| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/11.png | 188.114.97.1 | 200 OK | 4.2 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/11.png IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typePNG image data, 531 x 531, 4-bit colormap, non-interlaced\012- data Hasha37a23b2a0618413adef70fb8204160b 77ea62ed00de2374e9680384a0f0ac2c119c6875 e036e6f8908a87aa0e5189b8096ed0e4faed461b17eb7646c9e48011d2b27b5c
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/11.png HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: image/png
content-length: 4220
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: "640a076c-107c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFELpMeeySYrSojjHU%2BfNTAXjtLAtdonCkDYkjWxsAlNOGWqvh58kcJdJITmLzB8CRNOLxU%2FIwvubk8Bl%2B8RZaySVfUnA2JI7gdW3K2VALO2jNMoDyDehCMsa5UQSah9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd2f1dbf21-WAW
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F | 188.114.97.1 | 200 OK | 90 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typeASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: application/octet-stream
content-length: 89501
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: "640a076c-15d9d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wqnNiPFd3evDScwt7fpbzemU3pTj0ytz1XEqZOuEESXOJSIpbAfs5yjVJZT2E3ix%2BGzPJI5%2F4lzop%2FH0wKpye2YpZengLXHAJRl9oVspooqdevisULlf%2BOaiRUcFLiQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fc02fd1f09bf21-WAW
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/aespinner.png | 188.114.97.1 | 200 OK | 126 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/aespinner.png IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typePNG image data, 567 x 567, 8-bit/color RGBA, non-interlaced\012- data Size126 kB (126108 bytes) Hashe5f969c1532c1f9aac059f8a531db3c7 1b0798cfb4aa87c49deeaff3b2b846a6b687b5d7 c1d88f2a0c42fc191f0d11324143c441fd6bc7dadc004894d03d5f13d01f6482
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/aespinner.png HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: image/png
content-length: 126108
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: "640a076c-1ec9c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=009jo2IMe87xU%2FcIA69%2FqO6MDGKwz3jX%2BDZau9eF1fAUnrWmEM3xXs45igmD2vEiJFIuQTPJAcEbOdcwWeJ925P4zeUbvj9%2FzMqqp3JGfezESCU7FMeoJEvwbXhPF%2BCZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd2f24bf21-WAW
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/spin.png | 188.114.97.1 | 200 OK | 9.4 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/spin.png IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typePNG image data, 136 x 137, 8-bit/color RGBA, non-interlaced\012- data Hash7b5a73affea89f7a61cf02447cd8b28f aac3bbde34f52de14d589c9e1f1eaff0d2c86050 661a42f28393a654900c07858bc59ef1c608420765e93788aa3f58dcd8c84bc1
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/spin.png HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: image/png
content-length: 9424
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: "640a076c-24d0"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bs0IFsr854WRj5RQAbnc%2B2k3F4FZTX6FsjSVVltrWYy%2Fflg60X2cVcjEZDQQ8J8JMmFJ5TdqoTiGDZ77h5urW5ql%2BOCjz86pTqbV1xkLdXFRhQwjEK9fcwV8oYBxG7ls"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd2f32bf21-WAW
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/arprize.png | 188.114.97.1 | 200 OK | 58 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/arprize.png IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typePNG image data, 212 x 186, 8-bit/color RGBA, non-interlaced\012- data Hash5f80643811b2ab458d3f36cc2dac2e66 eeaee9e449dd2964bdc0d65e9193791de6410225 a5d88103e55770fdcc60f24e509d65f4ebf2b85949b0e8f420e63afa60df9562
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/arprize.png HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: image/png
