mylink.name/?url=magnet:?xt=urn:btih:B43D4BC0B0F51D9BA817ECA9901BEDAA2961DAE3&dn=Tame+It-DARKZER0&tr=udp://9.rarbg.me:2720/announce&tr=udp://9.rarbg.to:2800/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce
188.114.96.1 145 B URL mylink.name/?url=magnet:?xt=urn:btih:B43D4BC0B0F51D9BA817ECA9901BEDAA2961DAE3&dn=Tame+It-DARKZER0&tr=udp://9.rarbg.me:2720/announce&tr=udp://9.rarbg.to:2800/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash dca33d79e50624118086e38d6f06474d
f77dbf575df9d76c5c06e861651654c090e7df96
05b793fb24af6aad057ea4eaebfa26c14ced0e694e7bb243ef80ed6f2931f541
GET /?url=magnet:?xt=urn:btih:B43D4BC0B0F51D9BA817ECA9901BEDAA2961DAE3&dn=Tame+It-DARKZER0&tr=udp://9.rarbg.me:2720/announce&tr=udp://9.rarbg.to:2800/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce HTTP/1.1
Host: mylink.name
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sun, 07 May 2023 22:27:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://mylink.name/?url=magnet:?xt=urn:btih:B43D4BC0B0F51D9BA817ECA9901BEDAA2961DAE3&dn=Tame+It-DARKZER0&tr=udp://9.rarbg.me:2720/announce&tr=udp://9.rarbg.to:2800/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u46XuhjW5CkOn2meaNw4aQu52A1JT01uC6rVuBcBcO%2FH7e88Ytg5qIfBeyOCVhG5WBBAs5ki13J0DNC5Kt%2BB2oVrSOiQhIgExN9cc3CcynYAA4W%2FDP38CBA34ca1SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c3ce3867ce30b3d-OSL
alt-svc: h2=":443"; ma=60
mylink.name/?hash=3X1oC0I-1%2-1FO0
188.114.96.1 145 B URL mylink.name/?hash=3X1oC0I-1%2-1FO0
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash dca33d79e50624118086e38d6f06474d
f77dbf575df9d76c5c06e861651654c090e7df96
05b793fb24af6aad057ea4eaebfa26c14ced0e694e7bb243ef80ed6f2931f541
GET /?hash=3X1oC0I-1%2-1FO0 HTTP/1.1
Host: mylink.name
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: view=1; PHPSESSID=5p2c9fk95m3vg3i0251u470u58
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sun, 07 May 2023 22:27:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://mylink.name/?hash=3X1oC0I-1%2-1FO0
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMrpdVUEJn7NOZO%2BeiC%2BVGbZ6tsT3baUSLlNchlYzf4%2FEvFp46sUxw4clY7FJ7BoumwA4UtCd0Bz65d8qg8FY33B2GoLsWQbIB%2BQ0pCO6MIniT8gVpkPX2f7L1T5xg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c3ce38aaf130b3d-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash ac7f2029f2d4d0bb7667039ea03956ab
d1dac07cea10394c0433738c2e0192b3a1e55d86
57624d3e62d566c9f88aae9345b27237a2e3dc3c951a7ff0d4e60bad0e0537f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 22:27:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash ac7f2029f2d4d0bb7667039ea03956ab
d1dac07cea10394c0433738c2e0192b3a1e55d86
57624d3e62d566c9f88aae9345b27237a2e3dc3c951a7ff0d4e60bad0e0537f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 22:27:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Ubuntu
142.250.74.106200 OK 1.9 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Ubuntu
IP 142.250.74.106:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
Hash f605804a2d688aca6d3c4d79578c82f3
fb8934cba11863c023f1e0c4a3959514ac822d74
aa84274dd77620580b17469c000f6be811ed36687f4a281e53d721d48493bce0
GET /css?family=Ubuntu HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mylink.name/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 07 May 2023 22:27:11 GMT
date: Sun, 07 May 2023 22:27:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mylink.vc/static/image/footer.png
172.67.199.51 147 B URL mylink.vc/static/image/footer.png
IP 172.67.199.51:0
File type PNG image data, 1 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f53132a7fed7833af820aaf254079e2
2ff3404e71bbf12104d0416c8e3e30d20a3837b5
70010137433e423b4167b3cb2f65f778888adf5884ea9ef6c2eeb578df66f033
GET /static/image/footer.png HTTP/1.1
Host: mylink.vc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mylink.name/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:11 GMT
content-type: image/png
content-length: 147
last-modified: Thu, 13 Jun 2019 00:06:47 GMT
etag: "5d019397-93"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 28940822
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Os8agy4kyXNoUO5hlemKZdzEMmcrHBeI5QX3PhqeiTZ1Mcnu9R8GslJRRRlX8UFZmPnKG9lMj%2BYKj4ugP6uRHY03kEr%2Fdyv%2F3iX0ujJp7NnctP%2BjL16N4QYA6aQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c3ce38eeb410b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash d787447ecf029358e9fe8e6d7cc9fa54
d3befedcc60325f8754154c30381652dbd6f510f
64d620479312ad341816876f0ea12221cc6ef0c209491cf03e29135ec480ae11
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 22:27:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
216.58.207.227 35 kB URL fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mylink.name
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 May 2023 06:20:48 GMT
expires: Fri, 03 May 2024 06:20:48 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
age: 317183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash d787447ecf029358e9fe8e6d7cc9fa54
d3befedcc60325f8754154c30381652dbd6f510f
64d620479312ad341816876f0ea12221cc6ef0c209491cf03e29135ec480ae11
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 22:27:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mylink.name/?me=protected&id=1
188.114.96.1302 Found 145 B URL User Request GET HTTP/1.1 mylink.name/?me=protected&id=1
IP 188.114.96.1:80
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash dca33d79e50624118086e38d6f06474d
f77dbf575df9d76c5c06e861651654c090e7df96
05b793fb24af6aad057ea4eaebfa26c14ced0e694e7bb243ef80ed6f2931f541
GET /?me=protected&id=1 HTTP/1.1
Host: mylink.name
