Overview

URL best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
IP45.141.58.128
ASNIP Connect Inc
Location Seychelles
Report completed2022-10-04 17:11:20 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 best-offer-no1.com/bitcoinup/js/jquery-migrate.min.js Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/js/jquery.js Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/js/intlTelInput.min.js Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/js/countrySelect.min.js Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/js/video.min.js Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/js/skip-link-focus-fix.js Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/js/jquery.min.js Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/js/bootstrap.min.js Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/js/global.js Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/js/jquery.scrollTo.js Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/js/scripts.js Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/js/wp-embed.min.js Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/fonts/fontawesome-webfont.woff2?v=4.7.0 Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/img/Ellipsis-2s-151px.svg Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/img/bitcoinicon.png?v=12 Phishing
2022-10-04 2 best-offer-no1.com/intgrtn/api/v1/events/add.php Phishing
2022-10-04 2 best-offer-no1.com/bitcoinup/media/en-1.mp4 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (12)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-10-04 04:17:22 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-04 04:29:41 UTC 143.204.55.110
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 15:17:25 UTC 93.184.220.29
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-10-04 04:47:48 UTC 104.17.24.14
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-04 04:45:06 UTC 35.161.136.21
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-04 11:55:48 UTC 142.250.74.10
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 12:43:11 UTC 34.120.237.76
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 15:06:58 UTC 143.204.55.27
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-04 04:16:51 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-10-04 04:17:09 UTC 142.250.74.3
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-10-04 09:46:16 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS best-offer-no1.com (65) 0 2021-10-14 13:15:44 UTC 2022-10-03 19:58:03 UTC 193.34.166.240 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 45.141.58.128

Date UQ / IDS / BL URL IP
2022-10-04 17:11:20 +0000
0 - 0 - 17 best-offer-no1.com/bitcoinup/lp-en.php?intgrt (...) 45.141.58.128
2022-09-16 06:46:26 +0000
0 - 0 - 3 yourinstantdailyprofits.com/ 45.141.58.128
2022-09-12 06:38:15 +0000
0 - 0 - 2 yourinstantdailyprofits.com/bitcoin-circuit-2022/ 45.141.58.128

Last 5 reports on ASN: IP Connect Inc

Date UQ / IDS / BL URL IP
2022-12-03 21:34:34 +0000
0 - 0 - 3 secure-revoke-web.com/Login.php 45.141.59.85
2022-12-02 22:25:24 +0000
0 - 0 - 3 ee-helpdesk.com/login.php?sessionid=06eb8a6a2 (...) 45.141.59.16
2022-12-01 22:16:17 +0000
0 - 0 - 2 45.141.56.226/ 45.141.56.226
2022-11-26 11:15:39 +0000
0 - 0 - 3 hrxprssgnsnwtrckrr.com/ 149.3.170.133
2022-11-23 20:58:04 +0000
0 - 0 - 2 shibcoin.io/event/ 45.141.59.16

Last 2 reports on domain: best-offer-no1.com

Date UQ / IDS / BL URL IP
2022-10-04 17:11:20 +0000
0 - 0 - 17 best-offer-no1.com/bitcoinup/lp-en.php?intgrt (...) 45.141.58.128
2022-09-08 06:15:23 +0000
0 - 0 - 12 best-offer-no1.com/tesler2 185.142.239.209

No other reports with similar screenshot



JavaScript

Executed Scripts (22)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (93)


Request Response
                                        
                                            GET /bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         193.34.166.240
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:09 GMT
Content-Length: 162
Connection: keep-alive
Location: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Strict-Transport-Security: max-age=63072000


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 16:14:34 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: M0vU-MQDxbfdS636XaYeA3bEVx7wHYXHeLKrY8Az1W3XOo4FdrR6-A==
Age: 3395


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8813
Expires: Tue, 04 Oct 2022 19:38:02 GMT
Date: Tue, 04 Oct 2022 17:11:09 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RtlVs1o0ZeQhNijh7fwPAEfUnlVt18J4yt3oNmbtQeVNzziogoeKjA==
age: 42162
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 17:11:10 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "719A2E20BBFE3B2518A38D44DC559DB070301643475B5158D7F2DBE63072084E"
Last-Modified: Mon, 03 Oct 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Tue, 04 Oct 2022 23:10:55 GMT
Date: Tue, 04 Oct 2022 17:11:10 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 16:29:33 GMT
Expires: Tue, 04 Oct 2022 16:31:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GOncWSH4to5ORNda4fa0MGvvt1qE8q0Yz77m1576wb64_J3xKHoUGg==
Age: 2497