content-length: 58151
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: "640a076c-e327"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8SSfUlOJlOsHROV9yAbfMfOLnsfSTL%2BXQNnznmYbu3wSMxmvIm1LRBp2L6N%2FWpPxq7zofPi6zhptFUOFlkkXCupUINYWLTyxlgh2V1KVSVLjFgzlGiY7GTfc5wVddlV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd4f5ebf21-WAW
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/1.png | 188.114.97.1 | 200 OK | 20 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/1.png IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced\012- data Hash72af383b6e6785cc96323a7fad263c75 aa5b65f777efa7ab5aa38c65c212341f2971da78 a14c6e3749c84f8be26a39f0bc5850d78749909e9026827ef771e135a47042ed
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/1.png HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: image/png
content-length: 20401
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: "640a076c-4fb1"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkAh023ISwkK2l9Pt6D3CSN2z6cuMKWbBDtRwcTb1XBHLF%2B0zE4UTGT2S61L81ncceZ%2BOAH%2Fh%2FcMN4mrs6TnXqaxWzyiECcbqhGCv8PCFl32lZX5NK4UAtEJafH9cMEA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd4f60bf21-WAW
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/2.png | 188.114.97.1 | 200 OK | 20 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/2.png IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced\012- data Hash29e59d546ce5ae8ef7dba842b2a93cb6 ad6fa56bc8b02f5c697f3f9c457e4cefcf3b088e 7282399c604f5d63aa3a3ccb461a7b89964b39fae7d9d6319d711725515c12c3
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/2.png HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: image/png
content-length: 20427
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: "640a076c-4fcb"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A56wEoz5yqic7cNBbJ4bRc3LYQ%2F2rQxBiLRiCl%2FMJvxDWoQ4Ps%2BW2E%2F4NzpkICSUnAXbxgaq5rC1VoOYE3xPt5NiCA%2FEDS9PFASlGEYErbVHA2RP1M%2FNKQhCItcH6Ynm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd4f61bf21-WAW
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/3.png | 188.114.97.1 | 200 OK | 21 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/3.png IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced\012- data Hash3f1d16a48e13d4ec00c13d4822b37c8f 757621298ffb8b44eabae9966db367fd505a9f24 49cf854f9509eff14d9af023bdc0a4d5f6ef8d535ba65fc2a3e6f576935250c1
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/3.png HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: image/png
content-length: 21081
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: "640a076c-5259"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lX9GnUaZU5PeuIBzMY%2FyQBJ3u9cu3H38R0mhElxuq923R3zpE%2BoF1tGYCIKJLbew9bsCeNkJxbReKCTC61FarqC93wTSYO1VjJAy1BNlW8Z0BppxSQMZ2UYQiPDdEmmG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd780ebf21-WAW
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/4.png | 188.114.97.1 | 200 OK | 21 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/4.png IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced\012- data Hash934c63c3e8976cc9027841f7ce2882ac 2ac18b90d4fc9db479b8b81d8794830b3c4cc925 9a7be3a1c85923f27bae697630751463b35225e043a2a2fdb5d40425b23eb2d0
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/4.png HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: image/png
content-length: 20738
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: "640a076c-5102"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpv6LqswaIpHmE%2F%2Bevn4HzEpQ3A6Wt3%2BsDoGmZWCnW0mKULQX8%2FNps86511KG7MDhNpX7eTjF1jgCJKqPlIISbzyBj1U%2FN6p3AvpH1PFNNAutrRGUhGERZDFFGB1%2FPH4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd881abf21-WAW