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: view=1; PHPSESSID=5p2c9fk95m3vg3i0251u470u58; prefix_views_counter=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sun, 07 May 2023 22:27:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://mylink.name/?me=protected&id=1
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByigUTnAl5VqzQBn2zQb9tmN1tZCldDw1RS64gxx86g65iMD5%2BSe1yfvctBO7W3Rwi5xT0MNFsu3rnmrJr%2Boe%2BksnSOzw3nTcVlhU4JR2hxsaa8rNq1xLboGsfc8JA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c3ce3968dfd0b3d-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash a55a55f7a4256f8f2afd843f225d7a8f
bf441ccb3ee9df784012ee995dcf828f0640c9cd
2b5123bb742e5d5e4bb80da1595aa3aa0105472a0fe4e7ab03200dcac4a8341e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 22:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash ac7f2029f2d4d0bb7667039ea03956ab
d1dac07cea10394c0433738c2e0192b3a1e55d86
57624d3e62d566c9f88aae9345b27237a2e3dc3c951a7ff0d4e60bad0e0537f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 22:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
172.67.199.51200 OK 15 kB URL User Request GET HTTP/3 IP 172.67.199.51:443
Certificate IssuerLet's Encrypt
Subjectmylink.vc
Fingerprint72:15:DA:FA:11:89:F8:86:EA:3E:10:E3:C7:E6:D4:D7:C4:37:CE:A9
ValidityFri, 28 Apr 2023 03:28:35 GMT - Thu, 27 Jul 2023 03:28:34 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32414), with CRLF, LF line terminators
Hash ec57c0b2f636934b7c3efba2a0b3af64
80c76cc0eb78bf8292a0cd5562b0afdc00fd5ca7
9fcbacb121b312011985b48341d33c9d884bae4cdaaececcff76829810654246
GET /my/recovery HTTP/1.1
Host: a.mylink.vc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: view=1; PHPSESSID=tedsmoe6eqauluek6loao1m3ks; first_time=yes; tab_id=99091677
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: text/html; charset=UTF-8
set-cookie: view=1; expires=Mon, 08-May-2023 22:27:13 GMT; Max-Age=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8S3o6ODP8tNX3RKGQtklUD51TR6lmBh%2Bc4zPMc049PB4OIr9mpQJFBikXOSrpBiwS0fssG7iq1OWB3EwAckxoaG6fRuSwr6bQpjNfoYvOzrMb0oMEbeEvnNwvIFSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c3ce39aa8beb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ads.themoneytizer.com/s/requestform.js?siteId=59857&formatId=1
185.76.9.25 20 kB URL GET ads.themoneytizer.com/s/requestform.js?siteId=59857&formatId=1
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint00:06:A5:1C:82:09:6A:B6:CB:1E:1E:F5:8B:D2:4A:EC:1C:88:B0:06
ValidityWed, 01 Mar 2023 04:56:50 GMT - Tue, 30 May 2023 04:56:49 GMT
Hash c56a0d7da9e793252948c48216f8b9bc
9b3821a394b31717ec81c6fa27e6a4968c099f73
dd692b5e83cceebe05058d9e5f579a9d0ea088629143e7d6d71f28068c134cd9
GET /s/requestform.js?siteId=59857&formatId=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRQVt6D/rVYDAA
x-77-nzt-ray: af585630ebace115c22558643b96650d
x-accel-expires: @1683884437
x-accel-date: 1683279637
x-cache: HIT
x-age: 218797
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 0235c16024f816c08c15bcd38c1efccf
d7660b46f6a13426c9262608f0822f056e6e95b7
a7f70e8793c5537278b5258cc3de7f3ecb0c2b953ab626974f0a081720dae05d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 22:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PC2RG39
142.250.74.168200 OK 45 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PC2RG39
IP 142.250.74.168:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintCA:2C:8E:2F:14:74:84:57:8C:39:86:59:92:AC:A1:7C:C8:FA:99:CA
ValidityMon, 17 Apr 2023 08:16:32 GMT - Mon, 10 Jul 2023 08:16:31 GMT
File type ASCII text, with very long lines (9671)
Hash 04b306200b37b4c97bdd48a5cd031d71
b816e1e334317f6c2a02aa4d6bbb96215a2825be
fbc53d5ad9d476a1a7e01b924108477e468605bd4cbb73f1671f660ba6af6ccd
GET /gtm.js?id=GTM-PC2RG39 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 07 May 2023 22:27:14 GMT
expires: Sun, 07 May 2023 22:27:14 GMT
cache-control: private, max-age=900
last-modified: Sun, 07 May 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45180
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 5d0520916926003c51a89e9accd887f7
d7456c8169fb184e2dbf9d49030da3d8acb9c8b4
a54cf667029c3b7cbf6948e4186a42d61c936412bc4e2ccbd80a420ff29a4bc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 22:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
172.67.199.51302 Found 2.9 kB URL User Request GET HTTP/2 IP 172.67.199.51:443
Certificate IssuerLet's Encrypt
Subjectmylink.vc
Fingerprint72:15:DA:FA:11:89:F8:86:EA:3E:10:E3:C7:E6:D4:D7:C4:37:CE:A9
ValidityFri, 28 Apr 2023 03:28:35 GMT - Thu, 27 Jul 2023 03:28:34 GMT
File type gzip compressed data, from Unix\012- data
Hash bb1dbe79771f45807efa9f83e7a5b00c
cf86a350e6d1d7297dc6061d5b753983e887bdb4
e13f4fd88028a98c1aedadba70d1752ca5ab64c26a4f1cc4a7f258085a2de4e2
GET /51hhVVJoCfIp HTTP/1.1
Host: a.mylink.vc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Sun, 07 May 2023 22:27:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: view=1; expires=Mon, 08-May-2023 22:27:13 GMT; Max-Age=86400
PHPSESSID=tedsmoe6eqauluek6loao1m3ks; path=/
first_time=yes; expires=Sun, 07-May-2023 22:51:13 GMT; Max-Age=1440
tab_id=99091677; expires=Sun, 07-May-2023 22:51:13 GMT; Max-Age=1440
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /my/recovery
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMucuise%2FnSIyz6c79UKNwiG1OVQywWQGiJeaB2r7yEVEqjCsYAxwZZDjI8pU68hJnBUbg5Ao%2FkNizNkT3tBUjlztmbl6DkukeCS05fb6M3oRQB8yKWciCxSO0TRCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c3ce3995fa9b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
glimtors.net/ntfc.php?p=3150479
139.45.197.251200 OK 51 kB URL GET HTTP/2 glimtors.net/ntfc.php?p=3150479