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: intgrtn_language=en; expires=Thu, 03-Nov-2022 17:11:10 GMT; Max-Age=2592000; path=/bitcoinup/
X-Upstream: evlampi-***ko
Content-Encoding: gzip
X-Server: ornare
PX-X-Request-Id: df27d58ea91916ad5a8c811374407a65
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1852)
Size:   29398
Md5:    622f97b9da5df4cc0ccb68ff9cddd8e1
Sha1:   849b23d68f4451a7cf47389b450647fa270a5747
Sha256: 3f0c9d124ceb27671a3f1c5ef33211680f694dd72156b8572c8ba3e8fd339000
                                        
                                            GET /bitcoinup/css/style.min.css HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-d0f1"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 89850cd8e34da19211ad412fe8f6f7e9
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (27984)
Size:   7549
Md5:    7a69c636266ee83f7ea8f8f61071d92d
Sha1:   f3d0ddccacf05d2f7a6988f9c02661dd3a80e900
Sha256: 7d5904f80ec8c3aced8fefadf6b0beb4dbdab6bf498be929950fc463f87647f3
                                        
                                            GET /bitcoinup/css/video-js.css HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-9aca"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: b1753259b99a67189d28fecf7d3d2d4b
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (5635)
Size:   9920
Md5:    4180d4bc2d2032c94320140a525ce62e
Sha1:   52411dd09b2f6a0f0b59018e51647e4ddf122320
Sha256: 8bec40bd2e30d594759ce63031110b63805d97d9f830c1216f7a514974497d26
                                        
                                            GET /bitcoinup/css/styles.css HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-6d2"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 59e43ff5cfece4cbadd407ea3761a79e
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   677
Md5:    c1f1a2aca368f9723097af32fd3154bb
Sha1:   15ef2cab00f14ea55fc42dd3856cdb00d12c0ed9
Sha256: 16bfe915f55f4ca3e8fa2427bda53179f77e44b7ed3640c6ce34ad970d25a6e9
                                        
                                            GET /bitcoinup/css/intlTelInput.min.css HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-531b"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 399a25f0338f42a920ca4271d83dce3a
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (21275), with no line terminators
Size:   3104
Md5:    986095515bbf17ee39f9bff48a7b22d4
Sha1:   e0573f2899c49a321c4de83714f9f50c4d8dd34c
Sha256: 6f03e5d8cd58b70c88a8b497f3a4bfb09c7901ad759ceecedd9400e40817760d
                                        
                                            GET /bitcoinup/css/countrySelect.min.css HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-500d"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 5ac0f85cdf89e4d0175513fd9c70d346
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (20493), with no line terminators
Size:   2707
Md5:    c163b6951fa4eeef1012b0f8f6d51806
Sha1:   e6913136f67891e58eacd24992363c5e20678419
Sha256: 08d5bbce9fab533881107435f2bad86694a83abf4947705bc49f1c8ef7e6ebcf
                                        
                                            GET /bitcoinup/css/style.css HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-14806"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 41befd89bd2b0c26377cd0d769b85130
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (463)
Size:   15762
Md5:    4e3c99a20310ad5858b85be1fb2e2946
Sha1:   2559004272f098b3b085ec2ff43d987ef3491cb7
Sha256: 59a1f41e34c848331fd37528d99dba33ceb63ed4fcf42eddaa806c17fa605312
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4161
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 17:11:10 GMT
Last-Modified: Tue, 04 Oct 2022 16:01:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /bitcoinup/css/theme.min.css HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-7a2"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: e75818288cc6ef0efc20681f3d0971c8
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1954), with no line terminators
Size:   639
Md5:    97b4a06170d0db87ab75c431d2ad1e52
Sha1:   f4bf9a0bfe7f8c24607b0ca2a4e92af285f00844
Sha256: bfdedc0d422e770b5996ce4270a5b9af0cf56aa04ffc6da6054e3b8d326b49ec
                                        
                                            GET /bitcoinup/css/style(1).css HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-8b24"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 341d23827d6928b1d0a8beb30238e1af
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (430)
Size:   5010
Md5:    c6ef9f7f70ddabea4a125e46528847e3
Sha1:   c6e53898dc17226564fae1e8cabb4e88cbe085fd
Sha256: e1f518d7a80bd379ffd91926c2aaac50bd3bb22897a0ab2d3574af4863b8204e
                                        
                                            GET /bitcoinup/css/blocks.css HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-27df"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: dab4806d3a1160383e6824577fc27574
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   1856
Md5:    122e09a372b8f27d0d44c0d6cd6dbd1e
Sha1:   3eb694bddfcd4aafbdaa473ca54e9ec5c34014e2
Sha256: 6e980005d5e7dcbacb952e218acb6912dde523896f5d8734361b92f6ceded21e
                                        
