best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
193.34.166.240301 Moved Permanently 162 B URL HTTP/1.1 best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
IP 193.34.166.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 04 Oct 2022 17:11:09 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Strict-Transport-Security: max-age=63072000
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 16:14:34 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: M0vU-MQDxbfdS636XaYeA3bEVx7wHYXHeLKrY8Az1W3XOo4FdrR6-A==
Age: 3395
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8813
Expires: Tue, 04 Oct 2022 19:38:02 GMT
Date: Tue, 04 Oct 2022 17:11:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RtlVs1o0ZeQhNijh7fwPAEfUnlVt18J4yt3oNmbtQeVNzziogoeKjA==
age: 42162
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:11:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 93c9d179aa5410e397e8589868dc7112
122e601cf29878d4456d889facb09947d651255d
719a2e20bbfe3b2518a38d44dc559db070301643475b5158d7f2dbe63072084e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "719A2E20BBFE3B2518A38D44DC559DB070301643475B5158D7F2DBE63072084E"
Last-Modified: Mon, 03 Oct 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Tue, 04 Oct 2022 23:10:55 GMT
Date: Tue, 04 Oct 2022 17:11:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 16:29:33 GMT
Expires: Tue, 04 Oct 2022 16:31:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GOncWSH4to5ORNda4fa0MGvvt1qE8q0Yz77m1576wb64_J3xKHoUGg==
Age: 2497
best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
193.34.166.240200 OK 29 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
IP 193.34.166.240:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1852)
Hash 622f97b9da5df4cc0ccb68ff9cddd8e1
849b23d68f4451a7cf47389b450647fa270a5747
3f0c9d124ceb27671a3f1c5ef33211680f694dd72156b8572c8ba3e8fd339000
GET /bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: intgrtn_language=en; expires=Thu, 03-Nov-2022 17:11:10 GMT; Max-Age=2592000; path=/bitcoinup/
X-Upstream: evlampi-***ko
Content-Encoding: gzip
X-Server: ornare
PX-X-Request-Id: df27d58ea91916ad5a8c811374407a65
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
best-offer-no1.com/bitcoinup/css/style.min.css
193.34.166.240200 OK 7.5 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/css/style.min.css
IP 193.34.166.240:0
File type ASCII text, with very long lines (27984)
Hash 7a69c636266ee83f7ea8f8f61071d92d
f3d0ddccacf05d2f7a6988f9c02661dd3a80e900
7d5904f80ec8c3aced8fefadf6b0beb4dbdab6bf498be929950fc463f87647f3
GET /bitcoinup/css/style.min.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-d0f1"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 89850cd8e34da19211ad412fe8f6f7e9
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/css/video-js.css
193.34.166.240200 OK 9.9 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/css/video-js.css
IP 193.34.166.240:0
File type ASCII text, with very long lines (5635)
Hash 4180d4bc2d2032c94320140a525ce62e
52411dd09b2f6a0f0b59018e51647e4ddf122320
8bec40bd2e30d594759ce63031110b63805d97d9f830c1216f7a514974497d26
GET /bitcoinup/css/video-js.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-9aca"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: b1753259b99a67189d28fecf7d3d2d4b
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/css/styles.css
193.34.166.240200 OK 677 B URL HTTP/1.1 best-offer-no1.com/bitcoinup/css/styles.css
IP 193.34.166.240:0
Hash c1f1a2aca368f9723097af32fd3154bb
15ef2cab00f14ea55fc42dd3856cdb00d12c0ed9
16bfe915f55f4ca3e8fa2427bda53179f77e44b7ed3640c6ce34ad970d25a6e9
GET /bitcoinup/css/styles.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-6d2"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 59e43ff5cfece4cbadd407ea3761a79e
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/css/intlTelInput.min.css
193.34.166.240200 OK 3.1 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/css/intlTelInput.min.css
IP 193.34.166.240:0
File type ASCII text, with very long lines (21275), with no line terminators
Hash 986095515bbf17ee39f9bff48a7b22d4
e0573f2899c49a321c4de83714f9f50c4d8dd34c
6f03e5d8cd58b70c88a8b497f3a4bfb09c7901ad759ceecedd9400e40817760d
GET /bitcoinup/css/intlTelInput.min.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-531b"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 399a25f0338f42a920ca4271d83dce3a
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/css/countrySelect.min.css
193.34.166.240200 OK 2.7 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/css/countrySelect.min.css
IP 193.34.166.240:0
File type ASCII text, with very long lines (20493), with no line terminators
Hash c163b6951fa4eeef1012b0f8f6d51806
e6913136f67891e58eacd24992363c5e20678419
08d5bbce9fab533881107435f2bad86694a83abf4947705bc49f1c8ef7e6ebcf
