefox-Spdy: h2
|
|
| antifraud-uk.empello.net/api/v2/token/js/info/ | 13.43.60.223 | 200 OK | 0 B |
URL POST HTTP/2antifraud-uk.empello.net/api/v2/token/js/info/ IP13.43.60.223:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.empello.net FingerprintBD:EE:34:0F:30:99:2E:5A:A7:5D:1E:8C:1A:07:BD:9D:B8:05:E2:85 ValidityWed, 24 Apr 2024 00:00:00 GMT - Mon, 19 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/token/js/info/ HTTP/1.1
Host: antifraud-uk.empello.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 5730
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 May 2024 19:23:08 GMT
content-type: application/json
content-length: 0
server: nginx
x-frame-options: DENY
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
vary: origin
access-control-allow-origin: *
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self'
strict-transport-security: max-age=0; includeSubdomains;
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
|
|
| antifraud-uk.empello.net/api/v2/token/js/get/ | 13.43.60.223 | 200 OK | 1.4 kB |
URL POST HTTP/2antifraud-uk.empello.net/api/v2/token/js/get/ IP13.43.60.223:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.empello.net FingerprintBD:EE:34:0F:30:99:2E:5A:A7:5D:1E:8C:1A:07:BD:9D:B8:05:E2:85 ValidityWed, 24 Apr 2024 00:00:00 GMT - Mon, 19 May 2025 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash86c037fa25357d11698c9709c0daa46d fded00624da1d3a96bd65baf77db12f9b2ace972 966dd73daff88d14447ad3d3da68f7f8d42413aa01fb32a8614095d17c53bc2e
POST /api/v2/token/js/get/ HTTP/1.1
Host: antifraud-uk.empello.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 155
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 19:23:08 GMT
content-type: application/json
server: nginx
x-frame-options: DENY
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
vary: origin
access-control-allow-origin: *
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self'
strict-transport-security: max-age=0; includeSubdomains;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| antifraud-uk.empello.net/ws/info/?key=ukradscgvmjylgbmldykmwelylouqbehocesasevmwimwkfsucrmeteofwyfkucg | 13.43.60.223 | | 0 B |
URL antifraud-uk.empello.net/ws/info/?key=ukradscgvmjylgbmldykmwelylouqbehocesasevmwimwkfsucrmeteofwyfkucg IP13.43.60.223:0
CertificateIssuerSectigo Limited Subject*.empello.net FingerprintBD:EE:34:0F:30:99:2E:5A:A7:5D:1E:8C:1A:07:BD:9D:B8:05:E2:85 ValidityWed, 24 Apr 2024 00:00:00 GMT - Mon, 19 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/info/?key=ukradscgvmjylgbmldykmwelylouqbehocesasevmwimwkfsucrmeteofwyfkucg HTTP/1.1
Host: antifraud-uk.empello.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://get-fabulous-content.click
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L11lQf3kqbxFtmLfEtzSRw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 03 May 2024 19:23:08 GMT
Connection: upgrade
Server: nginx
Upgrade: WebSocket
Sec-WebSocket-Accept: 1uNFTC6myx4HbOd45MT/iG8vkoc=
|
|
| fd.sla-alacrity.com/token/empello?token=56d6fdcd-b8df-4e97-96de-99f0ca03fe73&e_token=uknurzdpympbjgyxqljpyuxbethmzzesyccvnzmyzhwdyozbnlvosudktfnjbmoe&empello_checks_delay=false | 108.157.229.87 | 200 OK | 9.9 kB |
URL POST HTTP/3fd.sla-alacrity.com/token/empello?token=56d6fdcd-b8df-4e97-96de-99f0ca03fe73&e_token=uknurzdpympbjgyxqljpyuxbethmzzesyccvnzmyzhwdyozbnlvosudktfnjbmoe&empello_checks_delay=false IP108.157.229.87:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashe5a0f1086e8b246270a576750be1fae9 01a2ccac2ce4e00f3a9e4ac5828adcae6f88ebe2 29502c1671bba0b30ffe319a5304c8a2881aa6d7198444eec31d895c31fe7c26
POST /token/empello?token=56d6fdcd-b8df-4e97-96de-99f0ca03fe73&e_token=uknurzdpympbjgyxqljpyuxbethmzzesyccvnzmyzhwdyozbnlvosudktfnjbmoe&empello_checks_delay=false HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/3 200 OK
content-type: text/plain; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: ARN56-P2
date: Fri, 03 May 2024 19:23:08 GMT
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-headers: Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