                                            GET /bitcoinup/js/jquery-migrate.min.js HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-2748"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 5aa9edf4d954c27ae37f1bfb379ab4a9
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (9959)
Size:   4014
Md5:    a6c81e2f02bd04160d2de88c4e8f3559
Sha1:   e3f3c91427d785820ca97dabe738f01faf041f36
Sha256: b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bitcoinup/css/css.css HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-1d42"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 63116c03f41bb9866f0101f5b40796e8
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   641
Md5:    43025f85a4a14c8e2e39b550d9567ea0
Sha1:   acdc35db63cc9dd522f5b30e36b1f1cea8f57cdc
Sha256: f488f54578fff55c91968cba98e245831dfb8ed2fd66ead64f9e2a56f44d8271
                                        
                                            GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 04 Oct 2022 17:11:10 GMT
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1709847
expires: Sun, 24 Sep 2023 17:11:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHDa%2FjtAaVl1Yz4o6PacPshADE9Ufbi5Ng9PAhRnNwMZe5CvXeQuQVnUEhq9YHdpYMKASvbaLHYJgO%2FcgNVdWZX99fbsvJ4OUr2Ph%2B%2Fk59BS4mwQYqwzL02Csi%2F8DFXUJVa0cJe2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 754f89046bf80b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   5631
Md5:    109d1ed85cd01f9cdab73a4cac5bf80d
Sha1:   d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
Sha256: 8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
                                        
                                            GET /bitcoinup/js/jquery.js HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-17a69"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 236a516888553f4170424d70c5cb7442
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (31997)
Size:   33753
Md5:    95bf7b30676f75380558a8f55df28256
Sha1:   18ba3d9afcd6dbdf4edbbf6e3c8d1cd527e807b8
Sha256: 3a70f07c32fd221889ac1c0ed0471d5e4e02bcbfdffe9fa0f166f80cc6dddbb5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:11:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /bitcoinup/js/intlTelInput.min.js HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-5d1f"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 342f258279eb11358a3b39b8d0808c26
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (23026)
Size:   9534
Md5:    bf5025dcd061132437df6b8f0a4c7693
Sha1:   e19443ef7269261988a9015865e130671843d78c
Sha256: 1df8ebc9731d806c773408b70188abd8cd5feb3a220de3da486304e79b286b57

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bitcoinup/js/countrySelect.min.js HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-4380"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: a8fe779e042a0c5e44edb3315f46f3cc
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (16597), with no line terminators
Size:   6532
Md5:    8bd9a6ac8bf08bb5dfe4981ac4db6235
Sha1:   b7d108eeceba5c5502f3fd2d66c23501a9ee110e
Sha256: e7f29824defa2b9d89f7849139c9affbdc3e9f67ee88d26f64936b3a693bb535

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bitcoinup/fonts/font-awesome.min.css HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-7911"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: bb62d7879be231503ea5c5cda2931968
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (30830)
Size:   6931
Md5:    484070548e5cfaacd341be97e920b6d1
Sha1:   0ec0e369069f1b08d47437a8755c1b4ffca9599e
Sha256: a843fb13ae3fff94c222b837a839ad92c89086d7ba9b5185c3c8838832833125
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:11:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /bitcoinup/js/video.min.js HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-42c01"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 8947fb4589aeb9f2a96e1bec2e687a2b
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   63023
Md5:    442765e7bb397a4923104ef780d46063
Sha1:   9a286bbed235520288c238529f94b1937925b948
Sha256: 612d9493238910863b7110bb0463cede231a7703e0ee67c5cf788f05bed0a67c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bitcoinup/css/intgrtn.css HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-1666"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 026544daefce11ce30877c2a53a4d8c9
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   1396
Md5:    1a05a3917e56688a1ad509560219d4c4
Sha1:   3a88d6ac00a3b6a928673193eb1725d51cb9be62
Sha256: 2af0a43780eae044c49f2a62cd24d7ba38a301129d0019c74da27d9b07462abc
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G6WjmR4C3ZO4dq5bpamXnQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.161.136.21
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 00DJRpxaHOOrQDXok5se8cC6bJw=

                                        
                                            GET /bitcoinup/js/skip-link-focus-fix.js HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-2ab"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 22cb7269c423a99d89e2923e351cde91
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   416
Md5:    e6f53264ebf762f651ef3c426aba7d7a
Sha1:   c94c31f4cdc7976febd8b722771d433fcd460d87
Sha256: e5dab0bbdb24e72cded213dba7acb5e41a11e2a317279a046e402d1146512404

