| my.rtmark.net/gid.js?userId=5i1r58tbywle7w5ovbr61nu763jcm867 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=5i1r58tbywle7w5ovbr61nu763jcm867 IP139.45.195.8:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hasha56a3faef7087e42ca2db61606121f15 9a9cc7b51337eeaaac55363b18e27bf51856d9ae f33d23c9f8d20a7afdc45fe3db26b313cac0f9c961bcfc914b08578153e52fdd
GET /gid.js?userId=5i1r58tbywle7w5ovbr61nu763jcm867 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://lifteque.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5i1r58tbywle7w5ovbr61nu763jcm867; expires=Sat, 03 May 2025 22:12:48 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/img/betting/sport-betting/boxring.webp | 188.114.97.1 | 200 OK | 15 kB |
URL GET HTTP/3lifteque.top/img/betting/sport-betting/boxring.webp IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 594x396, Scaling: [none]x[none], YUV color, decoders should clamp Hash0e255e2d6a693f6e9a839b87a2308dbb de83ed899c718b915263078d26a6e36038c279b9 d3ad332009f256aad9f3e57c4bd627b9a95568755d87602f3a25a09767e36076
GET /img/betting/sport-betting/boxring.webp HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lifteque.top/css/betting-survey.e1fedc09.css
Cookie: OAID=5i1r58tbywle7w5ovbr61nu763jcm867; syncedCookie=true; oaidts=1714774368; ID=5i1r58tbywle7w5ovbr61nu763jcm867
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: image/webp
content-length: 15354
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-3bfa"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJeVcEiG3I5UQACof%2BrsBpFDCNf3GJZZNhzmY1QY2NeCkE9YTDX0YsXVRjJWfPpH8adHkolFFSzHbF%2Fa1QvPtVb06CI1f%2BnWf1f3Ws%2FNAHliF%2FoCMG9mMNZ6mnvyOm8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39839cf3bb503-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/img/betting/sport-betting/ball.webp | 188.114.97.1 | 200 OK | 2.9 kB |
URL GET HTTP/3lifteque.top/img/betting/sport-betting/ball.webp IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeRIFF (little-endian) data, Web/P image Hash825112e52d4395f2fea6284419244dfd 319282ad0d2a1da4c6cacd67784c7ddc897b33ec 97e541db3f4df8ef84da4e7269993281662249d4f0b5f01010801c5d73dddb23
GET /img/betting/sport-betting/ball.webp HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lifteque.top/css/betting-survey.e1fedc09.css
Cookie: OAID=5i1r58tbywle7w5ovbr61nu763jcm867; syncedCookie=true; oaidts=1714774368; ID=5i1r58tbywle7w5ovbr61nu763jcm867
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: image/webp
content-length: 2850
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-b22"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ezvpFaPt%2BFXi7L0RIpcgspCI1r1RIlLeMkxgXHEYMvDNci5pgF3AEwxdGc0s4URh1eyu9F61KJYcl3NDYaWR5SvMM2b2rMxTHQ9tGTVatXaRBcdRgjCVkys7AFUN0PE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39839cf3cb503-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/img/betting/sport-betting/betting1.webp | 188.114.97.1 | 200 OK | 2.3 kB |
URL GET HTTP/3lifteque.top/img/betting/sport-betting/betting1.webp IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 140x140, Scaling: [none]x[none], YUV color, decoders should clamp Hashcd54542028a12acdd77d280eb13feb3e 0bbaa5c4160b215bc37b9987ec95d9b5bffd5d34 61ef8ac2711f65c63e419159da12b2fd640138153ac2503ab5f7680619a1f490
GET /img/betting/sport-betting/betting1.webp HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=5i1r58tbywle7w5ovbr61nu763jcm867; syncedCookie=true; oaidts=1714774368; ID=5i1r58tbywle7w5ovbr61nu763jcm867
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: image/webp
content-length: 2276
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-8e4"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QUZ1P264xu5RG8jRLUuFVxvgqGeDI6w3brKEiRBwtTjP%2Faw%2F1G7m64LCOLjReQFBluCU9Gg07Wy4XmB9j4rJdinDOWJ4UbJPdCGzH%2B%2BQcWOTvfZ3zc7QXOr6Dtmvrr8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39839ef4eb503-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-constants.js.49317f47.js | 188.114.97.1 | 200 OK | 859 B |
URL GET HTTP/3lifteque.top/js/v-constants.js.49317f47.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (600), with no line terminators Hash973e735a355fd5b10428c250e8fd7236 bd3fb14c90e2700400c69b15a84e317d52493bd9 16f1d5ca604ad59b9e5b484b1a0cf2d43eebda055ecee80ac847fbcc4437f0b2
