| tsapphiresand.info/?fmon=1034002 | 143.204.55.74 | 302 Found | 0 B |
URL User Request GET HTTP/2tsapphiresand.info/?fmon=1034002 IP143.204.55.74:443
CertificateIssuerAmazon Subjecttsapphiresand.info FingerprintA7:1D:3F:E0:46:7C:B5:7D:A5:C9:29:9D:A0:47:AB:FF:CD:9F:AF:BA ValidityThu, 28 Mar 2024 00:00:00 GMT - Sat, 26 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?fmon=1034002 HTTP/1.1
Host: tsapphiresand.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/plain
content-length: 0
location: http://xml-v4.tri.media/click?i=GbnThI1KxSM_0
date: Fri, 10 May 2024 10:39:52 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=8b5c0890-f70b-4551-9875-ee0c2df0d598
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZkvadiYtuHy7Ef1vStd5NnwnZq90wRc6xj3-hU8svgecB8z4qZ47vQ==
X-Firefox-Spdy: h2
|
|
| xml-v4.tri.media/click?i=GbnThI1KxSM_0 | 174.137.133.17 | 302 Found | 0 B |
URL User Request GET HTTP/1.1xml-v4.tri.media/click?i=GbnThI1KxSM_0 IP174.137.133.17:80 ASN#27257 WEBAIR-INTERNET
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=GbnThI1KxSM_0 HTTP/1.1
Host: xml-v4.tri.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Connection: keep-alive
Cache-Control: no-store
Location: https://track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568216&siteid=625761&cost=0.0005&conversion=h78B0VVZ8SA
Content-Length: 0
|
|
| track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568216&siteid=625761&cost=0.0005&conversion=h78B0VVZ8SA | 143.204.55.92 | 302 Found | 0 B |
URL User Request GET HTTP/2track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568216&siteid=625761&cost=0.0005&conversion=h78B0VVZ8SA IP143.204.55.92:443
CertificateIssuerAmazon Subjecttrack.jajaloop.com FingerprintB2:8B:F7:DA:FA:DB:BD:98:DB:88:6D:5F:F8:30:A6:60:19:63:73:FE ValidityWed, 17 Apr 2024 00:00:00 GMT - Fri, 16 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568216&siteid=625761&cost=0.0005&conversion=h78B0VVZ8SA HTTP/1.1
Host: track.jajaloop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
location: https://www.linkbux.com/track/b5b20v1WkH7yi3TVxNZSP_bZiP8BiX_bmVlpBSmwsA0XJAnB4zpMQWeZu6ygAKfBA4KJDLBkXLkA_c_c?url=http%3A%2F%2Fwww.dyrekassen.no&uid=wrg7i67nm3gi6i613vtn8qns&uid2=6354964
date: Fri, 10 May 2024 10:39:53 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: 717a0983-e961-4ed5-98dc-35fbb30c40f8-v4=SPUP7SbhY-pdR5rpTLp5sMFpZpBoKy--hzOkRofsI3c; Max-Age=86400; Expires=Sat, 11-May-2024 10:39:53 GMT; Domain=track.jajaloop.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22wrg7i67nm3gi6i613vtn8qns%22%2C%22caid%22%3A%22717a0983-e961-4ed5-98dc-35fbb30c40f8%22%7D; Max-Age=31536000; Expires=Sat, 10-May-2025 10:39:53 GMT; Domain=track.jajaloop.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RCLWkGf0mCpg2J5mTNXmfIEnTj0pQxctwhKYJbPw7LCYRKoIQ35msg==
X-Firefox-Spdy: h2
|
|
| status.rapidssl.com/ | 192.229.221.95 | | 471 B |
IP192.229.221.95:0
Hash544a2a8692953cbe54b9642919458054 a176cd13df3f16d6d35598c773b5d496e6179d83 164d8944e6d776379770a06bc481f72f0671b3703963e325a71476a948b0fe13
POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5413
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Fri, 10 May 2024 10:39:53 GMT
Last-Modified: Fri, 10 May 2024 09:09:40 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
|
|
| www.linkbux.com/track/b5b20v1WkH7yi3TVxNZSP_bZiP8BiX_bmVlpBSmwsA0XJAnB4zpMQWeZu6ygAKfBA4KJDLBkXLkA_c_c?url=http%3A%2F%2Fwww.dyrekassen.no&uid=wrg7i67nm3gi6i613vtn8qns&uid2=6354964 | 163.181.1.227 | 200 OK | 551 B |