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bitcoinup/js/jquery.min.js HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-176d5"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 277a875b9352630084cfbb58e804a9f5
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32038)
Size:   33261
Md5:    1c8acbf5f411ace3b76578a1fd1a603e
Sha1:   b1bbee9db24d885c25afd2e5a7720e4f79b6b991
Sha256: e37464521b5447580a641b775ddb258a76f3bc7a3ca5a34eb452b12908b350a9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bitcoinup/js/bootstrap.min.js HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-90b5"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 60d02bf460cebb5852d161b19fbf4103
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32033)
Size:   9806
Md5:    4839f961fb7b3bf3ab0dfb42af29d967
Sha1:   625461153983e2349431581c4b33111423f73f5c
Sha256: 45c664c18940715d29c29b5dbf6901493b671d5961eb549ac3721ba21f4a3308

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bitcoinup/js/global.js HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-1e4a"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 4359840bb8d823be99077ff20b279d4e
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   2610
Md5:    973a64bc2331c277cb573194bb7b606c
Sha1:   b3d328a5440989f66bdd21c7962a2b94b7b60fbb
Sha256: fe394568f987fc4cdb089032f1f5cf77079dc5733c0395351490c1dc08a98874

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bitcoinup/js/jquery.scrollTo.js HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-16cc"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: ae629872ca2b62ab99002611fcd84e12
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   2409
Md5:    6867c02378ebacce9b9829019a85e83a
Sha1:   774e8fa7125db0041a2e83359cfdbe2aa17845d2
Sha256: 1728a2503bedcda9b698b16e749b3612d09b28df0399bda3a0bb4b7fc72b625c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bitcoinup/js/scripts.js HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-3868"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: e4c0d3c03b8fa14a6edc749b41690738
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   3981
Md5:    401faf572af7bfdf7b0ed796ea38fc9b
Sha1:   2b387b6374a86580e2fb2601c00df3a3066ab265
Sha256: 6cf5b5cb5cf77315be8325dca662915a137d3a8671290d022feea537c7fac464

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bitcoinup/img/btc-logo.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-fd0"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 9bac53e27d720f78348cba0db2aa552b
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 203 x 29, 8-bit/color RGBA, non-interlaced\012- data
Size:   4071
Md5:    161de89226f8a86bcba3bc927178e913
Sha1:   fe2675dbe9b02cca8404d49edf21bbb44a8e0c35
Sha256: 23579ceae7c87c0b1c7b1abb252704cc76e36b1217dec323a5e48559b83254f9
                                        
                                            GET /bitcoinup/js/wp-embed.min.js HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-59a"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 0f88b3dcc4e6d25f50352faf54f6a256
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1399)
Size:   769
Md5:    f5dbcc86138f123517347121c0e3421f
Sha1:   90dd1553fd4ddf8d11b3a445a1e05457189d3200
Sha256: 99b9111adc8878cf8010a779ce547fb59972a81bcb5131751ecf673590ed4538

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bitcoinup/img/arow-up.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-145"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 29fdc13b6748da212c0c4b41d88c5eef
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 18 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size:   344
Md5:    32b2cfe5e7ffba50f08d55aec4fd2b61
Sha1:   6c226b29be00d47436f508bc2eaa92d0a9575654
Sha256: 327655027f291364d86273d877df80efe47473291b5b3cdd467da7d7684f9d94
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:11:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:11:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /bitcoinup/img/logo-secure.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-858"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: f449be3ee6ca4d15a07828c5864f9806
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 56 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size:   2164
Md5:    12a8aa4f9361e5e062de069dcff430f8
Sha1:   d6c3291e5e00630a6eec0c2653a758dedd70a6c0
Sha256: a819df750c7ad8e88a963e03784c6f2b09a928f4b4a45d4751dddd00e4ee4e37
                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://best-offer-no1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 17:10:21 GMT
expires: Wed, 04 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 50
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://best-offer-no1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 20:02:01 GMT
expires: Tue, 03 Oct 2023 20:02:01 GMT
cache-control: public, max-age=31536000
age: 76150
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Size:   24408
Md5:    efee2d080d7bebdd2e0aeb2e030813a0
Sha1:   f8d38f9f9584e48c2e469877ebd94232265585f1
Sha256: bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
                                        
                                            GET /bitcoinup/img/girl.jpg HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-97ac"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: a66d7a26c3d1c76613ad428bd48cc6c5
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 552x640, components 3\012- data
Size:   38487
Md5:    256a7ede50eaefd5dc54169162c03f3a
Sha1:   507f1b0379d46707993817a210c8481598ba9ce4
Sha256: 140b766ed9829d5e7f31106e19f7da055eb08d7f9aea2e5e3c46fb5f5f7ec5d1
                                        
                                            GET /bitcoinup/img/bg-1.jpg HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/css/style(1).css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-89b2"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 13c3dddcec4e308d81edb99e995f1c08
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1440x635, components 3\012- data
Size:   35098
Md5:    4582e15b375aca5483fd0da709716091
Sha1:   2385055eb80dd5045a48c4a90a1d718aeedca27c
Sha256: f8233c407d2d6802f3ca2eef6ed888e5bd1e88ddbaa373512bc789e3cbceb106
                                        
