| my.rtmark.net/gid.js?userId=affxiz02a3thxswb93zcdqili946knmc | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=affxiz02a3thxswb93zcdqili946knmc IP139.45.195.8:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hasha07714cfdf769cbbaa61fa759ab216cf 92a12b1022d76a2b1461e326d26454ea581f2293 7c71353d95930e511314a067495880b58ae3baed35a0f9baace995c17edbfbff
GET /gid.js?userId=affxiz02a3thxswb93zcdqili946knmc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://lifteque.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=affxiz02a3thxswb93zcdqili946knmc; expires=Thu, 24 Apr 2025 08:35:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/js/v-index.js.da9f7529.js | 104.21.17.195 | 200 OK | 15 kB |
URL GET HTTP/3lifteque.top/js/v-index.js.da9f7529.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (40911) Hashf0c16b073e12930f7cbd321dd6f8f9b9 af74daaab1c8cb17152c3352d40ab89afea0b29d 9058ace69791e8a1eb5f9849c20a6dcd6e0f9018696ed0e563c3da7082aec861
GET /js/v-index.js.da9f7529.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: W/"661f9116-a01c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TeWuZMGjiTgXOuFkAPdKkoTn8C2nqSKZmP2NMQi68s08%2BxqzmVokyiOOWJlB3rkO6vurMbvthzBifXv%2BzehISq1ooiam43boJxm6mWTyA25QWTmt%2B8RwEVZn%2FURPpfs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cdaa1156b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/s-checkLocalStorageAvailable.ts.f2fef93d.js | 104.21.17.195 | 200 OK | 1.1 kB |
URL GET HTTP/3lifteque.top/js/s-checkLocalStorageAvailable.ts.f2fef93d.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (330), with no line terminators Hashf23ca32d86f4a0e4179319172a667c74 a68d98bd989ff8804424b8b38f2104f5b562e4b4 0d92eabc50682ed456954a64fdfad12a54b3da489957e9e70479724f5503752f
GET /js/s-checkLocalStorageAvailable.ts.f2fef93d.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9116-14a"
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6VW%2Fs6JVpa0Fi0ICcSkuZEr7lAjrq3v0KDhbm9v3gZZINGXgW4bfqc%2BrGNJl%2Bvzy9r3vpb0462Iuhh8rMm8jJdJyrdLR%2BH16K0erulkQQdvzn%2FORLrfPViDb8p%2BCuIw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cdaa1656b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-react-dom.production.min.js.c3329619.js | 104.21.17.195 | 200 OK | 43 kB |
URL GET HTTP/3lifteque.top/js/v-react-dom.production.min.js.c3329619.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashc53e5e3d8c5ca5f1c4edbce65426edfc 36cc2e7e0b893d82bf5f457c7a62374019d0f7aa ed83bf6bc001bd6f841c76b67aedfd3bc02cb28fb5537a1d55804f5ad0515e39
GET /js/v-react-dom.production.min.js.c3329619.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=129359
etag: W/"661f9116-1f94f"
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2FOQ2HBrMAom8K7XhFrlKERDUZbi8z3T%2BWYdTDk6EyvPGLu%2F4Oe%2F3iFcbtrqnu%2F9rq5DAcasl%2BmQZ6DDIKgN%2Bgx9ELsCJy6CoKilKG94ZHz8tZPoU%2BPhO4eZKzzZKwc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cdaa1956b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/betting-survey.6c005c50.js | 104.21.17.195 | 200 OK | 1.8 kB |
URL GET HTTP/3lifteque.top/js/betting-survey.6c005c50.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (577), with no line terminators Hash8e4100b9686e9612ffc148dbe71bc0a8 92cb60b5531e56ee93a4db13504ae45c14100f7f b49821b62e911e066e4d0fb8ff30ef3b645d691ac0834258be1447a8ef268b3a
GET /js/betting-survey.6c005c50.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:32 GMT
vary: Accept-Encoding
etag: W/"661f9118-241"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=heO0ni4r4rl%2BhMrnTJGYR5kH3dBdlEX4vGYpnQwm95gAZQ0ebar5Oj0t0wypgrej%2FabsC66jtiWXi6FznR13k9wfbqkua4A3Rgg06TbirloyBJ3VPkWwqriXO5AigjY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cdaa1d56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:35:37 GMT
content-length: 0
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 | 104.21.17.195 | 200 OK | 3.2 kB |
URL User Request GET HTTP/2lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 IP104.21.17.195:443
CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeHTML document, ASCII text, with very long lines (7207), with no line terminators Hash8032bdd281a3548872132f7fff451ca3 9c2e2c0ac164d36a4155fa644e5fa8b8c2306be2 7644d9abd45c71dcb355a80e3c51be7531313952e140e07b2a651566ca417b24
GET /betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:35:36 GMT
content-type: text/html