GET /js/v-constants.js.49317f47.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-258"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P1HHqOIkOy%2Bn2dVIcUYfzsyyW9dGf8xm%2By8c%2BmCNm6%2Brw7YtDWpnD0a05lNImFVHAh00lizDFehbjP%2FQu1SlZqgGctUym8NbCzReofHuDO0RxrBCIGaUkFFkbiU%2BeOs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398386db5b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/pfe/current/micro.tag.min.js?z=6163304&sw=/sw/sw6163304.js&var=4534663&var_3=null&var_4=null&ymid=4&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3lifteque.top/pfe/current/micro.tag.min.js?z=6163304&sw=/sw/sw6163304.js&var=4534663&var_3=null&var_4=null&ymid=4&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (27174), with no line terminators Hash75c26ccd65e96e912725399ff3ce66e9 d300939979d2048844dc5ac80c51ed8121126f4e c9db5c92934b273ad485c58710d6fbc2d580c2923a99bb456b18cb5e1465f5cf
GET /pfe/current/micro.tag.min.js?z=6163304&sw=/sw/sw6163304.js&var=4534663&var_3=null&var_4=null&ymid=4&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-6a26"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SGAeT0M5tEKWUr9Hh6KRhoBCFKCglxbr2kLBkGkkSs9MdfllrxMhu465MaY%2Bo0hFgz3fKSyjoWWFVN23yG3VAqhFB%2FgrEz26OXCzihmqaEOT9t9Q3RcfgrMspV0GMoY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398385d9eb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-node.js.28d8082c.js | 188.114.97.1 | 200 OK | 2.2 kB |
URL GET HTTP/3lifteque.top/js/v-node.js.28d8082c.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (6251), with no line terminators Hashf61d0e9af048cd71962dcb945f405c63 aefdc99a8057ced201da8aba0640905dd05375d8 1d383bb00e9e3a4d2f58354b41bc0ffc60516bcdcf4486516b8638236b0aeb9d
GET /js/v-node.js.28d8082c.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7650-186b"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pkWFYziGQ22Qh6oqLzvwoHArAnFqpx54Bc4BgSqcTuGOxz%2B1lNIYeei3AljlJP0NpBGixXGIIINJwl3Vw4FGv42wOJizg%2B5d6JX4uE1Nwz4RxWHQBKWorOx2rVe30hw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398386da8b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-domparser.js.97173b2e.js | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3lifteque.top/js/v-domparser.js.97173b2e.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (1720), with no line terminators Hash52ca18eed5d7b4a88f79e075608522fb 8332ab1afc8d9c23d127cbc785fb41af81563732 ce352016d1e917abce6b5552ae2fdc941a8998300566b138d04383ae461f0a9d
GET /js/v-domparser.js.97173b2e.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7650-6b8"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B86QfwZO4QnCyjp3KkBannyKX3BWf986JNxYABkw9AqDd33UD8W2bthl80Rji%2BsJA9RMgBnK%2Br%2FvwqjB7Nma9jodR04NdTKswZLZXYKJ39ukRcLXj9crUekjmjdPhDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398386dabb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-utilities.js.d1112fc4.js | 188.114.97.1 | 200 OK | 1.8 kB |
URL GET HTTP/3lifteque.top/js/v-utilities.js.d1112fc4.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (2577), with no line terminators Hash18cb151303391373ec2138ce7f10bd7f c3d6fdc026a675d23ac14beebd3a46e3e72e9dc4 93cc28fc75a9cbc865ed918e1a8d139ecf52c3a7d9a2caef63ed7092f69ee142
GET /js/v-utilities.js.d1112fc4.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7652-a11"
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eD86XOcRSIgqd1vQ%2BN8HcvbUdHHy%2FKcQ6dRUVV%2FAW8HAwJJ1Izl0wmQ8ouhTJ%2B64Lg%2B0%2BpV72Eec%2BcouoD5HSBf%2FwOosHdndOtbqiZItLGhR2aGthc%2FemCk2V34pXvQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398386daab503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/config/sd/sd-2058-en.js?v=10 | 188.114.97.1 | 200 OK | 1.4 kB |
URL GET HTTP/3lifteque.top/js/config/sd/sd-2058-en.js?v=10 IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (5303), with no line terminators Hash8ded63297a4b1d80303f3b5786b11b88 496f1b5e9e02c6fad4a7c6a74e5f8c7c7b0c2f7e 09ec15954c9b83a06e3509cc8a2d0f0c5ee387a61d3b4ebc400606ee1dbe30c8
GET /js/config/sd/sd-2058-en.js?v=10 HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:47 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7650-14b7"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CwlC2bnNwBQjRWGC9W%2BwT4TaKGla8mteiXJd7mtwNgmiE97FkAkwV551kZHOw6mxs3dIMtypWBQEK1KcFajKvcYDaGlz1EPkbeLVNKqF3K8gqhKmBYoPfT6e3D6TLjM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39837ad02b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 22:12:48 GMT
content-length: 0
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 22:12:48 GMT
content-length: 0
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/js/SurveyContainer.e2959212.js | 188.114.97.1 | 200 OK | 15 kB |