                                            GET /bitcoinup/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/fonts/font-awesome.min.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Length: 77160
Connection: keep-alive
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: "62455170-12d68"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 10e2f42cc5c2f1aca2dd4f43eeb30a65
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:11:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /bitcoinup/img/video-bg1.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/css/style(1).css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-4738"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 491610edbe915bea2e2aaaf0a11ef291
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 718 x 483, 8-bit/color RGBA, non-interlaced\012- data
Size:   15346
Md5:    61ec1e0d615282c014d55cbdb47ff859
Sha1:   ef0b68f1745c1de1b29baa70945fc5b1b4d7eebf
Sha256: 9c1c2a5bf474b7115d1079aacf8a1176fbf2998b5bf9d2c37c497c1ef42a63ca
                                        
                                            GET /bitcoinup/css/img/arow.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/css/style(1).css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-120"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 693eed565c44a37248e1595686c47ec2
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 16 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size:   305
Md5:    9d101a7b742892248f1874f3f2626be2
Sha1:   e0d2c9125f710a57c5782c6b3da0c4dc81736874
Sha256: 34aab62de1b4321cd8bebd910c44786548a6e0999b1014e3570bb2ce514fe5e8
                                        
                                            GET /bitcoinup/img/winner-1.jpg HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-1941"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 67b45d4ae3f0f1522a37947821c6845e
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x160, components 3\012- data
Size:   6412
Md5:    4117a8814432961e85f7585fe197e843
Sha1:   9830d5b187ed73ef46bf6e58ba2ed396ae4dd2f4
Sha256: 826f5f748f89ea45fa220e7a1319eee07e742bea54338af5202309d058892a4e
                                        
                                            GET /css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 17:11:10 GMT
date: Tue, 04 Oct 2022 17:11:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   41689
Md5:    5a178041d545c2c7afd0bd5bdd03451f
Sha1:   ff0cab93ada2188257ec2f898ebce685f97a4987
Sha256: f3a886cf66b4bf8a7c3a6220a3065ee287457a2039f999d01f11e8c1954d794d
                                        
                                            GET /bitcoinup/img/question-img-3.jpg HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-456b"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: d190ba2427725eee1abb56c51e76e461
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 312x510, components 3\012- data
Size:   16464
Md5:    618106a3dfb25521fe284afddac1a4f2
Sha1:   20738a99822e9507b9d98db8ded7b2ae6b36582a
Sha256: aa8e28ed5f0e61880f0ff76b3086deea31f8e30704131ab780f81fa62cc4237a
                                        
                                            GET /bitcoinup/img/winner-4.jpg HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-1cdf"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 0c85a6f0878bde9a13e2695284e56646
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x160, components 3\012- data
Size:   7334
Md5:    2f94ed5b182224fc5a506c670b5eebf7
Sha1:   150c68ab51fed8917d5b671183da9ceb7ba835bb
Sha256: e3fd6939e5eae4de24bb75d5da117b6f7217b162a01fb9fbbec92f331ea29ad6
                                        
                                            GET /bitcoinup/img/winner-3.jpg HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-13b4"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 0f4c6cb8b9f4618969539a51ead13d50
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 174x160, components 3\012- data
Size:   4986
Md5:    5d7fdf896d015f2c1071ceee4f76ec6b
Sha1:   f933e134d605a067a5db1f520b95c554b483da6b
Sha256: dcf7576efeb4bc57fdc3bec5dec029713cd041626753c16d6b247aadd009469c
                                        
                                            GET /bitcoinup/img/question-img-1.jpg HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-5072"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 6c2f651f409d8cca440adc2d2c12c5b7
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 666x417, components 3\012- data
Size:   16782
Md5:    3951c079b510888d7fab7af997d737a5
Sha1:   ffde07239a228e3c2578d1c3b909c5f1f96a4937
Sha256: 54090a279c74de0e9ac8c69d0ea84a8f92ca6e66c5e78794d112d0e9b7d2f68b
                                        
                                            GET /bitcoinup/img/question-img-2.jpg HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-755f"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: a379db54aaed7d134420c36fab8be352
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 666x417, components 3\012- data
Size:   25257
Md5:    f7e37518f75b4a99f46f82e3b88b7dae
Sha1:   25ee6db0da341904c5359d43de859c735e484f04
Sha256: 0db8748c583074170d3f426c777f74f2fc3cc4cb24cf6ff7ff7bf71ebcdaaac9
                                        
                                            GET /bitcoinup/img/phone-footer.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-8ec7"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: c07726fc314cfe30d96337e1417ad95a
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 407 x 488, 8-bit colormap, non-interlaced\012- data
Size:   36584
Md5:    08bc132135587bc27dee5f8ba392a626
Sha1:   f07d5afe7180663da1542ae8bee1a884f95f4d63
Sha256: 84c43eea7a64a3cb36b832cb0b02a1eca0a6fb879b74edbe24169a7e70337840
                                        