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/5.png | 188.114.97.1 | 200 OK | 6.0 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/5.png IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced\012- data Hash8b6ae9d5f0edaeb043509b63f0798466 b4173bc837da393ce683d5c0021dd7e541d32947 1fbb172f707cf016e445c0febaa6e10ec9d68f5c10de845eb8b100632664a054
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/5.png HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: image/png
content-length: 5996
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: "640a076c-176c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1PsjUhQSw%2F2hjaIY1uC0Fllvif9aI%2BwAyr7cp%2BNN52LhxRaYuJcsCu833H2WbAqpLhfZVhbew084QRaAvBFKcrf%2F1iytqxNkHIH6F36XHncZS1cWh7%2FoUnRt%2FS1LuEP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd881cbf21-WAW
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/6.png | 188.114.97.1 | 200 OK | 7.7 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/6.png IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced\012- data Hashd0c785a1000318f01a3004ba52bb6bed fc2b30f76884e8a493353d53ca608da556479349 eb2ee47bfa12e0b29d440f20470f10e4eae63ade8cabbfbe1bed8b3b27adc67b
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/6.png HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: image/png
content-length: 7713
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: "640a076c-1e21"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWg%2FO0hAVTgDmdLWnQPr%2FWuIvBXztDssddoizXLh%2F5HcDvRGQlc80c%2BBuxcpxBfhqfbg6MsY%2BHOCbzPkRXRSVHKNKsZ2rltVHyc9oj7YbXYEmgrYEvNnOantOXbn2PTG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd8827bf21-WAW
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/7.png | 188.114.97.1 | 200 OK | 8.1 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/7.png IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced\012- data Hash26958d2dfdbb2b9c702128456dfa9b63 c3852725dd934e0df8c21a16a4ca1784ac24cc91 cf36393abf98f448205bb15c4ce13fc73ecce186513f83a15b29dd01a7dfe617
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/7.png HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: image/png
content-length: 8061
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: "640a076c-1f7d"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRPlW%2B9GI%2FmMuqUyNYrO3JGORyk6bVKy7P%2BDntWZgjHirAF%2F1OxWT%2BoHY%2FtsIG3yeG0nkifmJ4AsUSOGUHvPR%2BlZw5MRLkg7RKYTysO8PI81ilfIH7wenjcu%2FBr%2F2X%2Bj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd882bbf21-WAW
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/8.png | 188.114.97.1 | 200 OK | 22 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/8.png IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced\012- data Hash9634b826e90a6e95ed9e94979a94c7d1 5c870a8212826fdde281a72c17f36bdec5ebe18d 324942873b96e25417a34702624cbf95d3642add9a38b42a1d88c5498e3888db
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/8.png HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: image/png
content-length: 21765
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: "640a076c-5505"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCpXvOSVuYChtgG7vcX0%2BpamdeegIYJBujCvbCJmx4SGshSG0A93tWy9qGbec1NgW0iaOZLMsgFROxxus9fPwh2AEsVh%2B%2BuA9nkR0rQeN%2B8wUjhNFgxcO8b3U9qnlqeT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd882dbf21-WAW
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/translate_24dp.png | 188.114.97.1 | 200 OK | 846 B |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/translate_24dp.png IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typePNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Hashe9cd262114358f26b7608b56905185dc 6dbde0a96deaab2b529723ce26c62043cf9180ab 5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/translate_24dp.png HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: image/png
content-length: 846