GET /bitcoinup/css/countrySelect.min.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-500d"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 5ac0f85cdf89e4d0175513fd9c70d346
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/css/style.css
193.34.166.240200 OK 16 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/css/style.css
IP 193.34.166.240:0
File type Unicode text, UTF-8 text, with very long lines (463)
Hash 4e3c99a20310ad5858b85be1fb2e2946
2559004272f098b3b085ec2ff43d987ef3491cb7
59a1f41e34c848331fd37528d99dba33ceb63ed4fcf42eddaa806c17fa605312
GET /bitcoinup/css/style.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-14806"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 41befd89bd2b0c26377cd0d769b85130
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4161
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 17:11:10 GMT
Last-Modified: Tue, 04 Oct 2022 16:01:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
best-offer-no1.com/bitcoinup/css/theme.min.css
193.34.166.240200 OK 639 B URL HTTP/1.1 best-offer-no1.com/bitcoinup/css/theme.min.css
IP 193.34.166.240:0
File type ASCII text, with very long lines (1954), with no line terminators
Hash 97b4a06170d0db87ab75c431d2ad1e52
f4bf9a0bfe7f8c24607b0ca2a4e92af285f00844
bfdedc0d422e770b5996ce4270a5b9af0cf56aa04ffc6da6054e3b8d326b49ec
GET /bitcoinup/css/theme.min.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-7a2"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: e75818288cc6ef0efc20681f3d0971c8
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/css/style(1).css
193.34.166.240200 OK 5.0 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/css/style(1).css
IP 193.34.166.240:0
File type ASCII text, with very long lines (430)
Hash c6ef9f7f70ddabea4a125e46528847e3
c6e53898dc17226564fae1e8cabb4e88cbe085fd
e1f518d7a80bd379ffd91926c2aaac50bd3bb22897a0ab2d3574af4863b8204e
GET /bitcoinup/css/style(1).css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-8b24"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 341d23827d6928b1d0a8beb30238e1af
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/css/blocks.css
193.34.166.240200 OK 1.9 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/css/blocks.css
IP 193.34.166.240:0
Hash 122e09a372b8f27d0d44c0d6cd6dbd1e
3eb694bddfcd4aafbdaa473ca54e9ec5c34014e2
6e980005d5e7dcbacb952e218acb6912dde523896f5d8734361b92f6ceded21e
GET /bitcoinup/css/blocks.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-27df"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: dab4806d3a1160383e6824577fc27574
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/js/jquery-migrate.min.js
193.34.166.240200 OK 4.0 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/js/jquery-migrate.min.js
IP 193.34.166.240:0
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/js/jquery-migrate.min.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-2748"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 5aa9edf4d954c27ae37f1bfb379ab4a9
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/css/css.css
193.34.166.240200 OK 641 B URL HTTP/1.1 best-offer-no1.com/bitcoinup/css/css.css
IP 193.34.166.240:0
Hash 43025f85a4a14c8e2e39b550d9567ea0
acdc35db63cc9dd522f5b30e36b1f1cea8f57cdc
f488f54578fff55c91968cba98e245831dfb8ed2fd66ead64f9e2a56f44d8271
GET /bitcoinup/css/css.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-1d42"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 63116c03f41bb9866f0101f5b40796e8
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 17:11:10 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1709847
expires: Sun, 24 Sep 2023 17:11:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHDa%2FjtAaVl1Yz4o6PacPshADE9Ufbi5Ng9PAhRnNwMZe5CvXeQuQVnUEhq9YHdpYMKASvbaLHYJgO%2FcgNVdWZX99fbsvJ4OUr2Ph%2B%2Fk59BS4mwQYqwzL02Csi%2F8DFXUJVa0cJe2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 754f89046bf80b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
best-offer-no1.com/bitcoinup/js/jquery.js
193.34.166.240200 OK 34 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/js/jquery.js
IP 193.34.166.240:0
File type ASCII text, with very long lines (31997)
Hash 95bf7b30676f75380558a8f55df28256
18ba3d9afcd6dbdf4edbbf6e3c8d1cd527e807b8
3a70f07c32fd221889ac1c0ed0471d5e4e02bcbfdffe9fa0f166f80cc6dddbb5
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/js/jquery.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-17a69"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 236a516888553f4170424d70c5cb7442
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 17:11:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
best-offer-no1.com/bitcoinup/js/intlTelInput.min.js
193.34.166.240200 OK 9.5 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/js/intlTelInput.min.js
IP 193.34.166.240:0
File type Unicode text, UTF-8 text, with very long lines (23026)
Hash bf5025dcd061132437df6b8f0a4c7693