last-modified: Wed, 17 Apr 2024 09:06:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nPtyvpXRNMSKKPy%2BSRr7RV5%2FWVHn6qiMKMB7q0RT%2BZPYHqDCgVfaklTdDgO8JP0u%2F0HjmtLZEEDqEeCfy1iAohH4jWUu8JKwUIapGjbyaMNigYe%2B46276M%2Fk6UfCBTs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cb4d3a56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 731
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: c613c58cbaabe3eda7383299ab900553
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:35:37 GMT
content-length: 0
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 812
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 1636d41afe437d1374aac7e30e880234
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 0 B |
IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:35:37 GMT
content-length: 0
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/js/_each-land-config.3299fec3.js | 104.21.17.195 | 200 OK | 21 kB |
URL GET HTTP/3lifteque.top/js/_each-land-config.3299fec3.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash0ba3468fb169d838d511e11b5b33eaef fb53785cd4dcc6e5cf0fcebfcafed46a3968cbe9 6de414b4180a6f11c4f5a9ba570d5e97ac8e596b1f9c1bb86872a11ecd416384
GET /js/_each-land-config.3299fec3.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72043
etag: W/"661f9116-1196b"
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HnZHzlXuHsfLuJg9NhtyGMOE8G0LTorKXusQxgxloom7FhDIVRXtle06d1DpsjN1jHUOlaAR8WbTezQeBG8TAaRTJ4nTwuqmBO2DLgLK49dTh%2BrVNlM2vC%2B5KmbvdY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cdaa1856b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:35:37 GMT
content-length: 0
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:35:37 GMT
content-length: 0
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/img/betting/sport-betting/betting1.webp | 104.21.17.195 | 200 OK | 2.3 kB |
URL GET HTTP/3lifteque.top/img/betting/sport-betting/betting1.webp IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 140x140, Scaling: [none]x[none], YUV color, decoders should clamp Hashcd54542028a12acdd77d280eb13feb3e 0bbaa5c4160b215bc37b9987ec95d9b5bffd5d34 61ef8ac2711f65c63e419159da12b2fd640138153ac2503ab5f7680619a1f490
GET /img/betting/sport-betting/betting1.webp HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: image/webp
content-length: 2276
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: "661f9116-8e4"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RfmhAN9XoD%2FqdAJrPP96grQ4xbmi1S%2FBJAojUklV7g4eHmtw4JwLNCy9pWZLL55PPOSmSZez8DvD878KWVjhCYA8yl4W9f3ikcSA2YO7HIMUAKDjC%2B1LJJmOSUH1P%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2d14e3d56b1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 179 B |
IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashe038f5feccc9daf849b54fcb2e2be299 d45b65b1beb71aed233f69c15151c62a45ab7470 aa70ac485ebebd44bb4024121629e67b66ff1176ed2cfb9f4a7d4ed174e0506d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 157
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/json; charset=utf-8
content-length: 179
x-trace-id: da13bc36105579f96c5a226560e06a7e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lifteque.top/img/betting/sport-betting/ball.webp | 104.21.17.195 | 200 OK | 2.9 kB |
URL GET HTTP/3lifteque.top/img/betting/sport-betting/ball.webp IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeRIFF (little-endian) data, Web/P image Hash825112e52d4395f2fea6284419244dfd 319282ad0d2a1da4c6cacd67784c7ddc897b33ec 97e541db3f4df8ef84da4e7269993281662249d4f0b5f01010801c5d73dddb23
GET /img/betting/sport-betting/ball.webp HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lifteque.top/css/betting-survey.e1fedc09.css
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: image/webp
content-length: 2850
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: "661f9116-b22"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRfDLP9eU%2FAS%2BejhRRLZzv2v8y4Xmtt2Dk05LcIWYMZ10Yy3ky%2BH6Zw7sro10%2FHFfr4idBsiY6L1sXt89mI6NL%2F2Ax1lollBocPRiLPTajjNMJhHMATrEKsE5Zdv4Ow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2d13e2656b1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 812
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: dd1b68d3cf8ee2a9cd1ced549aacaf9a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| offpichuan.com/rotate?zz=6475278;5592660;5592658;5592700;5592651;5592702;5622941&var=4534663&ymid=4&uid=affxiz02a3thxswb93zcdqili946knmc | 139.45.197.237 | 200 OK | 2.7 kB |
URL GET HTTP/2offpichuan.com/rotate?zz=6475278;5592660;5592658;5592700;5592651;5592702;5622941&var=4534663&ymid=4&uid=affxiz02a3thxswb93zcdqili946knmc IP139.45.197.237:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectoffpichuan.com Fingerprint8B:DE:51:B7:81:9E:EA:DE:73:A4:3D:67:F9:5E:6F:7B:F4:D6:77:5A ValidityMon, 15 Apr 2024 21:54:27 GMT - Sun, 14 Jul 2024 21:54:26 GMT
File typegzip compressed data, max speed, from Unix Hashbe9f65122eab54f10ea86f1ea73d66d8 7af0c6c2b16d192f0f7f3f0eae47e3254f1d6902 35fb19bb93722da29cccb22a5677baf8ba2ac8ae48ffbe419686a2964bda7807
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=6475278;5592660;5592658;5592700;5592651;5592702;5622941&var=4534663&ymid=4&uid=affxiz02a3thxswb93zcdqili946knmc HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
x-trace-id: 1eb0c07eb5c2b7723d6c9870b1ac862f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://lifteque.top
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; expires=Thu, 24 Apr 2025 08:35:37 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| lifteque.top/img/betting/sport-betting/boxring.webp | 104.21.17.195 | 200 OK | 15 kB |
URL GET HTTP/3lifteque.top/img/betting/sport-betting/boxring.webp IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 594x396, Scaling: [none]x[none], YUV color, decoders should clamp Hash0e255e2d6a693f6e9a839b87a2308dbb de83ed899c718b915263078d26a6e36038c279b9 d3ad332009f256aad9f3e57c4bd627b9a95568755d87602f3a25a09767e36076
GET /img/betting/sport-betting/boxring.webp HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lifteque.top/css/betting-survey.e1fedc09.css
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: image/webp
content-length: 15354
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: "661f9116-3bfa"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7xoq%2FLzcsjVjCg12pQh3UR7hChoNJvqFLaeb%2FBjKJGJpfjYnomTOskTRb8mATfCEdfiJfIxhIxeQBl5SVYnEZ%2FAM05u6SWW%2BClbVBWKSHJ6C1Dm6ZA%2FfJu1MWf05I%2BU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2d13e2456b1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=feffe709-c10d-4400-abf4-76d7c63a8812 | 139.45.195.253 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=feffe709-c10d-4400-abf4-76d7c63a8812 IP139.45.195.253:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=feffe709-c10d-4400-abf4-76d7c63a8812 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1449
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 24 Apr 2024 08:35:38 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://lifteque.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| lifteque.top/js/s-storageService.js.bb9f7a22.js | 104.21.17.195 | 200 OK | 2.2 kB |
URL GET HTTP/3lifteque.top/js/s-storageService.js.bb9f7a22.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (2216), with no line terminators Hash803fe057e4762b54a284184815cfb62e e748b6c77988934fe2b458b61a93e35f22cfecbc 0552fbab13dd0597298180b4d1c5e1a8a2ca66e121e3ab892f100366c8d45d3c
GET /js/s-storageService.js.bb9f7a22.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:32 GMT
vary: Accept-Encoding
etag: W/"661f9118-87a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FlwAQvLI61yIIvQIzBnTSaK%2FtpWVraKM%2F2pT0%2FvkdVGTN49pkSrRSQt0FhRQ2Vtu35uX9V3uifbHDaaAMCWuhQEd8jCAhljzML28eHyBW%2BzONZ9YROeYk2tWdQtpL4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cdaa1356b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-possibleStandardNamesOptimized.js.205abacb.js | 104.21.17.195 | 200 OK | 7.6 kB |
URL GET HTTP/3lifteque.top/js/v-possibleStandardNamesOptimized.js.205abacb.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (7923), with no line terminators Hashf80cb2aef29b4a80d135d1a598ce1dfa 0653306df1fd8d8591f84661643825e41684d3f6 43c16ae11cea687efa4ca55dec516b23257c3fcb22c9d3541041f1816aaa7b5b
GET /js/v-possibleStandardNamesOptimized.js.205abacb.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9117-1d99"
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZBxwJh1qZHwE%2FVw5tUIgkZGNMcIPkJPNk4o9Bl6XkyM8RuhqcxqepfbTc9NqwP3FkJh7ojgjclkdVxqlnX34m1QEjByXh1WS44TUSiKV%2BHbLVWudYbSTDIHA%2FxWsNXE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfbc5556b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/pfe/current/stattag.js | 104.21.17.195 | 200 OK | 19 kB |
URL GET HTTP/3lifteque.top/pfe/current/stattag.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (19053), with no line terminators Hash3a74216e872211a9c770302bb7d4a63f 7e63556174a7d66eee407218e503ec0aae2c0f9e 03405209d89a927b81d53eb13968663069760776389c5400bb79d11bd9f78f78
GET /pfe/current/stattag.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9118-4a6d"
last-modified: Wed, 17 Apr 2024 09:06:32 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eq4jS1m0uXrCQyuxnbspUwGtbIF6%2FM7HSf7icwsvSmJT9PepvFQ5UNKmL2n2lBskK2A8Lhq6rHBO3NVCLKrMdfn1tcvRAVHpsLlwOSe1hM9WOsE4vZwNVmNf85BbIAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2d14e4456b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/_rtc.f86a36d7.js | 104.21.17.195 | 200 OK | 12 kB |
URL GET HTTP/3lifteque.top/js/_rtc.f86a36d7.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (12222), with no line terminators Hash128d6eec0793a7e02c314d2f6245f260 c9f09311c3f229b770f38d0cc69b422430f1c748 bf1606ac64db254cc565a094e7162a96f31f7e48ddece56fc92c654559e5abb8
GET /js/_rtc.f86a36d7.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9117-2fbe"
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ouMQORWGaAxbaeLYG31U1a0Umg70UETCO2eTCdwoZ2%2F1L3E5unawLbfpnURFXbhITsH1S7AH2KgXAt%2B1Hj%2BmDeregd%2BTz6KIKzM7XbQryg4sWy0qV8mjjV0G6IZXao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cdaa0f56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/s-checkSessionStorageAvailable.ts.e8412d91.js | 104.21.17.195 | 200 OK | 330 B |
URL GET HTTP/3lifteque.top/js/s-checkSessionStorageAvailable.ts.e8412d91.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (338), with no line terminators Hash6eb1ccbb769935debb74de9858287720 5302f94074f05eb22f05368dfe3464b85c89fb48 1e016cce8f09ded837e6e46c9e26d5dddccc19bbfa89c9dc583c04d85e2c7bb4
GET /js/s-checkSessionStorageAvailable.ts.e8412d91.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9116-14a"
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JEnt8b3fdSwJurx%2FJ3926RQN86ET41aSkYa2deoV6m9qY2yTJ6CdVmWC5TVkjvuKdYfWI4dJwPvDL5C0X48HX6nexhJTK1b4TYSYgx2YIdLp21%2FwPEgofkRdQcwqcck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cdaa1556b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/config/sd/sd-2058-en.js?v=10 | 104.21.17.195 | 200 OK | 5.3 kB |
URL GET HTTP/3lifteque.top/js/config/sd/sd-2058-en.js?v=10 IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (5569), with no line terminators Hashee917c813f77acba1ff557ea4b525111 b158280c71209a9436c15c78522142cee784953e 34026ead129384c6eab29945981350cc1f82dc4cdbfc89ac7c992eafc4a49876
GET /js/config/sd/sd-2058-en.js?v=10 HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: W/"661f9116-14b7"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1U85eCrG7bK3jTPicXilFzpTYew%2FZy%2BKL5ud7SnYDDST%2BM5CUYtWM6bb%2BQCQt6p0hX%2FnLBhCYFl1ToHF%2F7H7FNXSa4%2FFR2lTGPedV3R43zXyoCT%2FVFPQGePZJ0p8s5Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2ceab1156b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/SurveyContainer.e2959212.js | 104.21.17.195 | 200 OK | 57 kB |
URL GET HTTP/3lifteque.top/js/SurveyContainer.e2959212.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (57003) Hash1716bf0d79004adf0eb2cdcd64159891 67852b096bcc8817fb0b9b98abf264e40a59310c 56cd17eb9def743ef4bc4909a6eacb77266b749181cfcaec4d478336b1c6ff21
GET /js/SurveyContainer.e2959212.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: W/"661f9116-defd"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ltKdGFHsPCPvdcNo8QnTVJC8sVdfeEWKGNRCgXIjFn40Si%2BjgqOHmoWXaieZmonQ%2FH78XKYRmQs9mbAIbY2H6uYNY4n%2BONbFoBEubpbi7x9bW2Egu7R1TmvCNPqa1Hk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfcc6a56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/favicon.ico | 104.21.17.195 | 200 OK | 1.2 kB |
IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash668ba1a9fa1890ba16cb8adc28d3dad8 5e35223b2541265114eaf61b9da2556c812fea17 7746cf1b553433822522f2dc432f55fe64eee1f1cf823ef6adfde02e58e1d7e2
GET /favicon.ico HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: image/x-icon
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
vary: Accept-Encoding
etag: W/"661f9117-47e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgdHHJ50gjJIot%2Fns9J76XNcB3Ht7R%2Fk%2Bkn0C7ko2yMNOCRYVQmIIsW4ljrH%2BfsFAlvQpv0gJWEaX9KG8W%2BOuwXBucqBisJlZ8fk2HqtqDII64Ju334KWWzzEEK0Y%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2d1ff5856b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-redux-toolkit.esm.js.fe3487ca.js | 104.21.17.195 | 200 OK | 11 kB |
URL GET HTTP/3lifteque.top/js/v-redux-toolkit.esm.js.fe3487ca.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (11319), with no line terminators Hash5aa3676547abc9a38889c09e69ca968d d19ea919192e86f97c34c0a5959ad05c52299aec 21648e7ba668a077e403b6bd1a38f05d55d987737b959d57e3b3c53787107eb7
GET /js/v-redux-toolkit.esm.js.fe3487ca.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9117-2c37"
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X5m%2FRj27G0v8qZMeViBHDGqokjn22cmI9qe8oONu1XuEVXfl1clx3C5m%2FObflOz3DkzbAkduN9npTMRQ26GCaiGH27jGLmMOePKrDoKm%2BcdxAGcLmhrSDlX4Gb8Ezco%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cdaa1756b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-constants.js.49317f47.js | 104.21.17.195 | 200 OK | 600 B |
URL GET HTTP/3lifteque.top/js/v-constants.js.49317f47.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (664), with no line terminators Hashcf8c486ed295e4a6a30f4fb155bf9fd3 9942a3d40672242af15f2d5cc95df2c06872914f 83c4b13e336b66f673d082c8b9b2b20fb98772916cb5da52f9e48c929cafc9cb
GET /js/v-constants.js.49317f47.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9117-258"
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvAMxvtS5YS6Y5Fsx815xvHcVazL9nMvvYz8GW3w%2Br5Ka73MR0J%2FxFwPYnO8dyUPzZdxSkCff%2F8p0oRJuHlwEsTQCYj3qw%2FkgB163kIkXrec4Kgzmo3U%2BilbGDXt6Uk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfcc6956b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| offpichuan.com/track?offer_id=2058&z=4534663&request_var=4&variable2=3l1ks6vk3je57&oaid=affxiz02a3thxswb93zcdqili946knmc | 139.45.197.237 | 200 OK | 182 B |
URL GET HTTP/2offpichuan.com/track?offer_id=2058&z=4534663&request_var=4&variable2=3l1ks6vk3je57&oaid=affxiz02a3thxswb93zcdqili946knmc IP139.45.197.237:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectoffpichuan.com Fingerprint8B:DE:51:B7:81:9E:EA:DE:73:A4:3D:67:F9:5E:6F:7B:F4:D6:77:5A ValidityMon, 15 Apr 2024 21:54:27 GMT - Sun, 14 Jul 2024 21:54:26 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashe6246b04b7d99b675f7086e756e1f242 9f3b5f5cb9b34830dc20448a0acc83bcce5d2727 5ecadcf1c19edd16643f48e47f530b024c97a5653f98a47e14c61d5270dd7881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?offer_id=2058&z=4534663&request_var=4&variable2=3l1ks6vk3je57&oaid=affxiz02a3thxswb93zcdqili946knmc HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lifteque.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/json
content-length: 182
x-trace-id: 0ce3427f24325a95f948856482891d7f
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lifteque.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ofklefkian.com/zone?&pub=0&zone_id=6163304&is_mobile=false&domain=lifteque.top&var=4534663&ymid=4&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2ofklefkian.com/zone?&pub=0&zone_id=6163304&is_mobile=false&domain=lifteque.top&var=4534663&ymid=4&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest IP139.45.197.251:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectofklefkian.com Fingerprint04:A9:FE:8D:C9:B9:EE:6F:3A:C4:29:EA:19:AD:C3:1D:7D:3E:14:02 ValiditySun, 14 Apr 2024 05:38:05 GMT - Sat, 13 Jul 2024 05:38:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6163304&is_mobile=false&domain=lifteque.top&var=4534663&ymid=4&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest HTTP/1.1
Host: ofklefkian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:35:37 GMT
content-length: 0
x-trace-id: 321455f5ac292f0ceb4c282e49b72ef2
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| lifteque.top/css/betting-survey.e1fedc09.css | 104.21.17.195 | 200 OK | 27 kB |
URL GET HTTP/3lifteque.top/css/betting-survey.e1fedc09.css IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (16783) Hash76295efc6bef5edde2a49093b9d43d78 b2a24e3cdc1f7baa36090667190d251fd2c33430 b7d11adaa402b41da5689f40a357809b0e4215e5c046544db1894c15e9433664
GET /css/betting-survey.e1fedc09.css HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: text/css
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: W/"661f9116-6863"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bj7Ooj8F2BJzWavtJQpLsHb%2FQVpfFzwCtY5FrXugsLe0AuuGSKSe8Qu3MX55LeXEBIxg2uYntUdfWBSBeFmw9OmPlUSYASwuI3T4nK6PGmDpfp5CxkQ%2Bq5Z%2FiNs0Bcg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2ce9af156b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/src_js_components_Footer_Footer_tsx.412b820b.js | 104.21.17.195 | 200 OK | 1.2 kB |
URL GET HTTP/3lifteque.top/js/src_js_components_Footer_Footer_tsx.412b820b.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators Hash5127f6cbde5f1ef64abffedd42cc5f3a 22b88da4ed5ee1a1040cf551c63a2ab822dc227a 00c01c9a9cf0c66ac7e1b9faf1a3679085c27101d8cec28a4b1b162e845d7f26
GET /js/src_js_components_Footer_Footer_tsx.412b820b.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: W/"661f9116-48d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84HIPrR5S2f4f5YwT85Fqy8NMTYyLQcnFp16RObkmlW9Ql57x7AMxTzSBeH%2BcerpT%2FDJ8TUUUsgxWPnFKVaW%2BHN1Q3iRnwhL7jiZXqP4oeGgJ29xWhfpJ8otyJgGLx0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfcc6f56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/src_js_parts_replaceUrlTermsAndRedirect_ts.9d33b37f.js | 104.21.17.195 | 200 OK | 347 B |
URL GET HTTP/3lifteque.top/js/src_js_parts_replaceUrlTermsAndRedirect_ts.9d33b37f.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (357), with no line terminators Hash9ece9fc849871b7d08fa384867d6260a 49abdc7c36433be2cc6f22f08463f7ab5ebea6b4 b2845a23412d099e6a272b613412c8001899103c31678add71c60fe1b00df6d6
GET /js/src_js_parts_replaceUrlTermsAndRedirect_ts.9d33b37f.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: W/"661f9116-15b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Mf40eXtJ1Ld5fFphN6abD6baQ7YyWtC9EsMG1rkpbXst64LL0X461UlBqdbYh0CC%2BRn6ozJJIMHWfSjMhCJu4tGpswc46NkpgNNktRKreW%2BKXy2Ncu0k9m8EGaNrzY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfcc6c56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/config/dict/cookie-consent-1.json?v=10 | 104.21.17.195 | 200 OK | 6.8 kB |
URL GET HTTP/3lifteque.top/js/config/dict/cookie-consent-1.json?v=10 IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (6009), with no line terminators Hash4b2ff958e811a50d2f641818590b443d 6abae297812bb55fad869e953e7fdf7469cbe1ae 9c77a5f3d0028d9ba122ed15728ee7b144619431f8302503a19c5785ddaa06b8
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/json
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: W/"661f9116-1a65"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OUXNnbGl4WXwSRhjNoO7nZY1RzuY9zgAUwa%2FPJv9AZuOCjwN3%2F11QmatOnMdupQ6MBOzMCIGjf%2B0bTnUcLKmao%2BZ6epCjXmrY5GWJb%2BRI6uvasSVrOfPPp08oRfTAY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2ceeb4d56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/pfe/current/micro.tag.min.js?z=6163304&sw=/sw/sw6163304.js&var=4534663&var_3=null&var_4=null&ymid=4&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 | 104.21.17.195 | 200 OK | 27 kB |
URL GET HTTP/3lifteque.top/pfe/current/micro.tag.min.js?z=6163304&sw=/sw/sw6163304.js&var=4534663&var_3=null&var_4=null&ymid=4&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (27174), with no line terminators Hash75c26ccd65e96e912725399ff3ce66e9 d300939979d2048844dc5ac80c51ed8121126f4e c9db5c92934b273ad485c58710d6fbc2d580c2923a99bb456b18cb5e1465f5cf
GET /pfe/current/micro.tag.min.js?z=6163304&sw=/sw/sw6163304.js&var=4534663&var_3=null&var_4=null&ymid=4&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: W/"661f9116-6a26"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p18MQrY6gEZ0ORopJUwKnSBMVMmQwLwkO5JHXa7oTzGy4w84sJTOkSwbDvrSI3jjVekWksImk9TwXctYjM8jixZN3huwyWtbv2MgknNhuBbJtFtIOMPNIOBgijx%2FdmE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfac4256b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/_core-survey.1b09882a.js | 104.21.17.195 | 200 OK | 170 kB |
URL GET HTTP/3lifteque.top/js/_core-survey.1b09882a.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
Size170 kB (169673 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/_core-survey.1b09882a.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=169676
etag: W/"661f9117-296cc"
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HlfhkRuoGUKQWcVu%2FXewGVZDc5D%2BnuP8BI27EaSUvJI0dsR5w20NGKpyTJTTkVa2W2v%2BWZI%2BN0tmN7UmaUy0XphrxDYe7lN61K8c%2ByBXkRiwYTCKcKhUUWitQ%2FJ99nA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cdaa1a56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-dom-to-react.js.26fdf751.js | 104.21.17.195 | 200 OK | 1.1 kB |
URL GET HTTP/3lifteque.top/js/v-dom-to-react.js.26fdf751.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (1101), with no line terminators Hash5693cb2629dd3231ce6fed788c41b150 872d71cae7dddc37389be6bae0fc4a5b611ec9c0 b312636bf1d349d818517865e89c22f8b9ef9e61d1805cf315e44241ccc05d26
GET /js/v-dom-to-react.js.26fdf751.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9116-43d"
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2FY8m7kSLqnb0j2TROx7FtO0GY9jDSMnvQa2Qk8ITPSOeEelB%2FGptRenhVsyTi%2ForIYJjF%2B9jVQj7idzrYJVyjyp0HIIBwxKqUW98DfnEOSMxqPLnjkmQekUSDxDqFE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfbc5c56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-html-to-dom.js.ff1ae7e0.js | 104.21.17.195 | 200 OK | 364 B |
URL GET HTTP/3lifteque.top/js/v-html-to-dom.js.ff1ae7e0.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (373), with no line terminators Hash57f543d4f79657dc92755e2f2031da65 4884f924743049d7812b58958633a40f65e159b5 0fcc39a4a2b765b1ed92a6093fe6dc70e0a886914746f5af6fda6e3d1dc7417d
GET /js/v-html-to-dom.js.ff1ae7e0.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9117-16c"
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=imdenWOvsthTSQRIpjT49KxGvdhJgaVGLGbQvPAVq8scvZEjIjTmd28FuMPJ%2BWtbIIaJ%2B8VTvDCTd2MtxAoZrF928bd7NVlQEICKGzvCWpAPdwpq%2BAM6GwvTu3H0I1s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfcc6856b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/css/src_js_components_Footer_Footer_tsx.ae79160e.css | 104.21.17.195 | 200 OK | 384 B |
URL GET HTTP/3lifteque.top/css/src_js_components_Footer_Footer_tsx.ae79160e.css IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (385), with no line terminators Hash96e0e3300f296423edf36d38d86618a3 85917c7d784ad37b14889c01fbf9fc8eb0cc8e72 629a53a1d8716a3d8505a2bb99ed3c249a1744cc11b7a815cde02e064dd09cba
GET /css/src_js_components_Footer_Footer_tsx.ae79160e.css HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: text/css
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: W/"661f9116-180"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2QRjP7YlGebiIJTTMrS56KtvHZgEk6LgO244Q82bKN5HDFKy8XKiNUjj3zzcHjYzNlqx%2F%2B5PKX9iRyIX2B8hnsv%2B4I%2FU%2FgkB26parphlZ7NO%2FmLIUuZnen3I90ww7eA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfcc6d56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/sw/sw6163304.js?var=4534663&var_3=null&var_4=null&ymid=4&ab2_ttl=5184000000 | 104.21.17.195 | 200 OK | 1.3 kB |
URL GET HTTP/3lifteque.top/sw/sw6163304.js?var=4534663&var_3=null&var_4=null&ymid=4&ab2_ttl=5184000000 IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (1381), with no line terminators Hash3787ac5c21418ba3e7a105218766cef3 da8f800758f781c09600f221c9fae59e0d93a669 1376b9e0ea57659418877e9756c4a2443f7d3c61e972cf56e5d522ff6ce83713
GET /sw/sw6163304.js?var=4534663&var_3=null&var_4=null&ymid=4&ab2_ttl=5184000000 HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: W/"661f9116-529"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7TL4PKF3fRHRfacac8uuxLOWKU1Jd1A0IwJVww04Kvnmf22mjDv9%2BV6P1g7W2Rxb9%2FUKdb0QBzVhZZhEZ723hywIgJYQqhGbtgqXGognoehFIuptJknlFjKD46nHfPE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2d0edba56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-node.js.28d8082c.js | 104.21.17.195 | 200 OK | 6.3 kB |
URL GET HTTP/3lifteque.top/js/v-node.js.28d8082c.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (6337), with no line terminators Hashb11cf8c1d8d8183e4d11a8f17a41189c 2f912e66ec3992d21e66e7c8e4ff40a2142a4d64 9e69f7af4cfb7fa8b5eb0d67ed8a36f5d23c276ba29b7209565faefab84b71ba
GET /js/v-node.js.28d8082c.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9117-186b"
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QM7OYt1XnOZW9j%2BlsaBh4kYhuwF2PguG34CZKSIbVziXx%2BU73Si9Q8mUeomLLbgagGQxLyWliGKG3kZxoYSSo%2FfTQdSkiwb3yAzUcwbhrNtrvEWXT4ASmMaiHCr1rvY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfbc5156b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-domparser.js.97173b2e.js | 104.21.17.195 | 200 OK | 1.7 kB |
URL GET HTTP/3lifteque.top/js/v-domparser.js.97173b2e.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (1772), with no line terminators Hash46dd2964e007bc585a8f72ed695089e8 d02de9abf34cf05d707899e2562c067a8e5326bc 96d95d967e2f5ca4a1be19cf0d21f756ba2d0295ad5f4e967048054e85f6072f
GET /js/v-domparser.js.97173b2e.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
vary: Accept-Encoding
etag: W/"661f9117-6b8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Et1bAXgPD3WYTnQ4ArpBbC2vzVnmE86Xh%2BVudd42uBJqQlwelTGGU2SVQet0MjjFN8V2wUZdwxj4ayFilLaXmlRLErMAgNVa6wBcNLF8MzYYsn1YSBihGRu3MUXz9Qo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfbc5a56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/css/_core-survey.d3ac2ee0.css | 104.21.17.195 | 200 OK | 83 B |
URL GET HTTP/3lifteque.top/css/_core-survey.d3ac2ee0.css IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with no line terminators Hash30d726a40ffe74d794b282ca1795b44c b43155653a1b9cc8d257687df9a75e0f204db348 4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
GET /css/_core-survey.d3ac2ee0.css HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=84
etag: W/"661f9116-54"
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qPPsEL4di%2FWf3WtDB2X3n0%2BdPwxlR6okTvhTWlMAPq396W7UL3fXRhaKy9YBfJvnGgiId%2Bw6QY%2FhF9ZX90IJjgu1YfjBtlbm50I3EpkHikk9chquRB5FQRROCGymPZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cdba2856b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-utilities.js.d1112fc4.js | 104.21.17.195 | 200 OK | 2.6 kB |
URL GET HTTP/3lifteque.top/js/v-utilities.js.d1112fc4.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (2645), with no line terminators Hash3f45699a0edf3555d230727e3e1ba866 f30b9f52153e77b9ce60a30ecb15f36657792908 1b312ac32a5c37ffe1c4bf861a048a76d807155fe494adf5dd356d067367f488
GET /js/v-utilities.js.d1112fc4.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9117-a11"
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jHLwn8cSjXRoP46FyDIXz53sYZk9iaWFoGQJY6e2TvAivy6KWN%2Fz6QqQtQ6A9Wd36YLLooSum%2Bx1RKAxaY8oQTZB%2FcIQ5W7OjFA5TMSj%2FYfqZauXer%2FAjv3RfS4mecI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfbc5956b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-index.mjs.19622407.js | 104.21.17.195 | 200 OK | 35 kB |
URL GET HTTP/3lifteque.top/js/v-index.mjs.19622407.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (35287), with no line terminators Hash1de1ec2d8e7940b88970d8fbce40ed6d 510aa24127fb8bc3578d9ca4628b2eea5a84ce01 b473156bef833bcfb2e84658093f1ebc1e64011dcba904e26ccb31f1cad8b762
GET /js/v-index.mjs.19622407.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9117-89d7"
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qqNsOw8vl3EQaV7f4geSoaIfLWwumBGsB9HEY27g2Rbkqws4Ok9%2F0oX3JGy1z4v0M7b1%2F2diyJcyPIXNzqurKWk5lSu8MD%2FsP3C6zXmWBig%2Bi5N932g1%2F5XrcSS1AVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfbc4f56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/v-attributes-to-props.js.a2e7cd04.js | 104.21.17.195 | 200 OK | 702 B |
URL GET HTTP/3lifteque.top/js/v-attributes-to-props.js.a2e7cd04.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeASCII text, with very long lines (718), with no line terminators Hash4f868b7a0330d32e1450766a54886355 4b5952301185e7b02e2cdcba80f4aea3de700c47 2435c4b396d0b35fca9f618a201479cdcd64e84d43a386eec071a4082d7a781f
GET /js/v-attributes-to-props.js.a2e7cd04.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:32 GMT
vary: Accept-Encoding
etag: W/"661f9118-2be"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jCFe%2Fl9YKdF0IZ%2FoL8U0LF10jXj%2BqQQUY%2Bft%2BspjPq21MSCZKHMyxchyOi2HdvFiyoMP0%2FvU9oXrO9WN8tJa74l%2FkqagJhWkdHVy7oYbSaPN3t6rAPH7KHK6fA2iYQM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfcc6756b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lifteque.top/js/BettingSurvey.ca3ef9f6.js | 104.21.17.195 | 200 OK | 2.2 kB |
URL GET HTTP/3lifteque.top/js/BettingSurvey.ca3ef9f6.js IP104.21.17.195:443
Requested byhttps://lifteque.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=3l1ks6vk3je57 CertificateIssuerLet's Encrypt Subjectlifteque.top Fingerprint46:51:F7:27:16:B9:30:19:D1:CD:ED:EE:42:CB:5C:66:1B:F5:8D:6A ValidityWed, 27 Mar 2024 15:34:19 GMT - Tue, 25 Jun 2024 15:34:18 GMT
File typeJavaScript source, ASCII text, with very long lines (2273), with no line terminators Hashae05ba2003a03f49524f07f9b5512250 8cf00a4c457e550d417223acca97a191e13f99fc 4147796684c5a6263e5990e94893d55dd21331e1679a22576f16303d9d7089a8
GET /js/BettingSurvey.ca3ef9f6.js HTTP/1.1
Host: lifteque.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=affxiz02a3thxswb93zcdqili946knmc; syncedCookie=true; oaidts=1713947737; ID=affxiz02a3thxswb93zcdqili946knmc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:35:37 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
vary: Accept-Encoding
etag: W/"661f9117-894"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUiIxmNXKfqa%2F6R%2B4b%2BdB2K%2F4%2FWIQxkxAXz9vdbxSyTkUo5BBEz1pWFncOxmzhUYQozoYfnGhMCqb8fSbVj2gqIN57x4csTRMUmFq2gO6VL8Cul2hZV8YYk0gn1vKUk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794c2cfcc7056b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|