vary: Accept, Origin
etag: W/"2689367b205c16ce32ed4200942b8b8b"
cache-control: max-age=0, private, must-revalidate
x-request-id: 7b461b95-cc60-4e6b-a8a4-7ebb58efec81
x-runtime: 0.013095
x-cache: Miss from cloudfront
via: 1.1 2ec95fe7e41d4394d0fc48587428057e.cloudfront.net (CloudFront)
x-amz-cf-id: lDCX1nDP11DUaLDNpokC7WA54NkWfTJPZEDOc1FIfbipvmBdSapR2w==
|
|
| get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= | 172.67.145.39 | 200 OK | 11 kB |
URL User Request GET HTTP/2get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= IP172.67.145.39:443
CertificateIssuerLet's Encrypt Subjectget-fabulous-content.click Fingerprint2B:B5:95:00:28:15:55:DA:D5:27:69:A3:E7:59:CC:C5:79:06:CA:5E ValidityFri, 29 Mar 2024 04:08:55 GMT - Thu, 27 Jun 2024 04:08:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= HTTP/1.1
Host: get-fabulous-content.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 19:23:06 GMT
content-type: text/html; charset=UTF-8
set-cookie: 27bcd6eec9879c6e471f6cf3efa4b45d=27bcd6eec9879c6e471f6cf3efa4b45d; expires=Sat, 03 May 2025 19:23:06 GMT; Max-Age=31536000; path=/; secure
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8vjJrxZaFNF%2B3K9hDiPW7I1oS5G%2FRF9FS5bwD6Nxsxd4XNrOLOwweL3%2FRbbjCb4vmZmh5dr2C4yKZzXsVcRyRveJ3Q9Tf15i2%2BIztvmU1OIOkXpALlmeyemAWL7aeMG8%2Fucn2PqkFzQLtGCVbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e29fa5da700b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/libraries/axios.min.js | 194.242.11.186 | 200 OK | 31 kB |
URL GET HTTP/2www.ourfastcdn.com/libraries/axios.min.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint88:38:CE:4C:42:DD:02:8A:F4:DC:D3:6F:0B:14:B8:09:1D:14:CE:1C ValiditySat, 23 Mar 2024 21:08:58 GMT - Fri, 21 Jun 2024 21:08:57 GMT
File typeJavaScript source, ASCII text, with very long lines (31114) Hashb843d5d6f3c9912a2c5b5056e378f3f2 2463f7b88c39d73a0c1bfa38d494c2d37cdd7590 994d6e124d837856735298c59b571c79f9f61e448c84ad6b742e6f6ba05cbf93
GET /libraries/axios.min.js HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 19:23:07 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"63d2fc69-79b1"
last-modified: Thu, 26 Jan 2023 22:19:21 GMT
cdn-cachedat: 04/28/2024 03:06:32
cdn-storageserver: DE-661
cdn-fileserver: 537
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 765ea479e0d2d75899fbe360c80eeb52
cdn-cache: HIT
X-Firefox-Spdy: h2
|
|
| fd.sla-alacrity.com/d513e9e03227.js | 108.157.229.87 | 200 OK | 20 kB |
URL GET HTTP/2fd.sla-alacrity.com/d513e9e03227.js IP108.157.229.87:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (19939), with no line terminators Hasha745c02927f3f2bbea57e779107be034 c41a7b70dc41bb73dde868d61906e2af9e54320f 265f2a49910682ea3dd31952090019b4372c1f2898c6fa39c959fad312c14854
Analyzer | Verdict | Alert | Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /d513e9e03227.js HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 03 May 2024 06:55:07 GMT
server: nginx/1.21.4
last-modified: Tue, 26 Mar 2024 12:34:10 GMT
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 36510edbc7ba8916907c18e15b00f64c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: foG7BgeVpWVLlTbIRceEp8iMVpOKNKW0dVMVxEzqN-JFvawZqUcB0Q==
age: 44880
X-Firefox-Spdy: h2
|
|
| redirect.domn2ndprft.digital/click?o=10765&a=8555&aff_click_id=082a3qqk28rgx125&sub_id1=2&sub_id2=6118780 | 104.21.23.23 | 302 Found | 11 kB |
URL User Request GET HTTP/2redirect.domn2ndprft.digital/click?o=10765&a=8555&aff_click_id=082a3qqk28rgx125&sub_id1=2&sub_id2=6118780 IP104.21.23.23:443
CertificateIssuerLet's Encrypt Subjectdomn2ndprft.digital Fingerprint72:3D:17:FD:58:A2:DF:89:DC:02:8F:E0:EB:02:D5:DC:CE:FB:79:50 ValidityMon, 29 Apr 2024 20:35:55 GMT - Sun, 28 Jul 2024 20:35:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?o=10765&a=8555&aff_click_id=082a3qqk28rgx125&sub_id1=2&sub_id2=6118780 HTTP/1.1
Host: redirect.domn2ndprft.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 03 May 2024 19:23:06 GMT
content-type: text/html; charset=UTF-8