IP 139.45.197.251:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subjectglimtors.net
Fingerprint0E:8E:C3:74:56:C9:4B:21:1F:10:F9:1B:2D:4B:68:52:29:29:30:05
ValiditySun, 26 Mar 2023 05:22:51 GMT - Sat, 24 Jun 2023 05:22:50 GMT
Hash 0b22df5c4263fb8d55718301362b8f66
37b0c1601fd94d7ae5554f32434af30ac0c572da
a09b6787db80d4a096f8e8322f435970d22ce59c7168d14d85ffeee23251eeb6
GET /ntfc.php?p=3150479 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 22:27:14 GMT
content-type: application/javascript
last-modified: Fri, 28 Apr 2023 10:39:52 GMT
etag: W/"644ba278-383a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1683498438235
51.89.9.251204 No Content 0 B URL GET HTTP/2 onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1683498438235
IP 51.89.9.251:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint1B:3E:A7:6D:D6:26:C6:9E:AB:38:DE:9E:22:71:64:8C:9F:91:0B:7B
ValidityWed, 28 Dec 2022 00:00:00 GMT - Sun, 28 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2a897e3f18e6769&cb=1683498438235 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
c.tmyzer.com/c/?s=59857&f=6&fi=99
54.38.64.100200 OK 0 B URL GET HTTP/1.1 c.tmyzer.com/c/?s=59857&f=6&fi=99
IP 54.38.64.100:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subjectc.tmyzer.com
Fingerprint62:C0:86:A4:BC:A4:5F:E4:BF:81:77:9A:9C:CB:94:08:D1:34:BE:46
ValiditySun, 26 Mar 2023 06:03:42 GMT - Sat, 24 Jun 2023 06:03:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=59857&f=6&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Sun, 07 May 2023 22:27:14 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
access-control-allow-origin: *
x-iplb-request-id: 5B5A2A9A:2832_36264064:01BB_645825C2_159D0698:25711
x-iplb-instance: 38436
ad-delivery.net/px.gif?ch=1&e=0.38158487430467225
104.26.3.70200 OK 43 B URL GET HTTP/2 ad-delivery.net/px.gif?ch=1&e=0.38158487430467225
IP 104.26.3.70:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:7E:C3:56:0A:04:84:BD:24:32:3D:C3:8E:66:52:26:37:E8:90:D3
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.38158487430467225 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdsQYtP2kx_4bKDGvrPBP794GF6O_jwpB4yW18TaVjKy5FIN9Gi5ekzKXgb_RxDVqUqSzG_1jiQqfCtZpqvXHPkO1hMsyk22
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Mon, 01 May 2023 19:33:13 GMT
cache-control: public, max-age=86400
age: 530246
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjfPSKWtJnrXdrC0tfJvCpqcbK2FYaHdnI5%2FVNJ7UfSXfjKdBxMM9tYup1mRjDvIPJAHM44y8sf2Yn45uiuokuoxnSvsraWZrwMeuf46YTCYQ7TAGJg4gMJ4xu6KaZMI5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c3ce3a15fb5b523-OSL
X-Firefox-Spdy: h2
spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
104.22.25.87200 OK 655 B URL GET HTTP/2 spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
IP 104.22.25.87:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3B:56:4D:4F:0A:90:47:5B:07:F8:ED:CD:91:23:F7:D5:B3:86:F0:26
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 4f1c59acdc415033a908e0e0c1ca6c45
dbabf287f8d678bf25d80ce474570de3e6b229e8
6fe7502b8f4c2343e46f9879006e72f497176e3cca3018295bf2580d28ba7d3d
GET /?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://a.mylink.vc
set-cookie: zc=9624ad9d-8729-4b3a-5e8d-0884e1016213; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
zsc=i%19%03%12%9C%0D%94%D7xR%9B%16pW_s%06%5B%3D%C29%A0n%5DE%B7%CC%A9%18%ED%DEGbi%A6%1F%EFI%B5%DE%D5%C7%17%5E%DF%E4%A8%BF%1F%BA%C8%E9%85%AD%B3%12%D7%21%8B%F0%9B%C2%C5%A8%BD%9C%F3%EF%E0%24%B1%0B%ADI%CB%D8DU%C1%B4%C5%B7h; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7c3ce39fca2bb52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.mylink.vc/user.php
172.67.199.51200 OK 46 B IP 172.67.199.51:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subjectmylink.vc
Fingerprint72:15:DA:FA:11:89:F8:86:EA:3E:10:E3:C7:E6:D4:D7:C4:37:CE:A9
ValidityFri, 28 Apr 2023 03:28:35 GMT - Thu, 27 Jul 2023 03:28:34 GMT
Hash d8dab33f258d0212793f97ef884be722
b78e60b77d98639261d440fa272d044ff80bb4bc
1bcead0e50cc58958e99045fda5e6e37aa9439cda934c276fdefe226d06be5e0
POST /user.php HTTP/1.1
Host: a.mylink.vc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 39
Origin: https://a.mylink.vc
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/my/recovery
Cookie: view=1; PHPSESSID=tedsmoe6eqauluek6loao1m3ks; first_time=yes; tab_id=99091677
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axKA1ILvxe7lIJ%2BwOeQXAhtYIx7gKoCXzGcPbGpM9R6kE86xdtc9nnwbYti2v2l31%2F5WLitW%2BSAYJ%2BysFUMuwcdeYSvyDbGgPSDx9C5weYObTiMAZdFKSUpsXR4KFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c3ce39d8af1b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css?family=Ubuntu
142.250.74.106200 OK 971 B URL GET HTTP/2 fonts.googleapis.com/css?family=Ubuntu
IP 142.250.74.106:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
Hash b9da1ec9694369cddb53610a31f7eb1a
af9d6bad5b107073ebf99244b2aef05e395c1c69
c38843e32afd1ba48adf51e5b001ffc116abe6b796270d77a514c6c042108523
GET /css?family=Ubuntu HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 07 May 2023 22:27:14 GMT
date: Sun, 07 May 2023 22:27:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mylink.cx/?me=protected&id=1
172.67.189.23302 Found 648 B URL User Request GET HTTP/3 mylink.cx/?me=protected&id=1
IP 172.67.189.23:443
Certificate IssuerLet's Encrypt
Subjectmylink.cx
Fingerprint46:B1:F5:66:3E:66:2D:46:01:D5:92:D0:46:BD:8A:1F:66:21:41:3C
ValiditySat, 06 May 2023 00:27:14 GMT - Fri, 04 Aug 2023 00:27:13 GMT
Hash 92e347431fa6cf1989dd75b65050af5f
b882ae0cb266967afebd5955b49285b9876bc58b
3be8f02217a1047e6d92371f9c7a3647055e275e943957d25ea9cc37af747370