e19443ef7269261988a9015865e130671843d78c
1df8ebc9731d806c773408b70188abd8cd5feb3a220de3da486304e79b286b57
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/js/intlTelInput.min.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-5d1f"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 342f258279eb11358a3b39b8d0808c26
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/js/countrySelect.min.js
193.34.166.240200 OK 6.5 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/js/countrySelect.min.js
IP 193.34.166.240:0
File type Unicode text, UTF-8 text, with very long lines (16597), with no line terminators
Hash 8bd9a6ac8bf08bb5dfe4981ac4db6235
b7d108eeceba5c5502f3fd2d66c23501a9ee110e
e7f29824defa2b9d89f7849139c9affbdc3e9f67ee88d26f64936b3a693bb535
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/js/countrySelect.min.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-4380"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: a8fe779e042a0c5e44edb3315f46f3cc
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/fonts/font-awesome.min.css
193.34.166.240200 OK 6.9 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/fonts/font-awesome.min.css
IP 193.34.166.240:0
File type ASCII text, with very long lines (30830)
Hash 484070548e5cfaacd341be97e920b6d1
0ec0e369069f1b08d47437a8755c1b4ffca9599e
a843fb13ae3fff94c222b837a839ad92c89086d7ba9b5185c3c8838832833125
GET /bitcoinup/fonts/font-awesome.min.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-7911"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: bb62d7879be231503ea5c5cda2931968
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4d6b344f7e5123552495c56971708cef
efcf4bd4bdb6964b29ce0bc239ea32ab573dac3a
8092e24c3c24d08ffebca3781af0ec9574604e1ae4bd40d2c21865c3297f44bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 17:11:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
best-offer-no1.com/bitcoinup/js/video.min.js
193.34.166.240200 OK 63 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/js/video.min.js
IP 193.34.166.240:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 442765e7bb397a4923104ef780d46063
9a286bbed235520288c238529f94b1937925b948
612d9493238910863b7110bb0463cede231a7703e0ee67c5cf788f05bed0a67c
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/js/video.min.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-42c01"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 8947fb4589aeb9f2a96e1bec2e687a2b
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/css/intgrtn.css
193.34.166.240200 OK 1.4 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/css/intgrtn.css
IP 193.34.166.240:0
Hash 1a05a3917e56688a1ad509560219d4c4
3a88d6ac00a3b6a928673193eb1725d51cb9be62
2af0a43780eae044c49f2a62cd24d7ba38a301129d0019c74da27d9b07462abc
GET /bitcoinup/css/intgrtn.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-1666"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 026544daefce11ce30877c2a53a4d8c9
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G6WjmR4C3ZO4dq5bpamXnQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 00DJRpxaHOOrQDXok5se8cC6bJw=
best-offer-no1.com/bitcoinup/js/skip-link-focus-fix.js
193.34.166.240200 OK 416 B URL HTTP/1.1 best-offer-no1.com/bitcoinup/js/skip-link-focus-fix.js
IP 193.34.166.240:0
Hash e6f53264ebf762f651ef3c426aba7d7a
c94c31f4cdc7976febd8b722771d433fcd460d87
e5dab0bbdb24e72cded213dba7acb5e41a11e2a317279a046e402d1146512404
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/js/skip-link-focus-fix.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-2ab"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 22cb7269c423a99d89e2923e351cde91
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/js/jquery.min.js
193.34.166.240200 OK 33 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/js/jquery.min.js
IP 193.34.166.240:0
File type ASCII text, with very long lines (32038)
Hash 1c8acbf5f411ace3b76578a1fd1a603e
b1bbee9db24d885c25afd2e5a7720e4f79b6b991
e37464521b5447580a641b775ddb258a76f3bc7a3ca5a34eb452b12908b350a9
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/js/jquery.min.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-176d5"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 277a875b9352630084cfbb58e804a9f5
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/js/bootstrap.min.js
193.34.166.240200 OK 9.8 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/js/bootstrap.min.js
IP 193.34.166.240:0
File type ASCII text, with very long lines (32033)
Hash 4839f961fb7b3bf3ab0dfb42af29d967
625461153983e2349431581c4b33111423f73f5c
45c664c18940715d29c29b5dbf6901493b671d5961eb549ac3721ba21f4a3308
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/js/bootstrap.min.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-90b5"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 60d02bf460cebb5852d161b19fbf4103