URL GET HTTP/3lifteque.top/js/SurveyContainer.e2959212.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (57082), with no line terminators Hash0df7a0f05192a1af311ce45d48639a89 df29dce5914578a52af5f516ccd18d289d808951 4cde10689c1ef6c2f58585483fae6d656ccfa1d16cc282dcfbe6cb89700ae2dc
GET /js/SurveyContainer.e2959212.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=57085
etag: W/"662b7651-defd"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OXz6ravJ42Nf1U4Quww0xLx7iXG6S8tVLj9M5xIZS%2BUl4iCFuYJ7MQhYbbPWqSVJ8xO0AO%2FVefgJ68ZJDxGFpa2%2B0tQmtjYcWxpBCrnUBOV9MQ2ZWBwHOt2G5C538Xw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398386db6b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 179 B |
IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashe038f5feccc9daf849b54fcb2e2be299 d45b65b1beb71aed233f69c15151c62a45ab7470 aa70ac485ebebd44bb4024121629e67b66ff1176ed2cfb9f4a7d4ed174e0506d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 157
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/json; charset=utf-8
content-length: 179
x-trace-id: 039336538d09ae10d9fe0153ad781f6e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 810
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: af3dcdcabc791b0cbd79427c2ed875fa
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2511
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 6c7aae6650a968767dc9b323753a2408
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 729
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 2136b96f7926d5da7a38b0358f5d65ca
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/js/v-dom-to-react.js.26fdf751.js | 188.114.97.1 | 200 OK | 840 B |
URL GET HTTP/3lifteque.top/js/v-dom-to-react.js.26fdf751.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (1085), with no line terminators Hashb9187a6f31bd6c7c0cfe0bcb37ecf60a 1150c33a65703059e43c0d85b1680aa04d4d60e6 a5f216a4ea67c8f005b6cededba525ee330a2d4f8caedc8232f44e4e163e5ebd
GET /js/v-dom-to-react.js.26fdf751.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7650-43d"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8hFC4xgjGf82EILkzhujgS9G4bf1u5BKWbo7M5uDtRQmfEjpLyCnOJ3rjSSKd3ihFRelTL8V1E%2BUH0EJymT0u1JsqXmTK2YuwfB4i%2B0vLiffdGwq%2FtRNyoQT9QbWxdM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398386db2b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofklefkian.com/zone?&pub=0&zone_id=6163304&is_mobile=false&domain=lifteque.top&var=4534663&ymid=4&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2ofklefkian.com/zone?&pub=0&zone_id=6163304&is_mobile=false&domain=lifteque.top&var=4534663&ymid=4&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest IP139.45.197.251:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectofklefkian.com Fingerprint04:A9:FE:8D:C9:B9:EE:6F:3A:C4:29:EA:19:AD:C3:1D:7D:3E:14:02 ValiditySun, 14 Apr 2024 05:38:05 GMT - Sat, 13 Jul 2024 05:38:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6163304&is_mobile=false&domain=lifteque.top&var=4534663&ymid=4&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest HTTP/1.1
Host: ofklefkian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 22:12:48 GMT
content-length: 0
x-trace-id: 02c3c4ddb2de4674f0162db9544a9f22
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| lifteque.top/favicon.ico | 188.114.97.1 | 200 OK | 702 B |
IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash668ba1a9fa1890ba16cb8adc28d3dad8 5e35223b2541265114eaf61b9da2556c812fea17 7746cf1b553433822522f2dc432f55fe64eee1f1cf823ef6adfde02e58e1d7e2
GET /favicon.ico HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=5i1r58tbywle7w5ovbr61nu763jcm867; syncedCookie=true; oaidts=1714774368; ID=5i1r58tbywle7w5ovbr61nu763jcm867
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: image/x-icon
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-47e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cZLaY5ohTtX3ACHo2me2P126zhpnJ6uvScXDg2ssDNSgDjVSfJb8%2F%2FxddF8zvBUM80MDjYwpoWPindP7lm44jkJ8PSwObZ5HODBP1rlsD9%2F4i9wvR8KDAKSNaCk4Uz4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3983ddb19b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/config/dict/cookie-consent-1.json?v=10 | 188.114.97.1 | 200 OK | 9.1 kB |
URL GET HTTP/3lifteque.top/js/config/dict/cookie-consent-1.json?v=10 IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
Hash4f1c632e971c4261f927ed0cf67bfdee 18c72b10719ca98b61b1f1f84e4b01f0ed8b3763 2bfa8e9b4326caea44f0d0c0345a31f34f19d47ae2e60fbc7c557df9ceffdca6
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/json
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-1a65"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9gXji8ScQiVW9TLrMbCUp1jUppwcBqoszeqBv24PZ%2BnXPx%2FReQDrk6rdlfnoTw%2FBng013oY%2F5grOaZ%2Bc%2BmCqsWTkh%2FUhDCGPfEA8loRjQCiwOM7wNx41Orld60uZgyA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39837cd1ab503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/s-checkLocalStorageAvailable.ts.f2fef93d.js | 188.114.97.1 | 200 OK | 5.7 kB |
URL GET HTTP/3lifteque.top/js/s-checkLocalStorageAvailable.ts.f2fef93d.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (330), with no line terminators Hashf23ca32d86f4a0e4179319172a667c74 a68d98bd989ff8804424b8b38f2104f5b562e4b4 0d92eabc50682ed456954a64fdfad12a54b3da489957e9e70479724f5503752f
GET /js/s-checkLocalStorageAvailable.ts.f2fef93d.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:47 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-14a"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qt0q9qfybfT6YEap1uWQrDh6GSIIRpTeiJpaJ1%2FrHsej5C7SHkAoHJOePR31MpJPrCFX%2FXD20IjE2uyz7Yw1rmQtA7SnU%2BSwhGPhlydop8W0zeywDR7XmxpL3Ecok7I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39835db9ab503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 IP139.45.195.8:0
CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Cookie: ID=5i1r58tbywle7w5ovbr61nu763jcm867
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 22:13:10 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5i1r58tbywle7w5ovbr61nu763jcm867; expires=Sat, 03 May 2025 22:13:10 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/js/v-attributes-to-props.js.a2e7cd04.js | 188.114.97.1 | 200 OK | 702 B |
URL GET HTTP/3lifteque.top/js/v-attributes-to-props.js.a2e7cd04.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (718), with no line terminators Hash4f868b7a0330d32e1450766a54886355 4b5952301185e7b02e2cdcba80f4aea3de700c47 2435c4b396d0b35fca9f618a201479cdcd64e84d43a386eec071a4082d7a781f
GET /js/v-attributes-to-props.js.a2e7cd04.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-2be"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JYNbgLSCcrRMUyNs8ulLB4rHqUIjdjaqOjQQ6ldcHs0WvY7funkOwTPnSeeElfymLSq9zb21yaZLqEHq%2FEZ4dbl5YB8xaU2uwHfIpgfzyMaTbw4gnXUj%2FZHE2%2FhA5h8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398386db3b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/src_js_components_Footer_Footer_tsx.412b820b.js | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3lifteque.top/js/src_js_components_Footer_Footer_tsx.412b820b.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators Hash5127f6cbde5f1ef64abffedd42cc5f3a 22b88da4ed5ee1a1040cf551c63a2ab822dc227a 00c01c9a9cf0c66ac7e1b9faf1a3679085c27101d8cec28a4b1b162e845d7f26
GET /js/src_js_components_Footer_Footer_tsx.412b820b.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-48d"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YWFaOS7KFr4vULCNT9yW7s3jEEuXLN%2BwK14SVJN%2B3%2BSBCGuKknMVkn2DuE2CKz3ePyo8DcwAs%2F64ixprUHYjvypFEmYSGZZXaa%2BiM%2Bxok7GXQUWlFp5eAppJlkcb0Po%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398386db9b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| offpichuan.com/track?offer_id=2058&z=4534663&request_var=4&variable2=ciremkkbhsl&oaid=5i1r58tbywle7w5ovbr61nu763jcm867 | 139.45.197.237 | 200 OK | 182 B |
URL GET HTTP/2offpichuan.com/track?offer_id=2058&z=4534663&request_var=4&variable2=ciremkkbhsl&oaid=5i1r58tbywle7w5ovbr61nu763jcm867 IP139.45.197.237:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectoffpichuan.com Fingerprint8B:DE:51:B7:81:9E:EA:DE:73:A4:3D:67:F9:5E:6F:7B:F4:D6:77:5A ValidityMon, 15 Apr 2024 21:54:27 GMT - Sun, 14 Jul 2024 21:54:26 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashe6246b04b7d99b675f7086e756e1f242 9f3b5f5cb9b34830dc20448a0acc83bcce5d2727 5ecadcf1c19edd16643f48e47f530b024c97a5653f98a47e14c61d5270dd7881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?offer_id=2058&z=4534663&request_var=4&variable2=ciremkkbhsl&oaid=5i1r58tbywle7w5ovbr61nu763jcm867 HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/json
content-length: 182
x-trace-id: 29d0f67753f11776c143fbf01170e301
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/js/v-index.js.da9f7529.js | 188.114.97.1 | 200 OK | 41 kB |
URL GET HTTP/3lifteque.top/js/v-index.js.da9f7529.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (40985), with no line terminators Hash47a5b821c80a532b5e989cf87d451283 c0f9e87128e1d7d634649fb3c7b6c08f714e79bc 2526538666fe9c7811b9afaf71794b4f8cb4f0751f62872e1a0d8c3a6c131f07
GET /js/v-index.js.da9f7529.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:47 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=40988
etag: W/"662b7651-a01c"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rq9NjEB%2FSwZwZcetT31c6Jz3o0OC%2Fh0YKA0YIUmLmNQ%2FHw9kFnF1bVWjQNRHMsdkpmK3XEUHwt%2FSsmxpApqMngV4nX%2B1SxYsWUx7fUmgJWRgqIhtJmpDGBrXvwyve%2B4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39835db8db503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-html-to-dom.js.ff1ae7e0.js | 188.114.97.1 | 200 OK | 364 B |
URL GET HTTP/3lifteque.top/js/v-html-to-dom.js.ff1ae7e0.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (373), with no line terminators Hash57f543d4f79657dc92755e2f2031da65 4884f924743049d7812b58958633a40f65e159b5 0fcc39a4a2b765b1ed92a6093fe6dc70e0a886914746f5af6fda6e3d1dc7417d
GET /js/v-html-to-dom.js.ff1ae7e0.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-16c"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8W25V7z1VRYMb2GmZWlYi4kxx9XHXZFgQzFuun1I0%2BArIjP7pQntGDKu6uadbsElmjY6c2YM6lWS3lBYfLjxOqRt2npq%2FIOXKPdCMqbro5TSYPK%2FdsnsrBRnmZHbwg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398386db4b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| offpichuan.com/rotate?zz=4326388;5592664;5592658;5592700;5592655;5592702;5622941&var=4534663&ymid=4&uid=5i1r58tbywle7w5ovbr61nu763jcm867 | 139.45.197.237 | 200 OK | 4.0 kB |
URL GET HTTP/2offpichuan.com/rotate?zz=4326388;5592664;5592658;5592700;5592655;5592702;5622941&var=4534663&ymid=4&uid=5i1r58tbywle7w5ovbr61nu763jcm867 IP139.45.197.237:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectoffpichuan.com Fingerprint8B:DE:51:B7:81:9E:EA:DE:73:A4:3D:67:F9:5E:6F:7B:F4:D6:77:5A ValidityMon, 15 Apr 2024 21:54:27 GMT - Sun, 14 Jul 2024 21:54:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4006), with no line terminators Hash234860f48e2a67e22ea6490b5b32602b 2f58918b506a648045d1f38e7de1f9d42fa7b992 6b10947c8a9436ce9567ce863405b50a0294771b87264ca26601fc767b7838b7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=4326388;5592664;5592658;5592700;5592655;5592702;5622941&var=4534663&ymid=4&uid=5i1r58tbywle7w5ovbr61nu763jcm867 HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
x-trace-id: ee84e8376e75562d9b52a520216c0b09
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://lifteque.top
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=5i1r58tbywle7w5ovbr61nu763jcm867; expires=Sat, 03 May 2025 22:12:48 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| lifteque.top/js/s-storageService.js.bb9f7a22.js | 188.114.97.1 | 200 OK | 2.2 kB |
URL GET HTTP/3lifteque.top/js/s-storageService.js.bb9f7a22.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (2216), with no line terminators Hash803fe057e4762b54a284184815cfb62e e748b6c77988934fe2b458b61a93e35f22cfecbc 0552fbab13dd0597298180b4d1c5e1a8a2ca66e121e3ab892f100366c8d45d3c
GET /js/s-storageService.js.bb9f7a22.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:47 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-87a"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sIXFOqVQNqL%2Fsn3JSoMMkKt56N5Worklh6uQd8ZsqKq4JibURAo5YDJfa%2BBlND84Pz8LcuGMThn%2BZyUxl4a5D1XSAIk5X6FFIu%2BlefOtaYLsCoul5WRKmfoqyOiynuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39835db91b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/s-checkSessionStorageAvailable.ts.e8412d91.js | 188.114.97.1 | 200 OK | 330 B |
URL GET HTTP/3lifteque.top/js/s-checkSessionStorageAvailable.ts.e8412d91.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (338), with no line terminators Hash6eb1ccbb769935debb74de9858287720 5302f94074f05eb22f05368dfe3464b85c89fb48 1e016cce8f09ded837e6e46c9e26d5dddccc19bbfa89c9dc583c04d85e2c7bb4
GET /js/s-checkSessionStorageAvailable.ts.e8412d91.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:47 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7650-14a"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSjPa54MCzLxSJHL%2BdiprNNa5LdmwcZElTnKwwAS3b9cJnajfz2GWhUEIvdIYSYgoneQuaVsMnDTyUpkfr45UTUKJ2qEhQusktxVJKn4yebj0R8%2BHKTpPQEatiO4ivM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39835db97b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/css/_core-survey.d3ac2ee0.css | 188.114.97.1 | 200 OK | 83 B |
URL GET HTTP/3lifteque.top/css/_core-survey.d3ac2ee0.css IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with no line terminators Hash30d726a40ffe74d794b282ca1795b44c b43155653a1b9cc8d257687df9a75e0f204db348 4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
GET /css/_core-survey.d3ac2ee0.css HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:47 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=84
etag: W/"662b7650-54"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FkKP8SfDa08%2FUBHbRye0ysLl8iw%2BEj%2Fhgi2y9UN0HTW%2F2Gkm%2B%2Bb9RLATfP6ij4SSzqv5Nfi0sKv36fx6CdExYzg3234E6pOAEYBYavTdaxMIjuh%2FbEOmRhf3v78B7Bk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39835fbc0b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl | 188.114.97.1 | 200 OK | 7.2 kB |
URL User Request GET HTTP/2lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeHTML document, ASCII text, with very long lines (7439), with no line terminators Hash6a87a446091747cfee195cf1635c4ef4 e43e9720f9f2c4fafdd0ed1454af13af7cd36f6e 67f355bf059ee9758e7a112d94e434ceae1e38e950a96b46175b0da54523de81
GET /betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 22:12:47 GMT
content-type: text/html
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gcZ%2FSgmIr3tUTfjBxoyO7Lb9XLvVV5uWM2QuGBnO2f%2B7gs264vUkMU61GY1zRQCB7NJ4vyqAPzfkvS%2FC48wbKjQwHNLvQNpZ21WdYKbWURLAR4gfN1csYsuwBN2Z6z8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398312b4cb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lifteque.top/js/v-possibleStandardNamesOptimized.js.205abacb.js | 188.114.97.1 | 200 OK | 7.6 kB |
URL GET HTTP/3lifteque.top/js/v-possibleStandardNamesOptimized.js.205abacb.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (7923), with no line terminators Hashf80cb2aef29b4a80d135d1a598ce1dfa 0653306df1fd8d8591f84661643825e41684d3f6 43c16ae11cea687efa4ca55dec516b23257c3fcb22c9d3541041f1816aaa7b5b
GET /js/v-possibleStandardNamesOptimized.js.205abacb.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-1d99"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=et5cfPOhVUDt6bn1zRqDvtIw5nbM7kHDQrwl1COq7ryRpj4BMJQfmYdbU%2B3qPlWmvDVoeZGrLD6osktWyfXbxCVc3oKBRZnSATSSsZCDEHy%2Fl%2BOzhZqB%2Fcz3N2XaomU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398386da9b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=bbecbaa1-70f3-466d-8a9d-032e18e4daae | 139.45.195.253 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=bbecbaa1-70f3-466d-8a9d-032e18e4daae IP139.45.195.253:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash6949f52318584a4b51c719a9b84a7287 9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905 72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=bbecbaa1-70f3-466d-8a9d-032e18e4daae HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1445
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 03 May 2024 22:12:49 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://lifteque.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| lifteque.top/js/v-index.mjs.19622407.js | 188.114.97.1 | 200 OK | 35 kB |
URL GET HTTP/3lifteque.top/js/v-index.mjs.19622407.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (35287), with no line terminators Hash1de1ec2d8e7940b88970d8fbce40ed6d 510aa24127fb8bc3578d9ca4628b2eea5a84ce01 b473156bef833bcfb2e84658093f1ebc1e64011dcba904e26ccb31f1cad8b762
GET /js/v-index.mjs.19622407.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7652-89d7"
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XXOAtBh6egXR5bkZE0xJ1NkGlV2DV8MHzCor%2BGK3dYxttw485QQVcfU1kTea%2FFYlAiQ9wiwBTemlNagW9i6lhK45YywcNpZGGeOt4qe32emCfH9C8suBFfSmhc4BRps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398386da7b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/pfe/current/stattag.js | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/3lifteque.top/pfe/current/stattag.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (19053), with no line terminators Hash3a74216e872211a9c770302bb7d4a63f 7e63556174a7d66eee407218e503ec0aae2c0f9e 03405209d89a927b81d53eb13968663069760776389c5400bb79d11bd9f78f78
GET /pfe/current/stattag.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=5i1r58tbywle7w5ovbr61nu763jcm867; syncedCookie=true; oaidts=1714774368; ID=5i1r58tbywle7w5ovbr61nu763jcm867
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-4a6d"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2CXMy8B2QI3hjAVKx79erou9qaYHwJr8mWna8Zi5WOMg0oIn4WeYcln6E6m2R1ZYoVWzKtfMp3OXZAfAJ4F6VQtSrutfYC7dOgGLi2bDBufueWd6K4yhxVHMcJ1B8w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3983daaf1b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/_rtc.f86a36d7.js | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/3lifteque.top/js/_rtc.f86a36d7.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (12222), with no line terminators Hash128d6eec0793a7e02c314d2f6245f260 c9f09311c3f229b770f38d0cc69b422430f1c748 bf1606ac64db254cc565a094e7162a96f31f7e48ddece56fc92c654559e5abb8
GET /js/_rtc.f86a36d7.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:47 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-2fbe"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTJtU6u2d10iHYgv9AD3pMJC2lQlwsL5%2FnYEdpAdYnCfY9DA9oNq%2B78YsgtwHDS%2F%2F8vwqGCqLrR%2BRqw6icu4mkDvQqHOb2Rxcpbw5kdC9c2aAN0fqM9uDCrus%2FJG%2BI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39835db8bb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/BettingSurvey.ca3ef9f6.js | 188.114.97.1 | 200 OK | 2.2 kB |
URL GET HTTP/3lifteque.top/js/BettingSurvey.ca3ef9f6.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (2273), with no line terminators Hashae05ba2003a03f49524f07f9b5512250 8cf00a4c457e550d417223acca97a191e13f99fc 4147796684c5a6263e5990e94893d55dd21331e1679a22576f16303d9d7089a8
GET /js/BettingSurvey.ca3ef9f6.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7652-894"
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NM4PbGLoBkEdGNzxLwXSQyPOvdY5N9mfU9dxYSoCd5cwUX8FnVFHJYyPg4TIufffEBnN5s5QBfy%2Bb%2FtR%2BvM0XusTIW4peRKHFsEe9daaGZZpXkcJcxPaK6UHh1KwVIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398386dbab503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/css/src_js_components_Footer_Footer_tsx.ae79160e.css | 188.114.97.1 | 200 OK | 383 B |
URL GET HTTP/3lifteque.top/css/src_js_components_Footer_Footer_tsx.ae79160e.css IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (383), with no line terminators Hash8a1e27d3fe40dacdf45f3c2a0c72c3dc c4244fdf92ac42303ec5435499115d0e928804d9 d4c729196d5c4de3a3d812ffca60afe93a1b66f20163107b8f065cfdca1e6190
GET /css/src_js_components_Footer_Footer_tsx.ae79160e.css HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=384
etag: W/"662b7650-180"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x1%2F8qjeFeDTKSbffCXzkNHuH%2BS%2F0C1qUCE6l3gOW%2BlpaPpwNoVrbf7BflX5N71%2FDVh8zsoyWgi7gs9%2FJShqdOQAiQxwLdETrQrfIjpuAb6ju1y%2BouoPHYPAQ6GaTcXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398386db8b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/src_js_parts_replaceUrlTermsAndRedirect_ts.9d33b37f.js | 188.114.97.1 | 200 OK | 347 B |
URL GET HTTP/3lifteque.top/js/src_js_parts_replaceUrlTermsAndRedirect_ts.9d33b37f.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (357), with no line terminators Hash9ece9fc849871b7d08fa384867d6260a 49abdc7c36433be2cc6f22f08463f7ab5ebea6b4 b2845a23412d099e6a272b613412c8001899103c31678add71c60fe1b00df6d6
GET /js/src_js_parts_replaceUrlTermsAndRedirect_ts.9d33b37f.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-15b"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ppKE0RqMZmlJH9DT3mTtASHzUHWsdXhHJC5AQDnqhktFEMtHnlb8PKj5hg5EdOafWCIGIuhXGMEW3wECijm3Wg0vEwVjfbisMGfqHSlydKQwIfRZFlYEGOMs7vWXUs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e398386db7b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-redux-toolkit.esm.js.fe3487ca.js | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3lifteque.top/js/v-redux-toolkit.esm.js.fe3487ca.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (11319), with no line terminators Hash5aa3676547abc9a38889c09e69ca968d d19ea919192e86f97c34c0a5959ad05c52299aec 21648e7ba668a077e403b6bd1a38f05d55d987737b959d57e3b3c53787107eb7
GET /js/v-redux-toolkit.esm.js.fe3487ca.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:47 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7652-2c37"
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWTbsgS54CkO6juwZlzvX5N%2B4ZbmcEGvWswyoCCWwnihCFk3GSYr5qScvIs8qUX7TtInicW%2FObiYBUUqnTken5GUedRfKoudVQdNKUl%2BxQDblMQGZx51H5G%2BuPW7%2FHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39835eb9fb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/_each-land-config.3299fec3.js | 188.114.97.1 | 200 OK | 72 kB |
URL GET HTTP/3lifteque.top/js/_each-land-config.3299fec3.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash0ba3468fb169d838d511e11b5b33eaef fb53785cd4dcc6e5cf0fcebfcafed46a3968cbe9 6de414b4180a6f11c4f5a9ba570d5e97ac8e596b1f9c1bb86872a11ecd416384
GET /js/_each-land-config.3299fec3.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:47 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72043
etag: W/"662b7651-1196b"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XS%2FSozVEBRCoX2Ad2I3ILBkaeJH%2F9HKn8K4GKmkmK3WZaBtSfA%2FMIzOj8QcL681uNoHJH%2B9pZj35Qepc7tsvngVVWiR9AkvdzQB9pqU4vMSJfyB%2F2Q82UMVI3b1OTQ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39835eba3b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-react-dom.production.min.js.c3329619.js | 188.114.97.1 | 200 OK | 129 kB |