                                            GET /bitcoinup/img/mcafee.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-afe"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: c318fa4675cbf1d9255e8afc92141f08
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 178 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size:   2842
Md5:    56e0cd08a42b2a1a1dd99f228d572dcc
Sha1:   0f01f4fa6c9641dec69e1043a53d5a8771453ede
Sha256: 7407c6f28fe791f74ce0a4f39e4d32ee4c7cce27a587f669db5f8fd40b2febd9
                                        
                                            GET /bitcoinup/img/bitgo.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-c08"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 672f839584e29312f46638fe6db7b698
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 88 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size:   3108
Md5:    097c2c245487348c09af7e343d9e5e9f
Sha1:   50fbf5510905846680c6a0fc80ec505e8194ff3b
Sha256: a45cbde0c189acd0cf1d6de88f98f5e43709a0c1b092d7d3335693229e665f86
                                        
                                            GET /bitcoinup/img/visa.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-f5b"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: c71295bf9473e488fddb048a805c5d5a
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 101 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size:   3954
Md5:    7202817bb490723ad2a7ed99439cea0c
Sha1:   3fce5e5fd69377e57da7a8f9a51e9891715f8eeb
Sha256: c55016cc6ae5d74aab0f4be18c86eec7e9dc6b6afbfd911ad36c85d00e5d64b9
                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://best-offer-no1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 17:10:21 GMT
expires: Wed, 04 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 50
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size:   23040
Md5:    de69cf9e514df447d1b0bb16f49d2457
Sha1:   2ac78601179c3a63ba3f3f3081556b12ddcaf655
Sha256: c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
                                        
                                            GET /s/librefranklin/v4/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjnTLgNs.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://best-offer-no1.com
Connection: keep-alive
Referer: https://best-offer-no1.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 13:23:24 GMT
expires: Sun, 01 Oct 2023 13:23:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jul 2019 19:20:41 GMT
age: 272867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15320, version 1.0\012- data
Size:   15320
Md5:    805e3f7f31c9f2f0f343deecef57f692
Sha1:   b85e02b31cb237417316c2375690315e6cef6758
Sha256: 0a154fd74d1c2e3998aa7eec894a1b334ae50fda2cb99d86d5acab0b1f4b32c4
                                        
                                            GET /intgrtn/api/v1/integration/sdk.css?v=2.63.2 HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 09:01:21 GMT
Vary: Accept-Encoding
ETag: W/"62de5be1-1344e"
Expires: Tue, 25 Jul 2023 09:04:44 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
X-Server: ornare
PX-X-Request-Id: 8312774e5658709a2dfdee8dc009bba3
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
PX-Cache-Status: HIT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   8238
Md5:    f8d2693bbce48cb3c19117b0d43e9cc4
Sha1:   5a4ed5df84262978776ee5fd1d2418ebde6f08ba
Sha256: 0ec8d1ead3f977cf5f4421c42570d18ac80796c2ccbc6b855af7c68e3470b922
                                        
                                            GET /bitcoinup/img/winner-3-big.jpg HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-41e4"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 2339fdd740878bf88ccaddb4ea902697
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 266x540, components 3\012- data
Size:   16764
Md5:    d20dfd4e59170c4025d619d380a85d05
Sha1:   773826cbdea438bbb19fd9480850667414434ff8
Sha256: e4abf6b5e6f935c4055016c49366db2281b6280dab137f879382cb6f4f013dcb
                                        
                                            GET /bitcoinup/img/mastercard.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-933"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 662406daa4324c4e3b04f95c993fed86
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 195 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size:   2383
Md5:    7ce2bbb0bcc887b262f7fe32eda47f35
Sha1:   fb973bc77d1038f8c07f0468fb8883a87930c9a2
Sha256: 765c9f3bdc03f76213a83c6de7e1a31412f2f22ad621de992fc30de9897dac3e
                                        
                                            GET /bitcoinup/img/bitcoin-revolution-deposit-269x300-1.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-10b1a"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 659537147293e9111905a95ea86e64da
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 269 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   68164
Md5:    90ca06f43ee583486b0d120da0ced5e2
Sha1:   01bb60396a767d98e214629f8df8b30ec9b7dc6e
Sha256: cf294f24f3206d90a994edd5cf175d23d35cbf8ee941624b69c5d3b7177d6ac0
                                        