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/js/global.js
193.34.166.240200 OK 2.6 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/js/global.js
IP 193.34.166.240:0
Hash 973a64bc2331c277cb573194bb7b606c
b3d328a5440989f66bdd21c7962a2b94b7b60fbb
fe394568f987fc4cdb089032f1f5cf77079dc5733c0395351490c1dc08a98874
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/js/global.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-1e4a"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 4359840bb8d823be99077ff20b279d4e
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/js/jquery.scrollTo.js
193.34.166.240200 OK 2.4 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/js/jquery.scrollTo.js
IP 193.34.166.240:0
Hash 6867c02378ebacce9b9829019a85e83a
774e8fa7125db0041a2e83359cfdbe2aa17845d2
1728a2503bedcda9b698b16e749b3612d09b28df0399bda3a0bb4b7fc72b625c
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/js/jquery.scrollTo.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-16cc"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: ae629872ca2b62ab99002611fcd84e12
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/js/scripts.js
193.34.166.240200 OK 4.0 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/js/scripts.js
IP 193.34.166.240:0
Hash 401faf572af7bfdf7b0ed796ea38fc9b
2b387b6374a86580e2fb2601c00df3a3066ab265
6cf5b5cb5cf77315be8325dca662915a137d3a8671290d022feea537c7fac464
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/js/scripts.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-3868"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: e4c0d3c03b8fa14a6edc749b41690738
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/btc-logo.png
193.34.166.240200 OK 4.1 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/btc-logo.png
IP 193.34.166.240:0
File type PNG image data, 203 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash 161de89226f8a86bcba3bc927178e913
fe2675dbe9b02cca8404d49edf21bbb44a8e0c35
23579ceae7c87c0b1c7b1abb252704cc76e36b1217dec323a5e48559b83254f9
GET /bitcoinup/img/btc-logo.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-fd0"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 9bac53e27d720f78348cba0db2aa552b
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/js/wp-embed.min.js
193.34.166.240200 OK 769 B URL HTTP/1.1 best-offer-no1.com/bitcoinup/js/wp-embed.min.js
IP 193.34.166.240:0
File type ASCII text, with very long lines (1399)
Hash f5dbcc86138f123517347121c0e3421f
90dd1553fd4ddf8d11b3a445a1e05457189d3200
99b9111adc8878cf8010a779ce547fb59972a81bcb5131751ecf673590ed4538
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/js/wp-embed.min.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-59a"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 0f88b3dcc4e6d25f50352faf54f6a256
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/arow-up.png
193.34.166.240200 OK 344 B URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/arow-up.png
IP 193.34.166.240:0
File type PNG image data, 18 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 32b2cfe5e7ffba50f08d55aec4fd2b61
6c226b29be00d47436f508bc2eaa92d0a9575654
327655027f291364d86273d877df80efe47473291b5b3cdd467da7d7684f9d94
GET /bitcoinup/img/arow-up.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-145"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 29fdc13b6748da212c0c4b41d88c5eef
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 17:11:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 17:11:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
best-offer-no1.com/bitcoinup/img/logo-secure.png
193.34.166.240200 OK 2.2 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/logo-secure.png
IP 193.34.166.240:0
File type PNG image data, 56 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 12a8aa4f9361e5e062de069dcff430f8
d6c3291e5e00630a6eec0c2653a758dedd70a6c0
a819df750c7ad8e88a963e03784c6f2b09a928f4b4a45d4751dddd00e4ee4e37
GET /bitcoinup/img/logo-secure.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-858"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: f449be3ee6ca4d15a07828c5864f9806
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://best-offer-no1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 17:10:21 GMT
expires: Wed, 04 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 50
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Hash efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://best-offer-no1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 20:02:01 GMT
expires: Tue, 03 Oct 2023 20:02:01 GMT
cache-control: public, max-age=31536000
age: 76150
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
best-offer-no1.com/bitcoinup/img/girl.jpg
193.34.166.240200 OK 38 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/girl.jpg
IP 193.34.166.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 552x640, components 3\012- data
