trk.trackingbakflow.com/t/MzkzXzQ3Mjk/?p1=6474bfe45c0b7700015c0d58&source=3095
35.241.7.124302 Found 0 B URL User Request GET HTTP/2 trk.trackingbakflow.com/t/MzkzXzQ3Mjk/?p1=6474bfe45c0b7700015c0d58&source=3095
IP 35.241.7.124:443
Certificate IssuerLet's Encrypt
Subjectadsflow.hippla.com
FingerprintB7:AF:0C:87:3F:2D:AA:44:46:C0:DE:FD:B4:F8:A6:A0:11:68:D5:20
ValidityTue, 02 May 2023 10:33:43 GMT - Mon, 31 Jul 2023 10:33:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/MzkzXzQ3Mjk/?p1=6474bfe45c0b7700015c0d58&source=3095 HTTP/1.1
Host: trk.trackingbakflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Mon, 29 May 2023 15:08:30 GMT
content-length: 0
location: https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
x-rt: 0
set-cookie: sess_63c1691a8508f367e320d3f2=5b30d92db6920d613d3fcbfa; expires=Mon, 05 Jun 2023 15:08:30 GMT; path=/; HttpOnly
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
162.220.163.46200 OK 3.0 kB URL User Request GET HTTP/1.1 pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
IP 162.220.163.46:443
Certificate IssuerLet's Encrypt
Subjectpay-magnet.com
Fingerprint07:B5:15:DA:C1:37:95:8E:67:3D:1D:D7:C0:D3:BF:54:3F:B9:5C:E3
ValidityMon, 08 May 2023 11:20:16 GMT - Sun, 06 Aug 2023 11:20:15 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash e781840c0cf14a920a1b7ac4c3447e23
0c50473da043af0a210b5d0cc5ca64ed035f59db
79721cde303d16090639c74744ea7b96d52a60c18cf4c0065ab8d1a2767c8765
GET /?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone= HTTP/1.1
Host: pay-magnet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Mon, 29 May 2023 15:08:31 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
142.250.74.42200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP 142.250.74.42:443
Requested by https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (32180)
Hash 32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pay-magnet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 21:56:41 GMT
expires: Thu, 23 May 2024 21:56:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 407510
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pay-magnet.com/css/payment.css
162.220.163.46200 OK 13 kB URL GET HTTP/1.1 pay-magnet.com/css/payment.css
IP 162.220.163.46:443
Requested by https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
Certificate IssuerLet's Encrypt
Subjectpay-magnet.com
Fingerprint07:B5:15:DA:C1:37:95:8E:67:3D:1D:D7:C0:D3:BF:54:3F:B9:5C:E3
ValidityMon, 08 May 2023 11:20:16 GMT - Sun, 06 Aug 2023 11:20:15 GMT
File type ASCII text, with very long lines (12911)
Hash e34fc276039f9c76d80705ddd40a5b8f
3dc5a5f509434e8814b2c7d20d50075f21e02182
e81977d63a6dab04d49a30a5107090c51c35ceeb3862795479c36c86aa3306ec
GET /css/payment.css HTTP/1.1
Host: pay-magnet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Mon, 29 May 2023 15:08:32 GMT
Content-Type: text/css
Content-Length: 13092
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2019 10:01:15 GMT
ETag: "5dfc9beb-3324"
Accept-Ranges: bytes
pay-magnet.com/css/cc_blank.css
162.220.163.46200 OK 99 kB URL GET HTTP/1.1 pay-magnet.com/css/cc_blank.css
IP 162.220.163.46:443
Requested by https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
Certificate IssuerLet's Encrypt
Subjectpay-magnet.com
Fingerprint07:B5:15:DA:C1:37:95:8E:67:3D:1D:D7:C0:D3:BF:54:3F:B9:5C:E3
ValidityMon, 08 May 2023 11:20:16 GMT - Sun, 06 Aug 2023 11:20:15 GMT
File type ASCII text, with very long lines (748)
Hash 78c8087ad19e20a286cc147b9ffd49bb
d24c04b56d21c9696a3fd01059e82aab924884a4
81f12bd99a2f4c1e62f31335cd65f9cad4b3515a13b91147f3da0ae81a755e07
GET /css/cc_blank.css HTTP/1.1
Host: pay-magnet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Mon, 29 May 2023 15:08:32 GMT
Content-Type: text/css
Content-Length: 98640
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2019 10:01:15 GMT
ETag: "5dfc9beb-18150"
Accept-Ranges: bytes
pushserve.xyz/api/v1/visit
20.50.64.3200 OK 0 B URL OPTIONS HTTP/2 pushserve.xyz/api/v1/visit
IP 20.50.64.3:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
Certificate IssuerSectigo Limited
Subjectpushserve.xyz
Fingerprint65:0E:9D:C0:8A:04:85:5C:66:51:F4:1C:73:E3:76:86:4C:CC:56:69
ValidityMon, 01 Aug 2022 00:00:00 GMT - Tue, 01 Aug 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
OPTIONS /api/v1/visit HTTP/1.1
Host: pushserve.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay-magnet.com/
Origin: https://pay-magnet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 15:08:32 GMT
access-control-allow-headers: content-type
access-control-allow-origin: *
set-cookie: TiPMix=30.900630808397413; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
content-length: 0
X-Firefox-Spdy: h2
pay-magnet.com/images/paycards.png
162.220.163.46200 OK 4.9 kB URL GET HTTP/1.1 pay-magnet.com/images/paycards.png
IP 162.220.163.46:443
Requested by https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
Certificate IssuerLet's Encrypt
Subjectpay-magnet.com
Fingerprint07:B5:15:DA:C1:37:95:8E:67:3D:1D:D7:C0:D3:BF:54:3F:B9:5C:E3
ValidityMon, 08 May 2023 11:20:16 GMT - Sun, 06 Aug 2023 11:20:15 GMT
File type PNG image data, 586 x 86, 8-bit colormap, non-interlaced\012- data
Hash f96d71e133599a94b0a0f021336bc9c9
693e35c34335ec8b9d2da6fa48a324ed6c4a0f5f
5b15ae62917e6820c10eb5a8615af9579abea70e0464a75b4adc397a800d0589
GET /images/paycards.png HTTP/1.1
Host: pay-magnet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Mon, 29 May 2023 15:08:33 GMT
Content-Type: image/png
Content-Length: 4920
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 10:14:59 GMT
ETag: "63887ea3-1338"
Accept-Ranges: bytes
pushserve.xyz/api/v1/visit
20.50.64.3200 OK 1.5 kB URL OPTIONS HTTP/2 pushserve.xyz/api/v1/visit
IP 20.50.64.3:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
Certificate IssuerSectigo Limited
Subjectpushserve.xyz
Fingerprint65:0E:9D:C0:8A:04:85:5C:66:51:F4:1C:73:E3:76:86:4C:CC:56:69
ValidityMon, 01 Aug 2022 00:00:00 GMT - Tue, 01 Aug 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (1535), with no line terminators
Hash ce0870c5c617b8c55813abb1339e26fc
23fe5799465a83f3e589f7233e29249c19d0ae67
ba975f9e5dace8ad2d3a6e9d9e3528e857c6a07adaedc35c7b74502f39bbc991
Analyzer Verdict Alert fortinet Phishing
POST /api/v1/visit HTTP/1.1
Host: pushserve.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay-magnet.com/
Content-type: application/json
Content-Length: 497
Origin: https://pay-magnet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Mon, 29 May 2023 15:08:32 GMT
server: Kestrel
access-control-allow-origin: *
set-cookie: TiPMix=19.486160732373936; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
content-length: 1535
X-Firefox-Spdy: h2
pushworld2.xyz/api/v1/visit/log-client-error
172.67.221.179200 OK 0 B URL POST HTTP/3 pushworld2.xyz/api/v1/visit/log-client-error
IP 172.67.221.179:443
Requested by https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
Certificate IssuerGoogle Trust Services LLC
Subjectpushworld2.xyz
FingerprintCF:73:F5:9C:B4:65:FA:18:51:C8:C5:16:49:23:81:FB:6C:06:F7:CC
ValidityWed, 24 May 2023 14:35:48 GMT - Tue, 22 Aug 2023 14:35:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/visit/log-client-error HTTP/1.1
Host: pushworld2.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay-magnet.com/
Origin: https://pay-magnet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 15:08:33 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-allow-origin: *
set-cookie: TiPMix=83.920259413934; path=/; HttpOnly; Domain=pushworld2.xyz; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=pushworld2.xyz; Max-Age=3600; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4KKnMj%2BMYtd2lzoJ1rQtvgbbejidqvj5HorJNYVhpisNfluiKy1vGSZvVc7yd%2FRpKj%2Bg3DWL8URVqiPTkoaeESsJtu68Qnyp%2BGzShwGxixxvYeXSWEU%2FZ5HmjRAcCIzpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cefa7430e74b4ee-OSL