location: https://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5=
set-cookie: U-21a8e1f481e73c7e7d9b8f154930b010=unique; expires=Sun, 02-Jun-2024 19:23:06 GMT; Max-Age=2592000; path=/; secure; SameSite=None
o_21a8e1f481e73c7e7d9b8f154930b010=4b9472d2-0c47-4520-bcd6-bed75b6f5ab4; expires=Sun, 10-Jan-2038 19:23:06 GMT; Max-Age=432000000; path=/; secure; SameSite=None
x-debug-tag: 6635399a3d030
x-debug-duration: 121
x-debug-link: /v-debugger/default/view?tag=6635399a3d030
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OndrcO%2FFCUWN2814Uo19hjnHjGLt8eLQiOxenw%2BvRq1fZFkjWlAa5FTopTz%2FbCBIYsKzsCHO%2Fyc2xaZT2VT9%2FCX29gNAjFIWrV6qrvLCoTU19e8BYY5evf18MDEgjjnm%2BGE2YULERpA2cUtuWZq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e29fa34f0bb51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/vas-lps/kw36.js | 194.242.11.186 | 200 OK | 11 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/kw36.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint88:38:CE:4C:42:DD:02:8A:F4:DC:D3:6F:0B:14:B8:09:1D:14:CE:1C ValiditySat, 23 Mar 2024 21:08:58 GMT - Fri, 21 Jun 2024 21:08:57 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash8c5e53d9c1079e213be1c920a11b5644 acb687c5bd0101824a9190a7bdd350412e52487b 41c337d43a964302fdb91a0d5d07ecb3e4592caeaadb14978c36b4535d705bc7
GET /vas-lps/kw36.js HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 19:23:07 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"662e4397-2a10"
last-modified: Sun, 28 Apr 2024 12:39:51 GMT
cdn-cachedat: 05/03/2024 19:23:07
cdn-storageserver: DE-663
cdn-fileserver: 247
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e302a9e5093736587ad88d9169295f6b
cdn-cache: MISS
X-Firefox-Spdy: h2
|
|
| fd.sla-alacrity.com/token/empello?token=56d6fdcd-b8df-4e97-96de-99f0ca03fe73&version=2&button=I3N1YnNjcmliZQ== | 108.157.229.87 | 200 OK | 132 kB |
URL GET HTTP/2fd.sla-alacrity.com/token/empello?token=56d6fdcd-b8df-4e97-96de-99f0ca03fe73&version=2&button=I3N1YnNjcmliZQ== IP108.157.229.87:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Size132 kB (132166 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token/empello?token=56d6fdcd-b8df-4e97-96de-99f0ca03fe73&version=2&button=I3N1YnNjcmliZQ== HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Fri, 03 May 2024 19:23:08 GMT
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-headers: Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
vary: Accept, Origin
etag: W/"a5d0f8f988b9d13f1022f5d8e1a7ab10"
cache-control: max-age=0, private, must-revalidate
x-request-id: de64b983-5195-426c-b5a0-2bed5717789e
x-runtime: 0.129389
x-cache: Miss from cloudfront
via: 1.1 3130c9b603e4215bb05d32cd39e3843c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 69hiZw075H18P-ZVrcCexNOtbgYDN4vhhjzfnTtAZS8ejybgHLnwSg==
X-Firefox-Spdy: h2
|
|
| fd.sla-alacrity.com/token/fingerprint?token=56d6fdcd-b8df-4e97-96de-99f0ca03fe73&fingerprint=5db3a4e34790624df926db520a13f79f | 108.157.229.87 | 200 OK | 2 B |
URL POST HTTP/3fd.sla-alacrity.com/token/fingerprint?token=56d6fdcd-b8df-4e97-96de-99f0ca03fe73&fingerprint=5db3a4e34790624df926db520a13f79f IP108.157.229.87:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /token/fingerprint?token=56d6fdcd-b8df-4e97-96de-99f0ca03fe73&fingerprint=5db3a4e34790624df926db520a13f79f HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://get-fabulous-content.click
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
content-type: text/plain; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: ARN56-P2
date: Fri, 03 May 2024 19:23:08 GMT
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-headers: Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
vary: Accept, Origin
etag: W/"2689367b205c16ce32ed4200942b8b8b"
cache-control: max-age=0, private, must-revalidate
x-request-id: f89dbe04-fd9e-4fec-8c75-dc525f53cf91
x-runtime: 0.013077
x-cache: Miss from cloudfront
via: 1.1 2ec95fe7e41d4394d0fc48587428057e.cloudfront.net (CloudFront)
x-amz-cf-id: KHILpJJKTODw58FES-lpONra859CmxDXdWS-GPOBCazHovzrbZWLeA==