                                            GET /intgrtn/api/v1/locations/current.php?&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: ornare
PX-X-Request-Id: 2654a018640f19cc8c52bfe8f91695d1
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   206
Md5:    93d3c89f4b0524d8512ed97a4ff783c1
Sha1:   fe54fb3bbf79cb7ba9843c99078aab80a65bf4b7
Sha256: 351218373405ce9e8b51541cb4f568153de98e216a92f6a08d868e18a6374965
                                        
                                            GET /intgrtn/api/v1/projects/agreements.php?type=4&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: ornare
PX-X-Request-Id: 00555baf61e85871017eb9e104b06110
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4140), with no line terminators
Size:   1834
Md5:    c227844f294b07f422f4a9d501f301c9
Sha1:   33c064bb0fd856fb1e55b11873c8ed6114d7d274
Sha256: bee3f81b0c723d9e0a8519293e64510021892cdc0080f749f0281d76e06816f8
                                        
                                            GET /intgrtn/api/v1/integration/assets/img/eye-1.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/intgrtn/api/v1/integration/sdk.css?v=2.63.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 13:58:11 GMT
Vary: Accept-Encoding
ETag: W/"633aea73-405"
Expires: Tue, 03 Oct 2023 16:10:49 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
X-Server: ornare
PX-X-Request-Id: 43928ae7a7afd77881b862b8196bb564
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
PX-Cache-Status: HIT


--- Additional Info ---
Magic:  PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size:   1052
Md5:    5bf67e283b31db289f9c688d355e2f69
Sha1:   cc0e399b41878e01eb5d932bcc729606ca9783fc
Sha256: da41684c01ab082ccba66af435a4a2c512a0755d8de5343a36d3919aec61c0ff
                                        
                                            GET /bitcoinup/img/Ellipsis-2s-151px.svg HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Length: 2649
Connection: keep-alive
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: "62455170-a59"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: f270cbbb2de6d66631664b740a0e08c6
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- exported SGML document, ASCII text, with very long lines (2649), with no line terminators
Size:   2649
Md5:    a4fdaedbce1078e7d3ad00e720a2c7f0
Sha1:   9ec5189f70a4d35c117ddddc3e70240dbbab4417
Sha256: 5cb1132270a8ff89655d460f817f99e10859995c418e358a698ed7e67b689991

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bitcoinup/css/img/arow-faq.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/css/style(1).css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-150"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 75468f6bd501deaf4fcb2639f49f06ca
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 8 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size:   356
Md5:    31e95dfa4d42480d41ed195281c8657d
Sha1:   8180562ca9e9d533382601983e5d3015ee9af17c
Sha256: fbada089462c61aa047588fd7179f2126eb2114832dcc3603c485e01e27456e6
                                        
                                            GET /intgrtn/api/v1/projects/details.php?&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&language=en HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: ornare
PX-X-Request-Id: b5bb9ef6abee2926b0c496dc8a3f146c
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (44795), with no line terminators
Size:   6427
Md5:    0ce0a8a1803fa0fd06faeb7f51a99a2c
Sha1:   260fd3e69b3835e8a777f1a62f8546cbff5f1d95
Sha256: e5fcdd09e17c63c3d31a833ee86d8f705707ddd7755bd9df9ea43ab5cc7f0c5d
                                        
                                            GET /bitcoinup/img/winner-2-big.jpg HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-7306"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 46746815496cddc6afc76381171f907e
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x540, components 3\012- data
Size:   29386
Md5:    bc159653f1b641e98ba8db1e9a1e9bf6
Sha1:   6aa800c5e0626ba8be3c01855c4a8ba1b7b990cc
Sha256: df97dcc06b90d0e910cc9ca521007aa3aecbf3a27ca838832eabf4dd218a617e
                                        
                                            GET /bitcoinup/img/winner-4-big.jpg HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-7fe0"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: a8764107910dc54576fa9bbf7bffa760
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x540, components 3\012- data
Size:   32688
Md5:    71cb0a23493f930984e3d3ee8bf41954
Sha1:   9ba9e218a7f8d4990dfc7c3dfe10d5e92fa9ba8a
Sha256: dce02c2ba0ce1f7270d97596c37c34d9338394e80cc7429f03c8c63356a012a6
                                        
                                            GET /bitcoinup/img/bitcoinicon.png?v=12 HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-3b06"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: be31ed0b213a7bfa7cfb3a1a8fdc743b
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size:   15045
Md5:    b5ca491a95ab223571b472ca2fe27f06
Sha1:   b3e9b03c920d75d24d0bfe4b22e67189f64f54cb
Sha256: 2aff294ee5ba5c9953746e6a1dd54fc9299c9d0d14ff906616f924d9ace5f3ad

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bitcoinup/img/winner-1-big.jpg HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-5476"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 3ce13ed9709baf06b4496a9ea671afd2
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x540, components 3\012- data
Size:   21560
Md5:    965cb8650d0aa92beb1a2117c4636d9b
Sha1:   99fdfd69010556e6bd667a54c753c8957acda394
Sha256: 989d1e46f000eb0e97e1d6fdf1972210b8b56bd17106900875bb2a76b75df44b
                                        