GET /?me=protected&id=1 HTTP/1.1
Host: mylink.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 07 May 2023 22:27:13 GMT
content-type: text/html
location: http://mylink.name/?me=protected&id=1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IILsImV097NL7Zlz3jfDurYndhdG4FgGRr%2BGUyTKp2kxy4ArLKpwksDF2s9BxpOVYHWILJCfzA4VYI%2F%2FSaKFGB1IjhqKI7pE%2BrmiBD4m2tC0ztznK%2FJpybWtZXI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c3ce395fd95b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
hosehonoured.com/01/e8/35/01e835b4b880f0a66ecd3cd0ff9e49d1.js
192.243.61.225200 OK 13 kB URL GET HTTP/1.1 hosehonoured.com/01/e8/35/01e835b4b880f0a66ecd3cd0ff9e49d1.js
IP 192.243.61.225:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subjecthosehonoured.com
Fingerprint1E:A3:CB:87:23:19:42:5D:54:46:21:EF:15:39:0F:9A:D9:50:68:2C
ValidityFri, 17 Mar 2023 06:43:10 GMT - Thu, 15 Jun 2023 06:43:09 GMT
File type ASCII text, with very long lines (37168), with no line terminators
Hash 2488f46bddd91d81c990566b5664cffd
3cae25510c4e9907a4b9e50b63e66caa59495a55
d1f7dcab791e4cb67d36020d4f5c0d79b97c7f283056bfd8e09d2ac9c73d4d9d
Analyzer Verdict Alert urlquery suspicious Suspicious - Suspicious Javascript code
GET /01/e8/35/01e835b4b880f0a66ecd3cd0ff9e49d1.js HTTP/1.1
Host: hosehonoured.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 07 May 2023 22:27:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 52269dcb1d1e86005f48b90dd9dc2718
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint74:B2:31:E9:6E:77:8E:33:B3:9D:61:F0:29:AA:AA:21:BB:5E:45:12
ValidityWed, 15 Feb 2023 21:34:45 GMT - Tue, 16 May 2023 21:34:44 GMT
File type JSON data\012- , ASCII text
Hash 4fe8dd1dca34106d29271c6693dc15fd
bb86ab4eef6522f7aba25c12a62c29d6246757f5
74b0716da1db24ac428f817abcc0939e29a8ad7b8a5c717fab1a3242b79de96b
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 22:27:15 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://a.mylink.vc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=585e70bbf3154156a498f862538c5297; expires=Mon, 06 May 2024 22:27:15 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68 471 B IP 104.18.32.68:0
Hash 58e3a0a83b083c0e71ab45327d500d86
50768bfb1f72a1dbf3a1fbd938fe89d4b368fcf3
5df34a39142ed806fccaa62f6691c86865d20b61bc30c307099b66a55cabdbda
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 22:27:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 07 May 2023 03:55:43 GMT
Expires: Sun, 14 May 2023 03:55:42 GMT
Etag: "50768bfb1f72a1dbf3a1fbd938fe89d4b368fcf3"
Cache-Control: max-age=537506,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7c3ce3a2ad8d0b49-OSL
mylink.name/?me=protected&id=1
188.114.97.1302 Found 6.8 kB URL User Request GET HTTP/1.1 mylink.name/?me=protected&id=1
IP 188.114.97.1:80
Hash a8ad48b994f8415f5de9555b9777e11a
69a5f4e4017b84cb5d64a04c2feb52d524f3697b
a5e1cd8f129dec1a28efc220ec09ef82bc4db8ef4c0554c3f0a9dce2a0b21269
GET /?me=protected&id=1 HTTP/1.1
Host: mylink.name
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: view=1; PHPSESSID=5p2c9fk95m3vg3i0251u470u58; prefix_views_counter=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 07 May 2023 22:27:13 GMT
content-type: text/html; charset=UTF-8
location: https://mylink.vc/get.php?url=bWFnbmV0Oj94dD11cm46YnRpaDpCNDNENEJDMEIwRjUxRDlCQTgxN0VDQTk5MDFCRURBQTI5NjFEQUUz&version=v2
set-cookie: view=1; expires=Mon, 08-May-2023 22:27:13 GMT; Max-Age=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYVdkwzeKLn8mKHS%2BzSGJQ5sh5Q6zzN5XLtCU%2BWk3fGIdWBaVrQrONhZR7grvz1aye20MHfin0H2U4OF5Y5M8W8xak2qS8m430sdDO8NRvcGj%2B4hYjGWym1pl9dluQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c3ce3973e1db500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 65fdbbfbc29ef27ca037d6fd035b8ef6
38b7c8dce78e906e5a08d5442426717f6cf84409
78bf8710eef29a025a4b9c96e43f75811e1487717cc3ff263e8e485cb6ad0bb6
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157330
Date: Sun, 07 May 2023 22:27:15 GMT
Etag: "6457d23c-1d7"
Expires: Tue, 09 May 2023 18:09:25 GMT
Last-Modified: Sun, 07 May 2023 16:30:52 GMT
Server: ECAcc (nya/7970)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: t8Mzm0-MbV1D-FEVBnhU26nRvJS--7Ilfj2VuE7FJvdvovComMeAvw==
Age: 5913
simplewebanalysis.com/stats
52.58.93.188200 OK 40 B URL GET HTTP/2 simplewebanalysis.com/stats
IP 52.58.93.188:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 084f0f25efabeaefcd6351b7be3c4d99
e40f448ae1794f0537049e19277fd99b1645f24a
1cc50cdfa69ed9853117e5453dc9970de8b3cedeb4f6b4d45d4c8d045b9f7bba
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:15 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://a.mylink.vc
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=f876ca4a-b28a-4dda-8e9f-a7b76a7f518d:2:1; expires=Wed, 04 May 2033 22:27:15 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=o8pf183281xq817675377y7p9dcpy798
139.45.195.8200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=o8pf183281xq817675377y7p9dcpy798
IP 139.45.195.8:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint74:B2:31:E9:6E:77:8E:33:B3:9D:61:F0:29:AA:AA:21:BB:5E:45:12
ValidityWed, 15 Feb 2023 21:34:45 GMT - Tue, 16 May 2023 21:34:44 GMT
File type JSON data\012- , ASCII text
Hash 4fe8dd1dca34106d29271c6693dc15fd
bb86ab4eef6522f7aba25c12a62c29d6246757f5
74b0716da1db24ac428f817abcc0939e29a8ad7b8a5c717fab1a3242b79de96b
GET /gid.js?userId=o8pf183281xq817675377y7p9dcpy798 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Cookie: ID=585e70bbf3154156a498f862538c5297
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 22:27:15 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://a.mylink.vc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=585e70bbf3154156a498f862538c5297; expires=Mon, 06 May 2024 22:27:15 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