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: "640a076c-34e"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpJPHg74Atn74e%2Foe8Ebl5oo73MKhl1Sj7B8DrWqUi0Rh0zNf58L7eaSpV1Ondb3bESECGXdoiz3rthByunk2Hph6sS63SRQUcB9ZBiNAoLnEJ6%2FHS90BHZFDIJqYizN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd882fbf21-WAW
alt-svc: h3=":443"; ma=86400
|
|
| richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=888249&siteid=332970&niche=33 | 5.200.15.240 | 200 OK | 31 kB |
URL GET HTTP/2richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=888249&siteid=332970&niche=33 IP 5.200.15.240:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectrichinfo.co FingerprintDC:D3:66:CE:54:D0:16:6E:8F:14:83:03:42:F9:BA:DB:D3:17:99:55 ValiditySat, 25 Nov 2023 15:24:58 GMT - Fri, 23 Feb 2024 15:24:57 GMT
File typegzip compressed data, max speed, from Unix\012- data Hash4ec6a7dbfbc076cc30cb5666da8b36ab 8e2fb4f41aca30566f9d0a94428bba569dacd3f3 514abf7f23cb27e0fc137d1d75caa5c7bb27ea6bd8396e40322735e7fb4b2d99
GET /richpartners/push/js/rp-cl-ob.js?pubid=888249&siteid=332970&niche=33 HTTP/1.1
Host: richinfo.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: application/x-javascript
x-amz-id-2: kf/ugtMVh+Sy92pC3hreYpZCx+a6Az4Q1a4Yls8m8YvKuc1TVm8N42jMjUtkw+fWN9fZnNtdIzg=
x-amz-request-id: 9M94BNAX72S75AV6
last-modified: Mon, 27 Nov 2023 12:20:56 GMT
etag: W/"482657d8dc8d45dca5dbd78e2e988097"
x-amz-server-side-encryption: AES256
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| s3.eu-west-2.amazonaws.com/doplay/lp_images_design/prelps_LPCreator/giftbox_game/like.png | 52.95.150.197 | 200 OK | 175 B |
URL GET HTTP/1.1s3.eu-west-2.amazonaws.com/doplay/lp_images_design/prelps_LPCreator/giftbox_game/like.png IP 52.95.150.197:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerAmazon Subject*.s3.eu-west-2.amazonaws.com Fingerprint3B:C5:39:F9:EF:EB:B6:A8:D6:B2:B6:2C:29:6B:D7:D7:4B:3E:74:CB ValidityMon, 06 Nov 2023 00:00:00 GMT - Fri, 25 Oct 2024 23:59:59 GMT
File typePNG image data, 13 x 12, 4-bit colormap, non-interlaced\012- data Hash7f5f867f5a1cc4c7f1bee43696ea4af9 2dfcae77833aa29271c69009dc617688fcfbea0e 2afc36927f6530f2e793065e7e077ddba745cf85dd81eedf5633025ba80924bd
GET /doplay/lp_images_design/prelps_LPCreator/giftbox_game/like.png HTTP/1.1
Host: s3.eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 4S+I1c6eBWmd+1NYhjXK21c9H/iTTvBLBKx9Re3eksPTGbZrRuhvOy/VLwZUiyngahqoxbabOoM=
x-amz-request-id: 5QMBCRQ9Q5MC889E
Date: Sun, 03 Dec 2023 13:03:48 GMT
Last-Modified: Tue, 20 Nov 2018 15:26:43 GMT
ETag: "7f5f867f5a1cc4c7f1bee43696ea4af9"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 175
|
|
| forlumineoner.com/zone?pub=1&zone_id=1990752&is_mobile=false&domain=sellgamert.ru&var=test23%7C%7C1990751&ymid=&var_3=&tg=0&sw=3.1.471 | 139.45.197.229 | 200 OK | 863 B |
URL GET HTTP/2forlumineoner.com/zone?pub=1&zone_id=1990752&is_mobile=false&domain=sellgamert.ru&var=test23%7C%7C1990751&ymid=&var_3=&tg=0&sw=3.1.471 IP 139.45.197.229:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectforlumineoner.com FingerprintB4:2A:85:D9:5F:38:AA:04:E4:0F:CB:0E:83:E6:31:DC:DF:1A:DA:7D ValidityFri, 10 Nov 2023 09:09:22 GMT - Thu, 08 Feb 2024 09:09:21 GMT
File typeJSON data\012- , ASCII text, with very long lines (862) Hash91cccfe59beccf88368cd451132e9766 6e560a28f887b16e7a7983702374c488204d2294 1efc6f29ff51deddb7c4ac8f9c696e350362e00d4aa254bc60868f2ecb0b7c77
GET /zone?pub=1&zone_id=1990752&is_mobile=false&domain=sellgamert.ru&var=test23%7C%7C1990751&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sellgamert.ru/
Origin: https://sellgamert.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 13:03:47 GMT
content-type: application/json; charset=utf-8
content-length: 863
x-trace-id: 5abe45e5abb20b34c0478af48fb0f5cd
access-control-allow-origin: https://sellgamert.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| forlumineoner.com/custom | 139.45.197.229 | 200 OK | 0 B |