                                            GET /bitcoinup/img/star-icon.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-f1d"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: e2f7c972a808f2f2d68dd7fd496d3c2b
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 119 x 129, 8-bit colormap, non-interlaced\012- data
Size:   3583
Md5:    2dc94a44833eb233d775a05128c57c74
Sha1:   3825453eac8c691e49965ddd1667d61ce54a0cf3
Sha256: 1d0e45a35508c518109725dc87f875a33781d27931fa8f3c3316c2f4b8ebb6e9
                                        
                                            GET /bitcoinup/img/money-icon.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-cbb"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 993ecb0e4e5f95a1ebbbb6b90fe67494
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Size:   3016
Md5:    ecbd9776216c2a213fdc9e6c10b7cfdf
Sha1:   f59692183d33096e2b38bbe802148e5985c7e43a
Sha256: 71268a92b6a9f243f1174211e70e816bafd3f86659146352bb2698511962f506
                                        
                                            GET /intgrtn/api/v1/integration/assets/img/flags32.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/intgrtn/api/v1/integration/sdk.css?v=2.63.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 27 Jul 2022 10:16:08 GMT
Vary: Accept-Encoding
ETag: W/"62e11068-afed"
Expires: Thu, 27 Jul 2023 10:27:47 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
X-Server: ornare
PX-X-Request-Id: ff639f3065a549abd5ad8b77b0a8ed1b
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
PX-Cache-Status: HIT


--- Additional Info ---
Magic:  PNG image data, 32 x 8352, 8-bit colormap, non-interlaced\012- data
Size:   45070
Md5:    62000c9a41e76ec0b0e32059361c12a1
Sha1:   711ba42f1ca771cdb62c7fa7525a402f269972eb
Sha256: 15dbef1df9e79173424fe716ae37e10bec686d179f002aaca1f29dfa5f7c9dba
                                        
                                            GET /intgrtn/api/v1/projects/agreements.php?type=4&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: ornare
PX-X-Request-Id: 9e2ebb323a912c0c80a7e13eda77df3b
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4141), with no line terminators
Size:   1837
Md5:    138dae2d99fda0ae990e6223e3babdf2
Sha1:   8371d20156dd8641ae97308ac049dd1c5aa45b85
Sha256: 428c46d4ea63abef4ffdfdbbaf8e1099d64cf60a1f17f642b700a6d2e7883961
                                        
                                            POST /intgrtn/api/v1/events/add.php HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Content-Length: 92
Origin: https://best-offer-no1.com
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://best-offer-no1.com
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: ornare
PX-X-Request-Id: 37ea645dacf5de007f9cb0e2c7393514
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   159
Md5:    d5ded039feb590fa4ec7931d4838ad5f
Sha1:   23f555766ea6a31da261dd0132f73683b6d60904
Sha256: 85b63b67b5c3748fd374beccce02ef6815fd8ebbfee65d501e478418632a2c34

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19542
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 17:11:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19542
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 17:11:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19542
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 17:11:12 GMT
Connection: keep-alive

                                        
                                            GET /bitcoinup/img/favicon.png HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en; intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-217"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: b76e3e0428e983bba8aa56d3b1d24381
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   559
Md5:    947e86915ea8f7876998361f9433e8a9
Sha1:   36eb60cb504527258bb90ce4a71beca1f4ade7ce
Sha256: 3ae09f6ebcaad0eaaaf9e24fee0487cbc4dff6d9755bf18a42a08a7d1c62e89a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 69266
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 67313
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
age: 68413
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11955
Md5:    54b3ef7aa50273b78b59c24511b0c1f9
Sha1:   e2ea2ef6805e391c497e62e101e76a0bdecfce64
Sha256: 296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 44899
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7H1QKlOtoBoVz93G5lddxHSGiTjtMnHJCZX5FhwqhNPkspslaDoFQA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:57:01 GMT
age: 69251
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4151
Md5:    24a4a122273ef9f772852031eb13114a
Sha1:   c20f1fac9020eb4bd6c84583f73872979639b991
Sha256: 8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 69318
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /bitcoinup/media/en-1.mp4 HTTP/1.1 
Host: best-offer-no1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en; intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.34.166.240
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
Server: nginx
Date: Tue, 04 Oct 2022 17:11:12 GMT
Content-Length: 10620917
Connection: keep-alive
Last-Modified: Mon, 15 Nov 2021 08:00:24 GMT
ETag: "61921398-a20ff5"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 578c17963b9f839de6d68f0171372258
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Range: bytes 0-10620916/10620917


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing