| ocsp.sectigo.com/ | 104.18.32.68 | | 472 B |
IP104.18.32.68:0
Hash2fdb18dec4840b25743b70c36b2382b2 b0332d9e372aad4ea7d16652cd1428d7be76ab31 c0d990817760a39cab250bb67e74a286b85fca3b427b0637c18a3a6e35005109
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 09 May 2023 21:31:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 09 May 2023 02:50:10 GMT
Expires: Tue, 16 May 2023 02:50:09 GMT
Etag: "b0332d9e372aad4ea7d16652cd1428d7be76ab31"
Cache-Control: max-age=536939,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7c4d0c365943fac0-OSL
|
|
| vmrqyq.abadat5rckc.com/c/1a585105aafb207b | 52.51.27.131 | 302 Found | 314 B |
URL User Request GET HTTP/2vmrqyq.abadat5rckc.com/c/1a585105aafb207b IP52.51.27.131:443
CertificateIssuerSectigo Limited Subject*.abadat5rckc.com Fingerprint6C:3C:43:B9:0A:A6:52:3F:A4:D4:48:94:A0:A7:68:91:A0:C8:A0:33 ValidityThu, 15 Sep 2022 00:00:00 GMT - Fri, 15 Sep 2023 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (312) Hash1fa61ccc21b97b81534e30c756146255 8ea15d60b7059cb0030dd4f2212a149c748c5450 14a5350f1bcdbb989f436bb054d664617837ec16a61551d6532f1d343cbdd92b
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /c/1a585105aafb207b HTTP/1.1
Host: vmrqyq.abadat5rckc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Tue, 09 May 2023 21:31:09 GMT
content-type: text/html; charset=utf-8
content-length: 314
location: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
set-cookie: unique_id=645abb9d0000325f; Path=/; Expires=Sat, 08 Jul 2023 21:31:09 GMT; Secure; SameSite=None
unique_id2=645abb9d00003a77; Path=/; Expires=Mon, 07 Aug 2023 21:31:09 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Tue, 09 May 2023 21:31:09 GMT; Secure; SameSite=None
tid=sywma645abb9d000fc15d; Path=/; Expires=Wed, 12 Apr 2028 21:31:09 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| bawickie.com/contents/s/e2/08/a3/a0c9244c259e1eb3ce17ad40d9/01261300091751.jpeg | 139.45.197.162 | 200 OK | 26 kB |
URL GET HTTP/2bawickie.com/contents/s/e2/08/a3/a0c9244c259e1eb3ce17ad40d9/01261300091751.jpeg IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data Hashe208a3a0c9244c259e1eb3ce17ad40d9 f744cdc154f46d902271c864a135a8973d383562 4d0fb76ce0c2f3151772e5d5fab538b829d017d0dcf89ab3ba5fb889e6da0e04
GET /contents/s/e2/08/a3/a0c9244c259e1eb3ce17ad40d9/01261300091751.jpeg HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: image/jpeg
content-length: 25882
last-modified: Mon, 27 Mar 2023 14:48:52 GMT
vary: Accept-Encoding
etag: "6421acd4-651a"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| bawickie.com/contents/s/10/94/88/9db27a813b20a6306d5b6f65a0/0669571609554.jpeg | 139.45.197.162 | 200 OK | 32 kB |
URL GET HTTP/2bawickie.com/contents/s/10/94/88/9db27a813b20a6306d5b6f65a0/0669571609554.jpeg IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data Hash1094889db27a813b20a6306d5b6f65a0 a6dc6c3466b1fd00891a5f3156a10f660bedcf60 370fe791a06f59c82fa518ef984b8fb282719fad49ce185294625ace39914f75
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /contents/s/10/94/88/9db27a813b20a6306d5b6f65a0/0669571609554.jpeg HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: image/jpeg
content-length: 31480
last-modified: Mon, 27 Mar 2023 14:48:52 GMT
vary: Accept-Encoding
etag: "6421acd4-7af8"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| bawickie.com/contents/s/20/c7/be/0db7a3f51e5fe673960c51a051/01623157896108.jpeg | 139.45.197.162 | 200 OK | 24 kB |
URL GET HTTP/2bawickie.com/contents/s/20/c7/be/0db7a3f51e5fe673960c51a051/01623157896108.jpeg IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data Hash20c7be0db7a3f51e5fe673960c51a051 168c33dbf5ddcd85c5b036c314534d412867b249 be32b303e8d41d73b76d61dabdfdc14a7456d6a086b13be807b8b31088fcb4a7
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /contents/s/20/c7/be/0db7a3f51e5fe673960c51a051/01623157896108.jpeg HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: image/jpeg
content-length: 23619
last-modified: Mon, 27 Mar 2023 14:48:52 GMT
vary: Accept-Encoding