IP 139.45.197.229:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectforlumineoner.com FingerprintB4:2A:85:D9:5F:38:AA:04:E4:0F:CB:0E:83:E6:31:DC:DF:1A:DA:7D ValidityFri, 10 Nov 2023 09:09:22 GMT - Thu, 08 Feb 2024 09:09:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sellgamert.ru/
Origin: https://sellgamert.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 13:03:47 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://sellgamert.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| forlumineoner.com/custom | 139.45.197.229 | 200 OK | 0 B |
IP 139.45.197.229:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectforlumineoner.com FingerprintB4:2A:85:D9:5F:38:AA:04:E4:0F:CB:0E:83:E6:31:DC:DF:1A:DA:7D ValidityFri, 10 Nov 2023 09:09:22 GMT - Thu, 08 Feb 2024 09:09:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sellgamert.ru/
Origin: https://sellgamert.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 13:03:47 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://sellgamert.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| forlumineoner.com/custom | 139.45.197.229 | 200 OK | 39 B |
IP 139.45.197.229:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectforlumineoner.com FingerprintB4:2A:85:D9:5F:38:AA:04:E4:0F:CB:0E:83:E6:31:DC:DF:1A:DA:7D ValidityFri, 10 Nov 2023 09:09:22 GMT - Thu, 08 Feb 2024 09:09:21 GMT
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sellgamert.ru/
Content-Type: application/json
Content-Length: 661
Origin: https://sellgamert.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 13:03:47 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6bfc291e6635ce64f4b76e8029a30cc2
access-control-allow-origin: https://sellgamert.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| forlumineoner.com/custom | 139.45.197.229 | 200 OK | 39 B |
IP 139.45.197.229:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectforlumineoner.com FingerprintB4:2A:85:D9:5F:38:AA:04:E4:0F:CB:0E:83:E6:31:DC:DF:1A:DA:7D ValidityFri, 10 Nov 2023 09:09:22 GMT - Thu, 08 Feb 2024 09:09:21 GMT
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sellgamert.ru/
Content-Type: application/json
Content-Length: 670
Origin: https://sellgamert.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 13:03:47 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 73b2acd3a097032be26d07fda2a245fd
access-control-allow-origin: https://sellgamert.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| forlumineoner.com/pfe/current/universal.min.js?v=3.1.471 | 139.45.197.229 | 200 OK | 34 kB |
URL GET HTTP/2forlumineoner.com/pfe/current/universal.min.js?v=3.1.471 IP 139.45.197.229:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectforlumineoner.com FingerprintB4:2A:85:D9:5F:38:AA:04:E4:0F:CB:0E:83:E6:31:DC:DF:1A:DA:7D ValidityFri, 10 Nov 2023 09:09:22 GMT - Thu, 08 Feb 2024 09:09:21 GMT
File typegzip compressed data, max speed, from Unix\012- data Hashd632dda1018cc96bccf1205a9b8f43ea 5cfde185efddbc6b882b2d1da831e695282fbef1 c5b98cb44125adf8a34a98559d4aeb891d7a578d5a97b2dad22e3092ce6c9614
GET /pfe/current/universal.min.js?v=3.1.471 HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sellgamert.ru/
Origin: https://sellgamert.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 13:03:47 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 20:18:05 GMT
etag: W/"65664afd-1572c"
access-control-allow-origin: https://sellgamert.ru
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP 139.45.197.250:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectamunfezanttor.com Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51 ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sellgamert.ru/
Origin: https://sellgamert.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 13:03:47 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://sellgamert.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP 139.45.197.250:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectamunfezanttor.com Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51 ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT
File typeJSON data\012- , ASCII text Hash2aea28b755d26a004946550aff4e41d6 bdf9c724248a82ce91110270e644c6e8a693a6a5 1b0f6a1b40ac261698f5803a0a95758a45a6edd5602494938032ad7926d204ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sellgamert.ru/
Content-Type: application/json
Content-Length: 764
Origin: https://sellgamert.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 13:03:47 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://sellgamert.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/style_1.css | 188.114.97.1 | 200 OK | 1 B |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/style_1.css IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typevery short file (no magic) Hasheccbc87e4b5ce2fe28308fd9f2a7baf3 77de68daecd823babbb58edb1c8e14d7106e83bb 4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/style_1.css HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 03 Dec 2023 13:03:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqimZkpgbQGtV4gIAD%2BmT0k7i77Ic75k%2FV2LxtXkBEjARWNmB%2F888ioqXhZ41OSRQf6PVyR2YGCmBKrFDeRJCrIlSfPnuNsR6mz6UK8FGX%2BdgzLON%2F30DMxwLV%2Bdn0iA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd2f12bf21-WAW
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.35 | 200 OK | 1.8 kB |
URL GET HTTP/2www.gstatic.com/images/branding/product/2x/translate_24dp.png IP 142.250.74.35:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:20:13 GMT
expires: Fri, 29 Nov 2024 05:20:13 GMT
cache-control: public, max-age=31536000
age: 287015
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| forlumineoner.com/custom | 139.45.197.229 | 200 OK | 39 B |
IP 139.45.197.229:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectforlumineoner.com FingerprintB4:2A:85:D9:5F:38:AA:04:E4:0F:CB:0E:83:E6:31:DC:DF:1A:DA:7D ValidityFri, 10 Nov 2023 09:09:22 GMT - Thu, 08 Feb 2024 09:09:21 GMT
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sellgamert.ru/
Content-Type: application/json
Content-Length: 1021
Origin: https://sellgamert.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 13:03:48 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: da5a77e0370008baf561fa754dc5e6ab
access-control-allow-origin: https://sellgamert.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,cyrillic-ext | 142.250.74.106 | 200 OK | 6.4 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,cyrillic-ext IP 142.250.74.106:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File typeASCII text, with very long lines (6530), with no line terminators Hash9b55b51caebe742936e81a05c87129d6 9c09adf793b625f14d06e44c538cc800912fc6c1 195246f7de49c3922daaf4ff0d5959e0e9e575ed28772bb497327465830f2ad0
GET /css?family=Roboto:400,300,700&subset=latin,cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 03 Dec 2023 13:03:47 GMT
date: Sun, 03 Dec 2023 13:03:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/sweetalert.css | 188.114.97.1 | 200 OK | 21 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/sweetalert.css IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
Hash2c192b2dd454462bc2b603c4ca2acff8 6d9682def497402ff0aac4f4bd996023cd8c08e5 428853c65b817995a479a49ab30c7ab7b6c15e689bcd2041d3632b4213e48f72
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/sweetalert.css HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: text/css
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: W/"640a076c-5065"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvxX2qIILm50ajr%2BfXp4TSD7NfKrRh%2F7HylT02Z%2Be5NSeu7Zx%2BsKA5%2FEtxrK9cMbnD4dCSgLamjNvyBmrte2m9YYTOu8SFbpp%2Bw36CpjF3cNzvN3eLqrKP6DNs4xCf%2BH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd1f0ebf21-WAW
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kqtv6izko.com/pn21ywqw/z/sc/scssx/1990751/lib.js?var=test23 | 212.117.190.201 | 200 OK | 28 kB |
URL GET HTTP/2kqtv6izko.com/pn21ywqw/z/sc/scssx/1990751/lib.js?var=test23 IP 212.117.190.201:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerBuypass AS-983163327 Subject Fingerprint5F:D2:DF:FC:AA:80:4A:51:A4:54:38:2D:48:A8:87:39:1C:53:B9:B0 ValiditySat, 28 Oct 2023 13:22:52 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File typeASCII text, with very long lines (26737) Hash38558c0c9379eaf77b5b3e376764d69f b4e7a6dd4770e0b8ec31faad8781673d0d2876c1 ae360e86caa17eb0567371a5a7f958defb61b1fc7ceff7f12f3c75fa5eeda78c
GET /pn21ywqw/z/sc/scssx/1990751/lib.js?var=test23 HTTP/1.1
Host: kqtv6izko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: script
set-cookie: CHCK=1; Path=/; Expires=Sun, 05 Jan 2025 13:03:47 GMT; Secure; SameSite=None
UID=23120308037740e1a354b043a8a14313c757; Path=/; Expires=Sun, 05 Jan 2025 13:03:47 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/order_me.min.css | 188.114.97.1 | 200 OK | 4.4 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/order_me.min.css IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typeASCII text, with very long lines (4419), with no line terminators Hash43b962de056d73c87b8088806c1651f9 8060857b86143778364bcb89beb10b2769c695ff aa2015a3ae6875552a351d2502d3705afd447cd7fe2842038e8a8bb97e77e1a7
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/order_me.min.css HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: text/css
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: W/"640a076c-1141"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtUKyWyzraLL%2BrEnvi9kBN3jnaCV7XINBgDOrL2SbWCmCiz2qRdkPgIpT9I7hPHmlWvQxpQKmlO09zOZ4vb%2BiScSleyaZ4nmF7kTG4maIiGTJr%2F6IjSpFLeJaNPeBRsz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd1f0dbf21-WAW
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=888249&sid=332970&dm=sellgamert.ru&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st | 31.204.132.208 | 200 OK | 0 B |
URL GET HTTP/2rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=888249&sid=332970&dm=sellgamert.ru&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st IP 31.204.132.208:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectrtb.pushdom.co Fingerprint24:5E:C5:CD:AF:AA:7D:3F:BA:DD:C0:63:32:DB:F1:38:20:5F:70:88 ValidityWed, 04 Oct 2023 13:08:31 GMT - Tue, 02 Jan 2024 13:08:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pb/st?sctp=content-locker&m=ht&pid=888249&sid=332970&dm=sellgamert.ru&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st HTTP/1.1
Host: rtb.pushdom.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Sun, 03 Dec 2023 13:03:47 GMT
content-type: text/html;charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2
|
|
| sellgamert.ru/favicon.ico | 188.114.97.1 | 200 OK | 5.6 kB |
URL GET HTTP/3sellgamert.ru/favicon.ico IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typeMS Windows icon resource - 1 icon, 39x34, 32 bits/pixel\012- data Hashdb884d3fed3f81d59e95e27707047c53 fd991a514b1284506bbbd229f4b067c3c7cc3ceb aab68489204839b0f8e37065417c542695e914b959927d0e3afd0d325e3787bc
GET /favicon.ico HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:48 GMT
content-type: image/x-icon
last-modified: Thu, 30 Aug 2018 21:25:42 GMT
etag: W/"5b8860d6-1606"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXxFHIUmWH5haA%2BfEks5aIgaE7OFOJY3GjtmiZFnQd%2FDe%2FLXDYJzBZzN1CLlT88QJq7P%2BvaCnTUHCZOMr4308W4tJ0cZC%2F8qqtwEMIxke%2FLgrKfnOYF50zCjxsE5kfBQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc03058ec1bf21-WAW
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/translateelement.css | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/3sellgamert.ru/landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/translateelement.css IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