URL User Request GET HTTP/1.1www.linkbux.com/track/b5b20v1WkH7yi3TVxNZSP_bZiP8BiX_bmVlpBSmwsA0XJAnB4zpMQWeZu6ygAKfBA4KJDLBkXLkA_c_c?url=http%3A%2F%2Fwww.dyrekassen.no&uid=wrg7i67nm3gi6i613vtn8qns&uid2=6354964 IP163.181.1.227:443 ASN#24429 Zhejiang Taobao Network Co.,Ltd
CertificateIssuerDigiCert Inc Subject*.linkbux.com Fingerprint85:43:2D:A8:86:CB:B4:03:47:26:A7:87:5A:80:9D:1E:E1:55:C2:92 ValidityWed, 26 Jul 2023 00:00:00 GMT - Thu, 08 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text Hashebab6aa6f47ce6d33db8e200ffc9e9a6 d04f2a8cab301ddd46a6ec44e7830695ee521b48 9f130f36673828502e9595d8dbad10448af9ce1bae6c6b8b3da8cf46f66346f1
GET /track/b5b20v1WkH7yi3TVxNZSP_bZiP8BiX_bmVlpBSmwsA0XJAnB4zpMQWeZu6ygAKfBA4KJDLBkXLkA_c_c?url=http%3A%2F%2Fwww.dyrekassen.no&uid=wrg7i67nm3gi6i613vtn8qns&uid2=6354964 HTTP/1.1
Host: www.linkbux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 10 May 2024 10:39:53 GMT
Vary: Accept-Encoding
Set-Cookie: discuz_2132_saltkey=VjWCzSWZ; expires=Sun, 09-Jun-2024 10:39:53 GMT; Max-Age=2592000; path=/; httponly
discuz_2132_lang=en; path=/
discuz_2132_lang=en; path=/
Content-Encoding: gzip
Via: cache10.l2us2[120,0], cache9.ru6[294,0]
Timing-Allow-Origin: *
EagleId: a3b5019d17153375936004469e
|
|
| r.secprf.com/v1/redirect?url=http%3A%2F%2Fwww.dyrekassen.no&api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_4zkqnrr | 63.33.119.172 | 403 Forbidden | 64 B |
URL User Request GET HTTP/2r.secprf.com/v1/redirect?url=http%3A%2F%2Fwww.dyrekassen.no&api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_4zkqnrr IP63.33.119.172:443
CertificateIssuerLet's Encrypt Subjectlinksprf.com FingerprintFB:04:66:40:AF:53:56:65:25:C8:A3:54:2D:ED:20:75:A5:4C:EB:58 ValidityThu, 02 May 2024 08:32:50 GMT - Wed, 31 Jul 2024 08:32:49 GMT
Hashd8a7ac0c026c62e00d6cc9618bd84804 b56cb4113f55be24f6286cf9ee4fe1671b3ce9f8 674b8f9daea7952ad33679cb3931c9156acbbc84e4d370279013a60a2b681626
GET /v1/redirect?url=http%3A%2F%2Fwww.dyrekassen.no&api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_4zkqnrr HTTP/1.1
Host: r.secprf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkbux.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 10 May 2024 10:39:54 GMT
content-type: application/json
content-length: 64
set-cookie: ykuid=6d6030bdc2054d7eb00a017ced8ef2b6; Path=/; Secure; Domain=.secprf.com; Max-Age=31536000; SameSite=None
JSESSIONID=1C652CB823B1BDC1F5649F1B3B5C66BB; Path=/; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| | 104.21.23.4 | 302 Found | 1.3 kB |
URL User Request GET HTTP/2IP104.21.23.4:443
CertificateIssuerGoogle Trust Services LLC Subject61zdn1c9.skin FingerprintEB:A2:64:3F:F1:40:8C:4A:D1:D8:2F:52:8A:91:A8:E0:F9:03:BF:52 ValidityThu, 09 May 2024 20:51:13 GMT - Wed, 07 Aug 2024 20:51:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 61zdn1c9.skin
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 10:39:52 GMT
content-type: text/html; charset=UTF-8
location: https://tsapphiresand.info/?fmon=1034002
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=60NF8L8W9pDCF8nSnpLFyiLKY%2FaaeeTvCx7Fl5pUagzeybHAkZ8XpLt4K3RResUxqGwU3KJtFFBqVOg6h%2F%2B6HnygB4tS75Yq2i1yIGZFFF8vxMPNvSLM5YvXNdFxQx5o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88194ecfcb825694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|