in-page-push.com/500/3565140?excludes=&oaid=o8pf183281xq817675377y7p9dcpy798&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fa.mylink.vc%2Fmy%2Frecovery&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.15200 OK 0 B URL GET HTTP/2 in-page-push.com/500/3565140?excludes=&oaid=o8pf183281xq817675377y7p9dcpy798&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fa.mylink.vc%2Fmy%2Frecovery&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.15:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subjectin-page-push.com
Fingerprint15:C5:A8:08:77:90:7F:55:13:91:5E:15:A4:81:6D:DA:72:45:ED:E9
ValiditySat, 15 Apr 2023 05:31:32 GMT - Fri, 14 Jul 2023 05:31:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/3565140?excludes=&oaid=o8pf183281xq817675377y7p9dcpy798&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fa.mylink.vc%2Fmy%2Frecovery&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://a.mylink.vc/
Origin: https://a.mylink.vc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 22:27:15 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://a.mylink.vc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
104.21.234.93200 OK 53 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.93:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 8bf542db65f0ff20d510889d62e5e092
1b1b7cc04275b7641e2f07b0f4bf99b5387303bf
77a3bebee72af7beb49cd94b7f16852a532aac5f3db8f610160440fe75ca4711
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:15 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 795d6268cc9e72c1089a9c8ab72b1b14
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 07 May 2023 22:27:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qaJRKN7F%2BJUcOGC2aejhDIDNJi%2BpkTttTocl6LhOYIlscaXXfkBdJiWOj8qw0EU9IKWUsdCK7I%2BCFrRkJy0VMn6OucQ9ulyi9p%2FNwFGjZfe0ZqnCw%2F8UGUe%2BMoQWfLte%2FNArbE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c3ce3a41cea23f9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=o8pf183281xq817675377y7p9dcpy798
139.45.195.8200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=o8pf183281xq817675377y7p9dcpy798
IP 139.45.195.8:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint74:B2:31:E9:6E:77:8E:33:B3:9D:61:F0:29:AA:AA:21:BB:5E:45:12
ValidityWed, 15 Feb 2023 21:34:45 GMT - Tue, 16 May 2023 21:34:44 GMT
File type JSON data\012- , ASCII text
Hash 4fe8dd1dca34106d29271c6693dc15fd
bb86ab4eef6522f7aba25c12a62c29d6246757f5
74b0716da1db24ac428f817abcc0939e29a8ad7b8a5c717fab1a3242b79de96b
GET /gid.js?userId=o8pf183281xq817675377y7p9dcpy798 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Cookie: ID=585e70bbf3154156a498f862538c5297
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 22:27:17 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://a.mylink.vc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=585e70bbf3154156a498f862538c5297; expires=Mon, 06 May 2024 22:27:17 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=o8pf183281xq817675377y7p9dcpy798
139.45.195.8200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=o8pf183281xq817675377y7p9dcpy798
IP 139.45.195.8:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint74:B2:31:E9:6E:77:8E:33:B3:9D:61:F0:29:AA:AA:21:BB:5E:45:12
ValidityWed, 15 Feb 2023 21:34:45 GMT - Tue, 16 May 2023 21:34:44 GMT
File type JSON data\012- , ASCII text
Hash 4fe8dd1dca34106d29271c6693dc15fd
bb86ab4eef6522f7aba25c12a62c29d6246757f5
74b0716da1db24ac428f817abcc0939e29a8ad7b8a5c717fab1a3242b79de96b
GET /gid.js?userId=o8pf183281xq817675377y7p9dcpy798 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Cookie: ID=585e70bbf3154156a498f862538c5297
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 22:27:20 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://a.mylink.vc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=585e70bbf3154156a498f862538c5297; expires=Mon, 06 May 2024 22:27:20 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
54.230.245.166200 OK 26 kB URL GET HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP 54.230.245.166:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Sun, 07 May 2023 03:32:31 GMT
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2SmYEFrvHi6tdzRWu1sYSwxnJxKTXv_3Rbb9Q5mnHSxqbk25uuRwpQ==
Age: 68096
ads.themoneytizer.com/s/gen.js?type=1
0.0.0.0 0 B URL GET ads.themoneytizer.com/s/gen.js?type=1
IP 0.0.0.0:0
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint00:06:A5:1C:82:09:6A:B6:CB:1E:1E:F5:8B:D2:4A:EC:1C:88:B0:06
ValidityWed, 01 Mar 2023 04:56:50 GMT - Tue, 30 May 2023 04:56:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/gen.js?type=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRTHeHP/uKUDAA
x-77-nzt-ray: af585630ebace115c2255864c079520d
x-accel-expires: @1683864202
x-accel-date: 1683259402
x-cache: HIT
x-age: 239032
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
54.230.111.122200 OK 3.1 kB URL GET HTTP/2 quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
IP 54.230.111.122:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subjectcmp.quantcast.com
FingerprintD5:4F:85:CC:A5:50:27:E6:83:FE:8C:FE:51:B7:24:A0:BA:69:A4:83
ValidityFri, 14 Apr 2023 22:00:22 GMT - Thu, 13 Jul 2023 22:00:21 GMT
File type ASCII text, with very long lines (3283), with no line terminators
Hash b7075908be676bd21efe5023a83f14c8
6b80c250d42ac22baee8f264e2e856b799481072
bcab9a2a6adda31f09bd9b791ce43b43e5ec19737b8d4fb712dd1cab12360e85
GET /choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Sun, 07 May 2023 22:26:54 GMT