etag: "6421acd4-5c43"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| bawickie.com/contents/s/bc/61/6a/95e7d7a42116dbb9c79c580cd4/01314572001101.jpeg | 139.45.197.162 | 200 OK | 23 kB |
URL GET HTTP/2bawickie.com/contents/s/bc/61/6a/95e7d7a42116dbb9c79c580cd4/01314572001101.jpeg IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data Hashbc616a95e7d7a42116dbb9c79c580cd4 cd09ed501afc16b2317e0b564543f3615bf14442 71631d37ec944bb2fa220d64475f0e666c0ee73ea1a829232bb591ae96914c25
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /contents/s/bc/61/6a/95e7d7a42116dbb9c79c580cd4/01314572001101.jpeg HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: image/jpeg
content-length: 22827
last-modified: Mon, 27 Mar 2023 14:48:52 GMT
vary: Accept-Encoding
etag: "6421acd4-592b"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| bawickie.com/contents/s/9b/38/43/83a6fba71740fde72685f48e65/044382413938.jpeg | 139.45.197.162 | 200 OK | 25 kB |
URL GET HTTP/2bawickie.com/contents/s/9b/38/43/83a6fba71740fde72685f48e65/044382413938.jpeg IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data Hash9b384383a6fba71740fde72685f48e65 4aedfaafd5e131fa643628e04049aebc149bc18d c8f27b9f89a5cba7dd8e30b905f15fc27131ef8384261fa18d5d3f098c9b34a8
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /contents/s/9b/38/43/83a6fba71740fde72685f48e65/044382413938.jpeg HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: image/jpeg
content-length: 25395
last-modified: Mon, 27 Mar 2023 14:48:52 GMT
vary: Accept-Encoding
etag: "6421acd4-6333"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| bawickie.com/contents/s/af/94/65/ea1b6a41dbcd5f58adfe6b8ad2/063832201551.jpeg | 139.45.197.162 | 200 OK | 22 kB |
URL GET HTTP/2bawickie.com/contents/s/af/94/65/ea1b6a41dbcd5f58adfe6b8ad2/063832201551.jpeg IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data Hashaf9465ea1b6a41dbcd5f58adfe6b8ad2 ba58c8c1ab2e575b7c4599e9c72b8abbe4ea8453 7e05f3576f8cccec8b8b9d03df055434ac3866d34b52880962aadfe0e06483c1
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /contents/s/af/94/65/ea1b6a41dbcd5f58adfe6b8ad2/063832201551.jpeg HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: image/jpeg
content-length: 21926
last-modified: Mon, 27 Mar 2023 14:48:52 GMT
vary: Accept-Encoding
etag: "6421acd4-55a6"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| bawickie.com/contents/s/a3/15/66/5fa629ff80d4ad787d339cc194/0510990695689.jpeg | 139.45.197.162 | 200 OK | 26 kB |
URL GET HTTP/2bawickie.com/contents/s/a3/15/66/5fa629ff80d4ad787d339cc194/0510990695689.jpeg IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data Hasha315665fa629ff80d4ad787d339cc194 b0ac0c76c41311436299df90199633f03e8ef900 5f17595b3f6077f45588f6263c05018a61bfc87dcebd5733fc6fa1cedcf47be0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /contents/s/a3/15/66/5fa629ff80d4ad787d339cc194/0510990695689.jpeg HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: image/jpeg
content-length: 26402
last-modified: Mon, 27 Mar 2023 14:48:52 GMT
vary: Accept-Encoding
etag: "6421acd4-6722"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| bawickie.com/contents/s/52/14/98/28753b416e73d5a7cb68f902c3/0299505312749.jpeg | 139.45.197.162 | 200 OK | 23 kB |
URL GET HTTP/2bawickie.com/contents/s/52/14/98/28753b416e73d5a7cb68f902c3/0299505312749.jpeg IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data Hash52149828753b416e73d5a7cb68f902c3 2898d215615cc0168e19eb3428d08d4c41859987 9c6d0c2059a64b522906209a10e0dda5d4a1819a89e1185ab0bc5c76c49b05b5
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /contents/s/52/14/98/28753b416e73d5a7cb68f902c3/0299505312749.jpeg HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: image/jpeg
content-length: 22787
last-modified: Mon, 27 Mar 2023 14:48:52 GMT
vary: Accept-Encoding