alt-svc: h3=":443"; ma=86400
pushworld2.xyz/api/v1/visit/log-client-error
172.67.221.179200 OK 0 B URL POST HTTP/3 pushworld2.xyz/api/v1/visit/log-client-error
IP 172.67.221.179:443
Requested by https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
Certificate IssuerGoogle Trust Services LLC
Subjectpushworld2.xyz
FingerprintCF:73:F5:9C:B4:65:FA:18:51:C8:C5:16:49:23:81:FB:6C:06:F7:CC
ValidityWed, 24 May 2023 14:35:48 GMT - Tue, 22 Aug 2023 14:35:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/visit/log-client-error HTTP/1.1
Host: pushworld2.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay-magnet.com/
Content-type: application/json
Content-Length: 1640
Origin: https://pay-magnet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 15:08:33 GMT
content-length: 0
access-control-allow-origin: *
set-cookie: TiPMix=87.76882292519927; path=/; HttpOnly; Domain=pushworld2.xyz; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=pushworld2.xyz; Max-Age=3600; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPtO4di%2FFOftrGIaQayIRnni5ZPdiUNYSAeubK3q2c%2B7aY1EfviAFX%2BWSG5GGfTpcvkO35nVdFE80mUaShRVKoxvZb9gX5ezd29mN5g9mloW%2FEUWlqm9iasQ4%2Bs77Y7JIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cefa7436f12b4ee-OSL
alt-svc: h3=":443"; ma=86400
pay-magnet.com/favicon.ico
162.220.163.46200 OK 7.4 kB URL GET HTTP/1.1 pay-magnet.com/favicon.ico
IP 162.220.163.46:443
Requested by https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
Certificate IssuerLet's Encrypt
Subjectpay-magnet.com
Fingerprint07:B5:15:DA:C1:37:95:8E:67:3D:1D:D7:C0:D3:BF:54:3F:B9:5C:E3
ValidityMon, 08 May 2023 11:20:16 GMT - Sun, 06 Aug 2023 11:20:15 GMT
File type MS Windows icon resource - 1 icon, 48x48, 24 bits/pixel\012- data
Hash 40eb4ffd48c93baf112e066f62108616
c49fb3956c9c51ae645f6ddd567de0c02dca3db4
5b910f8369fc6cf04503c24748de67ce38b01d95acca02c730e47abca4226e76
GET /favicon.ico HTTP/1.1
Host: pay-magnet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Mon, 29 May 2023 15:08:33 GMT
Content-Type: image/x-icon
Content-Length: 7358
Connection: keep-alive
Last-Modified: Fri, 28 Apr 2023 14:48:01 GMT
ETag: "644bdca1-1cbe"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
pushworld2.xyz/ace-push.js
172.67.221.179200 OK 14 kB URL GET HTTP/2 pushworld2.xyz/ace-push.js
IP 172.67.221.179:443
Requested by https://pay-magnet.com/?gra=d29de6ae&d_password=auto&transaction_id=6474bfee168ada0343558c62&info1=5b30d92db6920d613d3fcbfa&event=salefb_id=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=
Certificate IssuerGoogle Trust Services LLC
Subjectpushworld2.xyz
FingerprintCF:73:F5:9C:B4:65:FA:18:51:C8:C5:16:49:23:81:FB:6C:06:F7:CC
ValidityWed, 24 May 2023 14:35:48 GMT - Tue, 22 Aug 2023 14:35:47 GMT
File type ASCII text, with very long lines (2056), with CRLF line terminators
Hash 62bd231e5e480a9f2112bb654162459b
03ab46ba42add03f2b0bc513a574c1039ebe5f51
8223ce1fe4adee1ad538aff400d2735eac21a87fea16c50ed9d70180a1ddbfd6
GET /ace-push.js HTTP/1.1
Host: pushworld2.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pay-magnet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 15:08:32 GMT
content-type: text/javascript
etag: W/"1d93d4c6f6742a1"
last-modified: Fri, 10 Feb 2023 12:37:28 GMT
cf-cache-status: BYPASS
set-cookie: TiPMix=14.822189103844764; path=/; HttpOnly; Domain=pushworld2.xyz; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=pushworld2.xyz; Max-Age=3600; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPNShlZvsFB60HxmNbumevNCkxPPocodwfWlbbd%2BGM96fMxpjO5mRyiv%2B0oo%2BBzOqbFiB2E1PYcqfW6EX%2FZFVPqStrHNRM4GKV8B2cta9NaMsrFaQyMNA90stGJ4%2F%2FCCZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cefa73b4ee90b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2