cache-control: max-age=3600
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 737EAmKi7iGOw-B8F3L72PuEozYFyjOPmAivxYA42OLZzSb8lwD0LQ==
age: 26
X-Firefox-Spdy: h2
matomo3.org/matomo.js
104.21.85.227200 OK 66 kB IP 104.21.85.227:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEB:34:FA:E1:20:3B:35:A8:61:6E:A2:F5:D7:40:06:6C:E5:C4:D1:95
ValiditySat, 18 Jun 2022 00:00:00 GMT - Sun, 18 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (1601)
Hash a3a7245d6daf7d31d2069c0ba05879dd
ec1bf464889e71aec1ced6d8361a26c76e4a1460
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
GET /matomo.js HTTP/1.1
Host: matomo3.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 07 Feb 2023 06:02:31 GMT
etag: W/"63e1e977-10132"
expires: Sun, 07 May 2023 22:41:19 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: HIT
age: 2756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qv5q1C9Kamx9BXXNhMez9VnJ4bCh97kpaD1YIYNZP4E4cRrzgn0jJnLuYXCwTdWVe8rdIfWqqPiHHpxjn33VPmx%2FhDnETgqOKOAQ4rKyCDwm5TzDCkzhJVr1%2FYm2nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c3ce3a3e9b90b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.mylink.vc/static/image/favicon.ico
172.67.199.51200 OK 216 B URL GET HTTP/3 a.mylink.vc/static/image/favicon.ico
IP 172.67.199.51:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subjectmylink.vc
Fingerprint72:15:DA:FA:11:89:F8:86:EA:3E:10:E3:C7:E6:D4:D7:C4:37:CE:A9
ValidityFri, 28 Apr 2023 03:28:35 GMT - Thu, 27 Jul 2023 03:28:34 GMT
File type PNG image data, 15 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 368c5623dacd8e2e7240ce14f1650689
f41b9ae4db67efb54631b78c5175383c5cdb2427
4efcba6860db4049dd8a087b39e9490d96472dfbc9ce35b64cca00ddd10036dc
GET /static/image/favicon.ico HTTP/1.1
Host: a.mylink.vc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/my/recovery
Cookie: view=1; PHPSESSID=tedsmoe6eqauluek6loao1m3ks; first_time=yes; tab_id=99091677; prefix_views_counter=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 07 May 2023 22:27:16 GMT
content-type: image/x-icon
last-modified: Thu, 13 Jun 2019 00:06:46 GMT
etag: W/"5d019396-d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 17077668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FkLIEfRXEk%2BUg5jXS6NBhAvjb4RvW9BCQXOoapKs13sLDiznOxrNTDzAtB10VMWsQXjMQqT36OTLnTzGlDcfDhsTLNVkCZq0WQZBeJK2v74T%2FiKXlCuCSczfzw4ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c3ce3adb98ab500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
185.76.9.25200 OK 569 kB URL GET HTTP/2 ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
IP 185.76.9.25:443
ASN #60068 Datacamp Limited
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint00:06:A5:1C:82:09:6A:B6:CB:1E:1E:F5:8B:D2:4A:EC:1C:88:B0:06
ValidityWed, 01 Mar 2023 04:56:50 GMT - Tue, 30 May 2023 04:56:49 GMT
File type ASCII text, with very long lines (64219)
Size 569 kB (569335 bytes)
Hash e9621752c4799770d90285cf03f070b2
34c9819fb906fad84e59ad11f5ce8e4226239d97
99b8d3ff543934f6364c7e1b6253e6b0391da1ec6829bf8a64c96bf67996f44a
GET /moneybid7_44/build/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 25 Apr 2023 20:12:07 GMT
expires: Sat, 06 May 2023 04:03:21 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
server: CDN77-Turbo
x-77-nzt: AblMCRQthdD/twIBAA
x-77-nzt-ray: af585630ebace115c22558642d7c241a
x-accel-expires: @1683518603
x-accel-date: 1683432203
x-cache: HIT
x-age: 66231
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
in-page-push.com/400/3565140
139.45.197.15200 OK 83 kB URL GET HTTP/2 in-page-push.com/400/3565140
IP 139.45.197.15:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subjectin-page-push.com
Fingerprint15:C5:A8:08:77:90:7F:55:13:91:5E:15:A4:81:6D:DA:72:45:ED:E9
ValiditySat, 15 Apr 2023 05:31:32 GMT - Fri, 14 Jul 2023 05:31:31 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 97398c316b1300c45b2e8d6508cddbfa
430f71e412e6891a6d4a76def795a0cb365afd2d
31de033c6c20d9434203f624787cef94552ddcd11b0785957579a7d7c3f8fb90
Analyzer Verdict Alert fortinet Malware
GET /400/3565140 HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Cookie: OAID=40c18245211144c0b7b6451abf18ee61
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 22:27:15 GMT
content-type: application/javascript
x-trace-id: fe8761ca6560c9e40db552f3e1e86091
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=40c18245211144c0b7b6451abf18ee61; expires=Mon, 06 May 2024 22:27:15 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=59857&formatId=6
0.0.0.0 0 B URL GET ads.themoneytizer.com/s/requestform.js?siteId=59857&formatId=6
IP 0.0.0.0:0
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint00:06:A5:1C:82:09:6A:B6:CB:1E:1E:F5:8B:D2:4A:EC:1C:88:B0:06
ValidityWed, 01 Mar 2023 04:56:50 GMT - Tue, 30 May 2023 04:56:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/requestform.js?siteId=59857&formatId=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRT9jZD/rVYDAA
x-77-nzt-ray: af585630ebace115c2255864deb7ae0f
x-accel-expires: @1683884437
x-accel-date: 1683279637
x-cache: HIT
x-age: 218797
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=6
0.0.0.0 0 B URL GET ads.themoneytizer.com/s/gen.js?type=6
IP 0.0.0.0:0
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint00:06:A5:1C:82:09:6A:B6:CB:1E:1E:F5:8B:D2:4A:EC:1C:88:B0:06
ValidityWed, 01 Mar 2023 04:56:50 GMT - Tue, 30 May 2023 04:56:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/gen.js?type=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRQQIvL/taUDAA
x-77-nzt-ray: af585630ebace115c2255864a5cdbb0d
x-accel-expires: @1683864205
x-accel-date: 1683259405
x-cache: HIT
x-age: 239029
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-WS7SWNV
142.250.74.168200 OK 120 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-WS7SWNV
IP 142.250.74.168:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintCA:2C:8E:2F:14:74:84:57:8C:39:86:59:92:AC:A1:7C:C8:FA:99:CA
ValidityMon, 17 Apr 2023 08:16:32 GMT - Mon, 10 Jul 2023 08:16:31 GMT
File type ASCII text, with very long lines (12166)
Size 120 kB (120122 bytes)
Hash 478688d1fcb1eace4d52880bac406402
1b05386c55289b158f2c934914cda1a3bbdeff28
cee9e9bfa644afc97d1097ac4ab5f03f5857f2e7fbadd0c29cc2ffa404ed2895
GET /gtm.js?id=GTM-WS7SWNV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 07 May 2023 22:27:14 GMT
expires: Sun, 07 May 2023 22:27:14 GMT
cache-control: private, max-age=900
last-modified: Sun, 07 May 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45476
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api.js
142.250.74.164200 OK 850 B URL GET HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint22:2A:81:06:18:D1:68:C5:1A:F7:E4:D9:FB:DF:C4:9B:E3:FD:BF:6E
ValidityMon, 17 Apr 2023 08:26:19 GMT - Mon, 10 Jul 2023 08:26:18 GMT
File type ASCII text, with very long lines (850), with no line terminators
Hash ce1afb1937ab3a38a420a133fa795969
81ba5361ca0491efefe4f1e8eb3f93eaa3c98ba2
8e2a4a795dd5b059fb16adbff4235eec01f82ac290fb365aba9b245d02c572df
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Sun, 07 May 2023 22:27:14 GMT
date: Sun, 07 May 2023 22:27:14 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL POST HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 6949f52318584a4b51c719a9b84a7287
9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905
72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1286
Origin: https://a.mylink.vc
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 07 May 2023 22:27:38 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://a.mylink.vc
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
p.cpx.to/p/12770/px.js
52.215.163.145200 OK 2.0 kB IP 52.215.163.145:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerSectigo Limited
Subjectp.cpx.to
FingerprintB7:D4:04:01:07:C8:6E:F6:F4:A7:B7:F7:0A:5D:BE:2E:A4:E2:2D:D7
ValidityThu, 12 Jan 2023 00:00:00 GMT - Sat, 13 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (2066), with no line terminators
Hash f15d0707c4c53d32b7ac03cde250de8d
4f4b78d111d3db7a0d087f2aa79b2fd0dfb567aa
54ea4263fa249c676f33aa56f3b13c9463fb7e1e805719f5ffa32f8dda3cc6a8
GET /p/12770/px.js HTTP/1.1
Host: p.cpx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=2419200, public
X-Firefox-Spdy: h2
mylink.vc/get.php?url=bWFnbmV0Oj94dD11cm46YnRpaDpCNDNENEJDMEIwRjUxRDlCQTgxN0VDQTk5MDFCRURBQTI5NjFEQUUz&version=v2
172.67.199.51302 Found 91 kB URL User Request GET HTTP/2 mylink.vc/get.php?url=bWFnbmV0Oj94dD11cm46YnRpaDpCNDNENEJDMEIwRjUxRDlCQTgxN0VDQTk5MDFCRURBQTI5NjFEQUUz&version=v2
IP 172.67.199.51:443
Certificate IssuerLet's Encrypt
Subjectmylink.vc
Fingerprint72:15:DA:FA:11:89:F8:86:EA:3E:10:E3:C7:E6:D4:D7:C4:37:CE:A9
ValidityFri, 28 Apr 2023 03:28:35 GMT - Thu, 27 Jul 2023 03:28:34 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get.php?url=bWFnbmV0Oj94dD11cm46YnRpaDpCNDNENEJDMEIwRjUxRDlCQTgxN0VDQTk5MDFCRURBQTI5NjFEQUUz&version=v2 HTTP/1.1
Host: mylink.vc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 07 May 2023 22:27:13 GMT
content-type: text/html; charset=UTF-8
location: https://a.mylink.vc/51hhVVJoCfIp
set-cookie: PHPSESSID=idbp92a9tmfum17o2mju9i0l7p; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUuHzj92aLfBtFg2eCBEzMh7fLiuX5n%2BXMWfsRze5a3L%2F0Aa%2FQS2oeRf5IiykON3QFjviecMzopuTAUq%2FgDEJbwkgDJFUv9KlDm7HOj9MdRhFyvM5tQ05tSVHIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c3ce3981ea2b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
in-page-push.com/400/3565140
139.45.197.15200 OK 83 kB URL GET HTTP/2 in-page-push.com/400/3565140
IP 139.45.197.15:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subjectin-page-push.com
Fingerprint15:C5:A8:08:77:90:7F:55:13:91:5E:15:A4:81:6D:DA:72:45:ED:E9
ValiditySat, 15 Apr 2023 05:31:32 GMT - Fri, 14 Jul 2023 05:31:31 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 97398c316b1300c45b2e8d6508cddbfa
430f71e412e6891a6d4a76def795a0cb365afd2d
31de033c6c20d9434203f624787cef94552ddcd11b0785957579a7d7c3f8fb90
Analyzer Verdict Alert fortinet Malware
GET /400/3565140 HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 22:27:14 GMT
content-type: application/javascript
x-trace-id: 21ba20027c8bdc26da57e5a0b057b99c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=40c18245211144c0b7b6451abf18ee61; expires=Mon, 06 May 2024 22:27:14 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
btloader.com/tag?o=5756097762689024&upapi=true
104.26.7.139200 OK 26 kB URL GET HTTP/2 btloader.com/tag?o=5756097762689024&upapi=true
IP 104.26.7.139:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:02:37:24:FE:31:73:D9:E5:C2:16:59:EE:BA:F8:45:83:AB:6A:30
ValidityFri, 05 Aug 2022 00:00:00 GMT - Sat, 05 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (25543)
Hash bb208a68f8f21c586d47fdcfa0259080
ac3a860eb7dcfd9a27590a584658fb24c914722d
40a509593287a66ee8659c61b7cc44a8e6352f4e238c66868ca9f521d30bc5c7
GET /tag?o=5756097762689024&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
etag: W/"c960cd96a274d18fbfa2b606ef3e5d0d"
last-modified: Sun, 07 May 2023 21:41:32 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 2621
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jV5eXTuQtsTXbgKYh8%2FhxmfzTy6yfDoh3YNqMD%2BzDEtCnJt90LA4jWt7MUyqO2QT7CgoyzxNBeeOXhIyl3lshRX7bX%2FVLVbdSyaJLkaB5w6Hiz9Ce984Ym%2BigSbqew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c3ce3a0ec63b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=2
104.26.3.70200 OK 43 B URL GET HTTP/2 ad-delivery.net/px.gif?ch=2
IP 104.26.3.70:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:7E:C3:56:0A:04:84:BD:24:32:3D:C3:8E:66:52:26:37:E8:90:D3
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdsQYtP2kx_4bKDGvrPBP794GF6O_jwpB4yW18TaVjKy5FIN9Gi5ekzKXgb_RxDVqUqSzG_1jiQqfCtZpqvXHPkO1hMsyk22
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Mon, 01 May 2023 19:33:13 GMT
cache-control: public, max-age=86400
age: 530246
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BDgeeLvNfTVcATnhSMKMW8lP05EKiF8eVXK%2F6yH3Pg18h7bHGSLqHymp8WR1uQKfgNydZAXeQlIo5kD1eCb4p76Wk2oTGZ4k9BRhMb%2FIrYUkFGiO3XEJY%2FAiFr%2FrYEghQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c3ce3a15fbab523-OSL
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybile.js
185.76.9.25200 OK 39 kB URL GET HTTP/2 ads.themoneytizer.com/moneybile.js
IP 185.76.9.25:443
ASN #60068 Datacamp Limited
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint00:06:A5:1C:82:09:6A:B6:CB:1E:1E:F5:8B:D2:4A:EC:1C:88:B0:06
ValidityWed, 01 Mar 2023 04:56:50 GMT - Tue, 30 May 2023 04:56:49 GMT
File type ASCII text, with very long lines (33237)
Hash efe528f52c3d05d68794f3f0f8146a8e
577c01fdfae7dcc7e7d23009d74422f61b414783
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Sat, 06 May 2023 04:03:21 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
server: CDN77-Turbo
x-77-nzt: AblMCRSHjDf/twIBAA
x-77-nzt-ray: af585630ebace115c2255864ef375319
x-accel-expires: @1683518603
x-accel-date: 1683432203
x-cache: HIT
x-age: 66231
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
104.22.25.87200 OK 62 kB URL GET HTTP/2 spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
IP 104.22.25.87:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3B:56:4D:4F:0A:90:47:5B:07:F8:ED:CD:91:23:F7:D5:B3:86:F0:26
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: application/javascript
cache-control: public, max-age=21600
cf-bgj: minify
cf-polished: origSize=62056
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: http://blog.travelmiso.com
expires: Mon, 08 May 2023 03:45:42 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 2492
server: cloudflare
cf-ray: 7c3ce39f59b6b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/lib_fs_close.js
185.76.9.25200 OK 667 B URL GET HTTP/2 ads.themoneytizer.com/lib_fs_close.js
IP 185.76.9.25:443
ASN #60068 Datacamp Limited
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint00:06:A5:1C:82:09:6A:B6:CB:1E:1E:F5:8B:D2:4A:EC:1C:88:B0:06
ValidityWed, 01 Mar 2023 04:56:50 GMT - Tue, 30 May 2023 04:56:49 GMT
File type ASCII text, with very long lines (711), with no line terminators
Hash 59c5c7e3e55468902db0a03c3adb8900
909b72f83c02fb1d09c8e2f28be6a4d0d9570492
3229d0c287999e1bc7090eeb23524a521dc34fe4edbf06ccdbbb10a8160a4751
GET /lib_fs_close.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 19 Jan 2023 15:05:03 GMT
expires: Sat, 06 May 2023 04:03:26 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
server: CDN77-Turbo
x-77-nzt: AblMCRTzo83/sgIBAA
x-77-nzt-ray: af585630ebace115c2255864f02c6a19
x-accel-expires: @1683518608
x-accel-date: 1683432208
x-cache: HIT
x-age: 66226
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.128.55200 OK 17 kB IP 172.67.128.55:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerGoogle Trust Services LLC
Subject*.tzegilo.com
FingerprintDF:12:8C:B5:F2:22:D6:BE:72:F3:C6:9A:FA:DD:9E:1F:4E:58:63:1E
ValidityTue, 11 Apr 2023 10:11:54 GMT - Mon, 10 Jul 2023 10:11:53 GMT
File type ASCII text, with very long lines (17431), with no line terminators
Hash 125fe76ff2d7be11524761934945b853
209efaf9e41c9d2381862d5254fa08f292f238f4
ba5a4122da220f44e8301c1f601b449ddbfcfbd3afa0b00bbfbe264fbf62d06c
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: application/javascript
last-modified: Mon, 06 Mar 2023 09:50:04 GMT
etag: W/"6405b74c-4417"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2808
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9d%2BiCnBuT2JEC%2F99dnZM0U9UZ5SonMLR6z3Vtu4ck1f9HdyFwXo9DKTUVPdiNMQpO3diqZJUcFDF3zelGOvQOpaKcouihTVUvhnnTdSIpGVIJmCkqfNK2e1bHc26cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c3ce3a14ecdb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.mylink.vc/ad.sense/ad-m.js?XQTQXjcmoGsXDZMPWWijS
172.67.199.51200 OK 57 kB URL GET HTTP/3 a.mylink.vc/ad.sense/ad-m.js?XQTQXjcmoGsXDZMPWWijS
IP 172.67.199.51:443
Requested by https://a.mylink.vc/my/recovery
Certificate IssuerLet's Encrypt
Subjectmylink.vc
Fingerprint72:15:DA:FA:11:89:F8:86:EA:3E:10:E3:C7:E6:D4:D7:C4:37:CE:A9
ValidityFri, 28 Apr 2023 03:28:35 GMT - Thu, 27 Jul 2023 03:28:34 GMT
File type ASCII text, with very long lines (6135)
Hash dc45fe49fb996613ee766c5a6f8829b8
f8e19c7296807cc0cfc43075c823af41d128540b
692815093b504e35af65a0e01529da76255cb80dbd0df5ced3a336d18b2cbc9e
GET /ad.sense/ad-m.js?XQTQXjcmoGsXDZMPWWijS HTTP/1.1
Host: a.mylink.vc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.mylink.vc/my/recovery
Cookie: view=1; PHPSESSID=tedsmoe6eqauluek6loao1m3ks; first_time=yes; tab_id=99091677
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 07 May 2023 22:27:14 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 23 Jan 2021 23:33:39 GMT
etag: W/"600cb253-df63"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LyUlQ%2BYVapqbuQHRxaSLn8Wf%2F9EFo9Sh7dvgylz0Gj5yYeWST2zFVYV9IadaLsi2o98u%2FVeMC%2FJq9z5YHFq5za0OCQV30NbbPXJMV3ITEmIoRfFQTACvSrUlbM5YsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c3ce39d5ad1b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400