|
|
| fd.sla-alacrity.com/fp.js | 108.157.229.87 | 200 OK | 30 kB |
URL GET HTTP/3fd.sla-alacrity.com/fp.js IP108.157.229.87:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.sla-alacrity.com Fingerprint0F:9A:D2:50:32:F9:50:67:E7:4F:7C:88:EA:B0:C7:D1:88:47:85:17 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp.js HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
age: 44870
date: Fri, 03 May 2024 06:55:18 GMT
server: nginx/1.21.4
last-modified: Tue, 26 Mar 2024 12:34:10 GMT
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d913eed4ff9d3ba68bce11280aa7e1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: FenkDNw5IOCDkATvB9p4R_5td584zXodAhnf7CCfS5nc2W2nyyqoOw==
|
|
| www.ourfastcdn.com/vas-lps/28/icons8-video-96.png | 194.242.11.186 | 200 OK | 1.4 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/28/icons8-video-96.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint88:38:CE:4C:42:DD:02:8A:F4:DC:D3:6F:0B:14:B8:09:1D:14:CE:1C ValiditySat, 23 Mar 2024 21:08:58 GMT - Fri, 21 Jun 2024 21:08:57 GMT
File typePNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced Hash2e7bb6dc5704365201054b41f7406b55 d0ee39e5d4ca9e8587cb590acdee72dbe094a714 bec7145016409712927a925408e9b22c2b139aca12e55e22a3fffedcb4fb460d
GET /vas-lps/28/icons8-video-96.png HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 19:23:08 GMT
content-type: image/png
content-length: 1357
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Mon, 19 Jun 2023 11:12:09 GMT
cdn-cachedat: 05/03/2024 19:23:08
cdn-storageserver: DE-661
cdn-fileserver: 650
cdn-proxyver: 1.04
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 9c6c9f46668f0bb228f64233abd8bec1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.ourfastcdn.com/vas-lps/28/style5.css | 194.242.11.186 | 200 OK | 20 kB |
URL GET HTTP/2www.ourfastcdn.com/vas-lps/28/style5.css IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerLet's Encrypt Subjectwww.ourfastcdn.com Fingerprint88:38:CE:4C:42:DD:02:8A:F4:DC:D3:6F:0B:14:B8:09:1D:14:CE:1C ValiditySat, 23 Mar 2024 21:08:58 GMT - Fri, 21 Jun 2024 21:08:57 GMT
File typeASCII text, with CRLF line terminators Hash7bf196ce9637535480728a69faccaa4f 48506b88411658b53f74b58a3cb534e7c4b2241b ee75ad11fc3f1c60fd0002d4fa2ba62baf0da0c96733190381d41024e86fc364
GET /vas-lps/28/style5.css HTTP/1.1
Host: www.ourfastcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://get-fabulous-content.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 19:23:07 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 123549
cdn-uid: 6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"64a5657a-4e75"
last-modified: Wed, 05 Jul 2023 12:43:38 GMT
cdn-cachedat: 05/03/2024 19:23:07
cdn-storageserver: DE-661
cdn-fileserver: 645
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ab844d1793ce31c692785b09e69f1719
cdn-cache: MISS
X-Firefox-Spdy: h2
|
|
| antifraud-uk.empello.net/ws/info/?key=ukradscgvmjylgbmldykmwelylouqbehocesasevmwimwkfsucrmeteofwyfkucg | 13.43.60.223 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1antifraud-uk.empello.net/ws/info/?key=ukradscgvmjylgbmldykmwelylouqbehocesasevmwimwkfsucrmeteofwyfkucg IP13.43.60.223:443
Requested byhttps://get-fabulous-content.click/lp/kw/ar/7o3r66lw02/?cid=27bcd6eec9879c6e471f6cf3efa4b45d&aff=8555&s1=2&s2=6118780&s3=&s4=&s5= CertificateIssuerSectigo Limited Subject*.empello.net FingerprintBD:EE:34:0F:30:99:2E:5A:A7:5D:1E:8C:1A:07:BD:9D:B8:05:E2:85 ValidityWed, 24 Apr 2024 00:00:00 GMT - Mon, 19 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/info/?key=ukradscgvmjylgbmldykmwelylouqbehocesasevmwimwkfsucrmeteofwyfkucg HTTP/1.1
Host: antifraud-uk.empello.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://get-fabulous-content.click
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L11lQf3kqbxFtmLfEtzSRw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 03 May 2024 19:23:08 GMT
Connection: upgrade
Server: nginx
Upgrade: WebSocket
Sec-WebSocket-Accept: 1uNFTC6myx4HbOd45MT/iG8vkoc=
|
|