etag: "6421acd4-5903"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=018034341d1b6ee33ed69641dd128e2b | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=018034341d1b6ee33ed69641dd128e2b IP139.45.195.8:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectrtmark.net Fingerprint74:B2:31:E9:6E:77:8E:33:B3:9D:61:F0:29:AA:AA:21:BB:5E:45:12 ValidityWed, 15 Feb 2023 21:34:45 GMT - Tue, 16 May 2023 21:34:44 GMT
File typeJSON data\012- , ASCII text Hashe3d8c3c08077a69d9dcefbd4a9384849 3ad47209f13a8eca18d0576e2a6f1c384a83fd85 486c1bca362606d9e7326e85d249315522a433ad68997804e83ac3bfecd15102
GET /gid.js?userId=018034341d1b6ee33ed69641dd128e2b HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bawickie.com/
Origin: https://bawickie.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://bawickie.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=018034341d1b6ee33ed69641dd128e2b; expires=Wed, 08 May 2024 21:31:10 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| bawickie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=61023&var=5820188&sw=/sw-check-permissions/5256482&var_3=17360431_ | 139.45.197.162 | 200 OK | 13 kB |
URL GET HTTP/2bawickie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=61023&var=5820188&sw=/sw-check-permissions/5256482&var_3=17360431_ IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
File typeC source, ASCII text, with very long lines (41979), with no line terminators Hash272126e4be9edd9fb1cec18c130d26ee cbfc1e6c56106f97f08a782789429506e01cd4f4 fe61684f2fef0a61e826cc7d80a504c6b87c8add11a2387e0b09655629440c96
GET /pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=61023&var=5820188&sw=/sw-check-permissions/5256482&var_3=17360431_ HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: application/javascript
last-modified: Tue, 09 May 2023 12:41:37 GMT
vary: Accept-Encoding
etag: W/"645a3f81-a3fb"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: br
X-Firefox-Spdy: h2
|
|
| static.bawickie.com/templates/_assets/sounds/blip1/default.mp3 | 139.45.197.162 | 206 Partial Content | 6.7 kB |
URL GET HTTP/2static.bawickie.com/templates/_assets/sounds/blip1/default.mp3 IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data Hash6422f23e1751d74410347e02c0210a60 0e3e65be6b5fbb76f6a52191e973bd37368be204 4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /templates/_assets/sounds/blip1/default.mp3 HTTP/1.1
Host: static.bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: audio/mpeg
content-length: 6712
last-modified: Fri, 05 May 2023 09:47:23 GMT
vary: Accept-Encoding
etag: "6454d0ab-1a38"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-range: bytes 0-6711/6712
X-Firefox-Spdy: h2
|
|
| bawickie.com/contents/s/0e/fb/85/890619b47119f3adc989dd89fa/061906112940.png | 139.45.197.162 | 200 OK | 2.2 kB |
URL GET HTTP/2bawickie.com/contents/s/0e/fb/85/890619b47119f3adc989dd89fa/061906112940.png IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
File typePNG image data, 60 x 60, 8-bit colormap, non-interlaced\012- data Hash0efb85890619b47119f3adc989dd89fa 1b6b7b64454fb94211d70dbe4198d5929cd1d263 27bbd8d374cc746b7892fa5c286b67efc5b891d91c2afb24b8ef8139da2be99a
GET /contents/s/0e/fb/85/890619b47119f3adc989dd89fa/061906112940.png HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869; syncedCookie=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: image/png
content-length: 2164
last-modified: Mon, 27 Mar 2023 14:48:52 GMT
vary: Accept-Encoding
etag: "6421acd4-874"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| littlecdn.com/apps/templates/android-instructions/ios-sys-msg-icon/css/theme/bg-img-mini.css?v=1.1 | 172.67.10.98 | 200 OK | 130 B |
URL GET HTTP/2littlecdn.com/apps/templates/android-instructions/ios-sys-msg-icon/css/theme/bg-img-mini.css?v=1.1 IP172.67.10.98:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF9:14:9E:F3:4F:17:83:0E:22:54:EF:3E:FD:37:20:6C:1D:08:CE:1F ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT
Hash8845393af278174c4e76526234c76f65 5185a884204eac8906523016f35f571550c05118 166b8bfb01fbde7bac2b83e67e9acb01104c9faf360079c964756bd12be7724d
GET /apps/templates/android-instructions/ios-sys-msg-icon/css/theme/bg-img-mini.css?v=1.1 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 09 May 2023 21:31:10 GMT
content-type: text/css
last-modified: Fri, 05 May 2023 09:47:23 GMT
vary: Accept-Encoding
etag: W/"6454d0ab-11f"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7c4d0c3cfbd61c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js | 139.45.195.8 | 200 OK | 65 B |
IP139.45.195.8:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectrtmark.net Fingerprint74:B2:31:E9:6E:77:8E:33:B3:9D:61:F0:29:AA:AA:21:BB:5E:45:12 ValidityWed, 15 Feb 2023 21:34:45 GMT - Tue, 16 May 2023 21:34:44 GMT
File typeJSON data\012- , ASCII text Hashe3d8c3c08077a69d9dcefbd4a9384849 3ad47209f13a8eca18d0576e2a6f1c384a83fd85 486c1bca362606d9e7326e85d249315522a433ad68997804e83ac3bfecd15102
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bawickie.com/
Origin: https://bawickie.com
DNT: 1
Connection: keep-alive
Cookie: ID=018034341d1b6ee33ed69641dd128e2b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://bawickie.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=018034341d1b6ee33ed69641dd128e2b; expires=Wed, 08 May 2024 21:31:10 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| unphionetor.com/vctx?t=71022 | 139.45.197.236 | 204 No Content | 0 B |
URL GET HTTP/2unphionetor.com/vctx?t=71022 IP139.45.197.236:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectunphionetor.com Fingerprint4B:AB:04:0A:B6:60:F0:0A:CD:92:AC:93:15:79:CF:21:57:6D:1B:97 ValiditySat, 18 Mar 2023 19:00:29 GMT - Fri, 16 Jun 2023 19:00:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vctx?t=71022 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bawickie.com
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
access-control-allow-origin: https://bawickie.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 5cecb8febd74ed676d5682314a1d5d5c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| bawickie.com/favicon.ico | 139.45.197.162 | 204 No Content | 0 B |
IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869; syncedCookie=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| unphionetor.com/vbl?t=71022&bid=undefined&aid=undefined | 139.45.197.236 | 204 No Content | 0 B |
URL POST HTTP/2unphionetor.com/vbl?t=71022&bid=undefined&aid=undefined IP139.45.197.236:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectunphionetor.com Fingerprint4B:AB:04:0A:B6:60:F0:0A:CD:92:AC:93:15:79:CF:21:57:6D:1B:97 ValiditySat, 18 Mar 2023 19:00:29 GMT - Fri, 16 Jun 2023 19:00:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /vbl?t=71022&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bawickie.com
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
access-control-allow-origin: https://bawickie.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 3eae02aadbcaff68d3cf6f86787fc8dc
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| bawickie.com/zone?&pub=0&zone_id=5256482&is_mobile=false&domain=bawickie.com&var=5820188&ymid=61023&var_3=17360431_&var_4=&dsig=&action=prerequest | 139.45.197.162 | 200 OK | 0 B |
URL POST HTTP/2bawickie.com/zone?&pub=0&zone_id=5256482&is_mobile=false&domain=bawickie.com&var=5820188&ymid=61023&var_3=17360431_&var_4=&dsig=&action=prerequest IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5256482&is_mobile=false&domain=bawickie.com&var=5820188&ymid=61023&var_3=17360431_&var_4=&dsig=&action=prerequest HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bawickie.com
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-length: 0
x-trace-id: 604edba22e12a1a0a4ee48fade7d842f
access-control-allow-origin: https://bawickie.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= | 139.45.197.162 | 200 OK | 40 kB |
URL User Request GET HTTP/2bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= IP139.45.197.162:443
CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; expires=Tue, 09-May-2023 22:31:09 GMT; Max-Age=3600; path=/
OAID=018034341d1b6ee33ed69641dd128e2b; expires=Wed, 15-Sep-2077 19:02:18 GMT; Max-Age=1715290269; path=/
oaidts=1683667869; expires=Wed, 15-Sep-2077 19:02:18 GMT; Max-Age=1715290269; path=/
syncedCookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
|
|
| littlecdn.com/apps/templates/android-instructions/ios-sys-msg-icon/css/style.css?v=1.6 | 172.67.10.98 | 200 OK | 6.5 kB |
URL GET HTTP/2littlecdn.com/apps/templates/android-instructions/ios-sys-msg-icon/css/style.css?v=1.6 IP172.67.10.98:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF9:14:9E:F3:4F:17:83:0E:22:54:EF:3E:FD:37:20:6C:1D:08:CE:1F ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT
File typeASCII text, with very long lines (6948), with no line terminators Hash060e75741c398c0e408164c4100d2b19 72149010215abe827ad74a0f3b41452ea3a068f7 936975f8be0f8e4692e0cee1be6e9c5ef99af904b853e385dba09f8b3a277780
GET /apps/templates/android-instructions/ios-sys-msg-icon/css/style.css?v=1.6 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 09 May 2023 21:31:10 GMT
content-type: text/css
last-modified: Fri, 05 May 2023 09:47:23 GMT
vary: Accept-Encoding
etag: W/"6454d0ab-1984"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: MISS
server: cloudflare
cf-ray: 7c4d0c3cebc61c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| littlecdn.com/apps/templates/android-instructions/ios-sys-msg-icon/css/theme/btn-green.css?v=1.4 | 172.67.10.98 | 403 Forbidden | 0 B |
URL GET HTTP/2littlecdn.com/apps/templates/android-instructions/ios-sys-msg-icon/css/theme/btn-green.css?v=1.4 IP172.67.10.98:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF9:14:9E:F3:4F:17:83:0E:22:54:EF:3E:FD:37:20:6C:1D:08:CE:1F ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apps/templates/android-instructions/ios-sys-msg-icon/css/theme/btn-green.css?v=1.4 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 09 May 2023 21:31:10 GMT
content-type: text/html
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
cf-ray: 7c4d0c3cfbd71c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| littlecdn.com/apps/templates/android-instructions/ios-sys-msg-icon/css/theme/android.css?v=1.4 | 172.67.10.98 | 200 OK | 310 B |
URL GET HTTP/2littlecdn.com/apps/templates/android-instructions/ios-sys-msg-icon/css/theme/android.css?v=1.4 IP172.67.10.98:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF9:14:9E:F3:4F:17:83:0E:22:54:EF:3E:FD:37:20:6C:1D:08:CE:1F ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT
File typeASCII text, with very long lines (333), with no line terminators Hashe986b841ebc4b4f302ad38e01e4767ac fe2f25dbde4d8ae5fcc1156d3834a86371904c78 f32b9117ce5433f22260e4982e6d5d7347bf7eb644c26c8e2134260dfc9ea5bf
GET /apps/templates/android-instructions/ios-sys-msg-icon/css/theme/android.css?v=1.4 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 09 May 2023 21:31:10 GMT
content-type: text/css
last-modified: Fri, 05 May 2023 09:47:23 GMT
vary: Accept-Encoding
etag: W/"6454d0ab-136"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7c4d0c3cebcc1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| propeller-tracking.com/fv.js?t=71022&cb=91868490 | 139.45.197.240 | 200 OK | 5.2 kB |
URL GET HTTP/2propeller-tracking.com/fv.js?t=71022&cb=91868490 IP139.45.197.240:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerSectigo Limited Subjectpropeller-tracking.com Fingerprint29:14:4F:57:5D:49:BB:13:F2:11:B7:FD:18:B4:E8:63:D4:8B:DC:06 ValidityFri, 04 Nov 2022 00:00:00 GMT - Mon, 06 Nov 2023 23:59:59 GMT
File typeASCII text, with very long lines (5331), with no line terminators Hash061bf31ab8394112d1dffdd5ec872c2a f87a9877e0b08b1ddcc15351cee29a4d8ba34315 b24829831c07c3a35bc35c242324c3ee90c151e4e53de8e28f579e4161819414
GET /fv.js?t=71022&cb=91868490 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 2b800252839c328dda2ccb8b042e98c2
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bawickie.com/track-impression-applab?z=5820188&b=17360431&ymid=sywma645abb9d000fc15d&var=61023&var_3=17360431_&redirect=false&redirectUrl=https%3A%2F%2Ftrk.mail.ru%2Fc%2Fb1gnt7%3Fmt_gaid%3D%7Bmt_gaid%7D%26did%3D%24%7BSUBID%7D%26mt_sub1%3Dzeydoo_2%253A5820188%253A61023%26mt_sub2%3D5820188%26mt_campaign%3D%7Bcampaignid%7D%26mt_creative%3D17360431%26land_state%3Dbefore_render%26land_id%3D4dvkxpjd79Om2jV%26land_generation_time%3D2023-05-09_16%3A31%3A09%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D018034341d1b6ee33ed69641dd128e2b | 139.45.197.162 | 200 OK | 690 B |
URL GET HTTP/2bawickie.com/track-impression-applab?z=5820188&b=17360431&ymid=sywma645abb9d000fc15d&var=61023&var_3=17360431_&redirect=false&redirectUrl=https%3A%2F%2Ftrk.mail.ru%2Fc%2Fb1gnt7%3Fmt_gaid%3D%7Bmt_gaid%7D%26did%3D%24%7BSUBID%7D%26mt_sub1%3Dzeydoo_2%253A5820188%253A61023%26mt_sub2%3D5820188%26mt_campaign%3D%7Bcampaignid%7D%26mt_creative%3D17360431%26land_state%3Dbefore_render%26land_id%3D4dvkxpjd79Om2jV%26land_generation_time%3D2023-05-09_16%3A31%3A09%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D018034341d1b6ee33ed69641dd128e2b IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (742), with no line terminators Hashf7b096d0ebcbe9313b41e9fce2c90b59 24d74c9576073bac618d01a48e4a980c6e5a9d0f 3e982329bdcb888d07acddff6f0d303f1b21803e33cc39b92f12b17384526e30
GET /track-impression-applab?z=5820188&b=17360431&ymid=sywma645abb9d000fc15d&var=61023&var_3=17360431_&redirect=false&redirectUrl=https%3A%2F%2Ftrk.mail.ru%2Fc%2Fb1gnt7%3Fmt_gaid%3D%7Bmt_gaid%7D%26did%3D%24%7BSUBID%7D%26mt_sub1%3Dzeydoo_2%253A5820188%253A61023%26mt_sub2%3D5820188%26mt_campaign%3D%7Bcampaignid%7D%26mt_creative%3D17360431%26land_state%3Dbefore_render%26land_id%3D4dvkxpjd79Om2jV%26land_generation_time%3D2023-05-09_16%3A31%3A09%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D018034341d1b6ee33ed69641dd128e2b HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
DNT: 1
Connection: keep-alive
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 0d50255546744fe541d8ebe662f049a9
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
|
|
| bawickie.com/sw-check-permissions/5256482?var=5820188&var_3=17360431_&ymid=61023&uhd=1 | 139.45.197.162 | 200 OK | 930 B |
URL GET HTTP/2bawickie.com/sw-check-permissions/5256482?var=5820188&var_3=17360431_&ymid=61023&uhd=1 IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
File typeASCII text, with very long lines (991), with no line terminators Hash807c89c0abc2ece7947b33179c43b77c 188f37d3ea38606fc3f0739721d8901b5b14bc98 3416c37a9b130afa511205728299c23b2f67c4a339c1a71ce7993d620127e9ce
GET /sw-check-permissions/5256482?var=5820188&var_3=17360431_&ymid=61023&uhd=1 HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 09 May 2023 21:31:10 GMT
content-type: application/javascript
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
|
|
| bawickie.com/rotate?zz=5822560&var=5820188&ymid=61023&uid=018034341d1b6ee33ed69641dd128e2b | 139.45.197.162 | 200 OK | 749 B |
URL GET HTTP/2bawickie.com/rotate?zz=5822560&var=5820188&ymid=61023&uid=018034341d1b6ee33ed69641dd128e2b IP139.45.197.162:443
Requested byhttps://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid= CertificateIssuerLet's Encrypt Subjectbawickie.com Fingerprint8E:C3:11:C6:43:BE:C6:69:7A:0E:22:2E:B7:F0:43:71:C0:05:3A:90 ValidityTue, 02 May 2023 18:32:10 GMT - Mon, 31 Jul 2023 18:32:09 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (756), with no line terminators Hashef3122263d2204087034d9e52a9d6e98 aeb47db3bf5984361ea20b5a478ad1eaf85b2a9e 60326375e0526965ce78394d6012f481f006ad9cefc905e0d5161901315d5db9
GET /rotate?zz=5822560&var=5820188&ymid=61023&uid=018034341d1b6ee33ed69641dd128e2b HTTP/1.1
Host: bawickie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bawickie.com/?b=17360431&bannerid=&browser=&browserversion=&campaignid=&campid=%7Bcampaignid%7D&device=&l=4dvkxpjd79Om2jV&os=&osversion=&s=%7BCLICK_ID%7D&user_activity=&var=61023&ymid=sywma645abb9d000fc15d&z=5820188&zoneid=
DNT: 1
Connection: keep-alive
Cookie: reverse=1NfyH0q_OSutcOZnQreI2rYDma-bQpX5Qmoh_n6g6fU; OAID=018034341d1b6ee33ed69641dd128e2b; oaidts=1683667869; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|