URL GET HTTP/3lifteque.top/js/v-react-dom.production.min.js.c3329619.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size129 kB (129356 bytes) Hashc53e5e3d8c5ca5f1c4edbce65426edfc 36cc2e7e0b893d82bf5f457c7a62374019d0f7aa ed83bf6bc001bd6f841c76b67aedfd3bc02cb28fb5537a1d55804f5ad0515e39
GET /js/v-react-dom.production.min.js.c3329619.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:47 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=129359
etag: W/"662b7650-1f94f"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YC5963qycI0fAl8d9cUubw2IszLhm0FZJETKHOCqfz%2FPCO18IIdctdoa5iY8ymi0FYxyevjmlUx%2Fw8QQvIF3HqXcmL3OaUb7lE308F8S16YyuSopYTBgzUreqYg2yT4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39835eba9b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/betting-survey.6c005c50.js | 188.114.97.1 | 200 OK | 577 B |
URL GET HTTP/3lifteque.top/js/betting-survey.6c005c50.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (599), with no line terminators Hash92a8eb7e6933f05ba71973db5945d5f3 ab4cd9925577ca2565c41ac942044b7678fb20f4 090cbd9c1d09a8110e5d2d44441721c5cbfe036d6ef7d967b8c4e5873bfc5e70
GET /js/betting-survey.6c005c50.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:47 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-241"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HbUZE1yA1KiMSv6sEd5R%2B0ZP9RJ%2FWesLJz50sxih%2Fdb9n0HIhcQxEqR9l9HiHT0lPnb5OliF0lg8yLHSKSe6Vbddc4rS%2FXeg2vbwYHRm%2FMgJiNQo9wK7Lr1Kc0MNTgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39835ebafb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/css/betting-survey.e1fedc09.css | 188.114.97.1 | 200 OK | 27 kB |
URL GET HTTP/3lifteque.top/css/betting-survey.e1fedc09.css IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (26716), with no line terminators Hash1c2b049c08235d0c389647b4a3fdd028 5e16e961c86591db4cd7f2eda6d87864ac84359c 7cf8566500e87b9e115597e1ad62c170b9848fabeb475f90d67b4b722dfa8c72
GET /css/betting-survey.e1fedc09.css HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:47 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=26723
etag: W/"662b7650-6863"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2BsRMNN4im7pL3frfJR3rgp3nTjbKwaZb6FXtm7a%2FyeBIrrcNuZkspORFFDii43H7KYsyuaDbhUgIxoT0SODecwS5NyU28W0EUlFxaiIGEiKgV8RmFbM%2FdAiLFA4ufs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39837bd14b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/sw/sw6163304.js?var=4534663&var_3=null&var_4=null&ymid=4&ab2_ttl=5184000000 | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3lifteque.top/sw/sw6163304.js?var=4534663&var_3=null&var_4=null&ymid=4&ab2_ttl=5184000000 IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (1013), with no line terminators Hash1fc39d86c29291e70220d185d4fd3055 17d2076d3c66bde26b239e2fc284dc94d31ed211 77d470e7d4894d0363fafb0eee0febfe0f55df221fea0bedb0719e8b6acfdc00
GET /sw/sw6163304.js?var=4534663&var_3=null&var_4=null&ymid=4&ab2_ttl=5184000000 HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: OAID=5i1r58tbywle7w5ovbr61nu763jcm867; syncedCookie=true; oaidts=1714774368; ID=5i1r58tbywle7w5ovbr61nu763jcm867
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1321
etag: W/"662b7650-529"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0jBujywJ2qg1uwhQcx868aYr49RBY%2FOd323RpyaZuY6UuhS7ZpTwBuhPp3swfUlEJ%2BsYx%2BTO3tuXHzVbHTxAZNVG2ZLY0e9cpRVXjgZFLMoPtTLKk%2BRMIop5TwXUGNE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3983a4fadb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/_core-survey.1b09882a.js | 188.114.97.1 | 200 OK | 170 kB |
URL GET HTTP/3lifteque.top/js/_core-survey.1b09882a.js IP188.114.97.1:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=ciremkkbhsl CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
Size170 kB (169673 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/_core-survey.1b09882a.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 22:12:47 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=169676
etag: W/"662b7652-296cc"
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w843L4xAYLaWX57tAjaBdUD6s6wgoJ5%2Bb6%2BbuD6%2Bywb5v3q3Isj0y8LQQ0a9c1kzr39BoLsWh9b%2FcKma4%2BCs1LaM7FUUqx1hzQo%2F5im797yHkAtVzv18L6zAVW9G5%2F8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e39835ebabb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|