File typeASCII text, with very long lines (18670) Hashda1ba9d9082da8ca5ed15d88b2e91fd8 c6f0b19f70b5e81eaba5e2d55c51602289053105 d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
GET /landers/forex_app_v5new_kh/v5/v5new/Congratulations!_files/translateelement.css HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: text/css
last-modified: Thu, 09 Mar 2023 16:21:00 GMT
etag: W/"640a076c-4924"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2Bg2CFCJut%2FmaBovdLViZw1pcFEbacg2LvMOn6QJilTMNW40pMOpwUslwwdzeRY6K8oDfOukF9y8%2F71OeKQx3%2BVxvClbG9hadBBBM%2BdTtxLtyPm4khMBZTfTEFGcA2Co"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02fd1f05bf21-WAW
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} | 188.114.97.1 | 200 OK | 90 kB |
URL User Request GET HTTP/2sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} IP 188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 13:03:46 GMT
content-type: text/html; charset=utf-8
set-cookie: uclick=16k2e2qnbl; expires=Mon, 04-Dec-2023 13:03:46 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba; expires=Mon, 04-Dec-2023 13:03:46 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eBGYFN%2FDgET4Q8oimr6aZ75RLwFx444G3tZjVTY0g0TGYGNhqWsiCJkyfJvJfZEZlDyFm5RPHNbCLPDbJaKeT19gVRvZcctyj5Bei6EEJeGAl86DSkdH%2BwuYXSAYQLh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fc02f8adadfbd6-WAW
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sellgamert.ru/landers/lpz/lpfiles/cassandra/Binomo/NewVariation/vvloq33mfjb.jpg | 188.114.97.1 | 200 OK | 0 B |
URL GET HTTP/3sellgamert.ru/landers/lpz/lpfiles/cassandra/Binomo/NewVariation/vvloq33mfjb.jpg IP 188.114.97.1:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerGoogle Trust Services LLC Subjectsellgamert.ru Fingerprint0E:08:13:ED:80:45:C6:45:9C:01:5F:41:DC:77:F8:AA:F3:CF:4B:37 ValiditySat, 04 Nov 2023 15:46:08 GMT - Fri, 02 Feb 2024 15:46:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /landers/lpz/lpfiles/cassandra/Binomo/NewVariation/vvloq33mfjb.jpg HTTP/1.1
Host: sellgamert.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity}
Cookie: uclick=16k2e2qnbl; uclickhash=16k2e2qnbl-16k2e2qnbl-gxscfe-0-gxg66o-e29zi4-e29z0-a98fba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 13:03:47 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 03 Dec 2023 13:03:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yF6FMwWwHX4%2B8Vbdvuk2k6uDD%2FN%2FREaGvesHWS%2Bb79%2FfsfqTO30CUAci0PNVzN06SzxxK2iR0sd1ylk0Y%2FHcYcgbCCuwLxW35ECdksE%2BZu4%2BN2lwKghk9CK7hIR2C330"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fc02ff1c24bf21-WAW
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1990752&var=test23||1990751 | 139.45.197.229 | 200 OK | 13 kB |
URL GET HTTP/2forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1990752&var=test23||1990751 IP 139.45.197.229:443
Requested byhttps://sellgamert.ru/click.php?key=dpthv9s4pkgg65akjm77&visitor_id=${SUBID}&cost={cost}&zoneid={zoneid}&campaignid={campaignid}&country={country}&bannerid={bannerid}&zone_type={zone_type}&osversion={osversion}&browser={browser}&creative=creo&device={device}&user_activity={user_activity} CertificateIssuerLet's Encrypt Subjectforlumineoner.com FingerprintB4:2A:85:D9:5F:38:AA:04:E4:0F:CB:0E:83:E6:31:DC:DF:1A:DA:7D ValidityFri, 10 Nov 2023 09:09:22 GMT - Thu, 08 Feb 2024 09:09:21 GMT
File typeC source, ASCII text, with very long lines (13300), with no line terminators Hash258578af3c107ccb907f73c3a2f4c25f 7a192edea829968fb7f57f2a2fc4cb5b612598be 1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75
GET /pfe/current/tag.min.js?pub=1&z=1990752&var=test23||1990751 HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sellgamert.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 13:03:47 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 20:18:05 GMT
etag: W/"65664afd-33f4"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|