Hash 256a7ede50eaefd5dc54169162c03f3a
507f1b0379d46707993817a210c8481598ba9ce4
140b766ed9829d5e7f31106e19f7da055eb08d7f9aea2e5e3c46fb5f5f7ec5d1
GET /bitcoinup/img/girl.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-97ac"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: a66d7a26c3d1c76613ad428bd48cc6c5
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/bg-1.jpg
193.34.166.240200 OK 35 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/bg-1.jpg
IP 193.34.166.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1440x635, components 3\012- data
Hash 4582e15b375aca5483fd0da709716091
2385055eb80dd5045a48c4a90a1d718aeedca27c
f8233c407d2d6802f3ca2eef6ed888e5bd1e88ddbaa373512bc789e3cbceb106
GET /bitcoinup/img/bg-1.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/css/style(1).css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-89b2"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 13c3dddcec4e308d81edb99e995f1c08
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/fonts/fontawesome-webfont.woff2?v=4.7.0
193.34.166.240200 OK 77 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 193.34.166.240:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/fonts/font-awesome.min.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: font/woff2
Content-Length: 77160
Connection: keep-alive
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: "62455170-12d68"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 10e2f42cc5c2f1aca2dd4f43eeb30a65
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 17:11:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
best-offer-no1.com/bitcoinup/img/video-bg1.png
193.34.166.240200 OK 15 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/video-bg1.png
IP 193.34.166.240:0
File type PNG image data, 718 x 483, 8-bit/color RGBA, non-interlaced\012- data
Hash 61ec1e0d615282c014d55cbdb47ff859
ef0b68f1745c1de1b29baa70945fc5b1b4d7eebf
9c1c2a5bf474b7115d1079aacf8a1176fbf2998b5bf9d2c37c497c1ef42a63ca
GET /bitcoinup/img/video-bg1.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/css/style(1).css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-4738"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 491610edbe915bea2e2aaaf0a11ef291
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/css/img/arow.png
193.34.166.240200 OK 305 B URL HTTP/1.1 best-offer-no1.com/bitcoinup/css/img/arow.png
IP 193.34.166.240:0
File type PNG image data, 16 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d101a7b742892248f1874f3f2626be2
e0d2c9125f710a57c5782c6b3da0c4dc81736874
34aab62de1b4321cd8bebd910c44786548a6e0999b1014e3570bb2ce514fe5e8
GET /bitcoinup/css/img/arow.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/css/style(1).css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-120"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 693eed565c44a37248e1595686c47ec2
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/winner-1.jpg
193.34.166.240200 OK 6.4 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/winner-1.jpg
IP 193.34.166.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x160, components 3\012- data
Hash 4117a8814432961e85f7585fe197e843
9830d5b187ed73ef46bf6e58ba2ed396ae4dd2f4
826f5f748f89ea45fa220e7a1319eee07e742bea54338af5202309d058892a4e
GET /bitcoinup/img/winner-1.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-1941"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 67b45d4ae3f0f1522a37947821c6845e
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
142.250.74.10200 OK 42 kB URL HTTP/2 fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
IP 142.250.74.10:0
Hash 5a178041d545c2c7afd0bd5bdd03451f
ff0cab93ada2188257ec2f898ebce685f97a4987
f3a886cf66b4bf8a7c3a6220a3065ee287457a2039f999d01f11e8c1954d794d
GET /css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 17:11:10 GMT
date: Tue, 04 Oct 2022 17:11:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
best-offer-no1.com/bitcoinup/img/question-img-3.jpg
193.34.166.240200 OK 16 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/question-img-3.jpg
IP 193.34.166.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 312x510, components 3\012- data
Hash 618106a3dfb25521fe284afddac1a4f2
20738a99822e9507b9d98db8ded7b2ae6b36582a
aa8e28ed5f0e61880f0ff76b3086deea31f8e30704131ab780f81fa62cc4237a
GET /bitcoinup/img/question-img-3.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-456b"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: d190ba2427725eee1abb56c51e76e461
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/winner-4.jpg
193.34.166.240200 OK 7.3 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/winner-4.jpg
IP 193.34.166.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x160, components 3\012- data
Hash 2f94ed5b182224fc5a506c670b5eebf7
150c68ab51fed8917d5b671183da9ceb7ba835bb
e3fd6939e5eae4de24bb75d5da117b6f7217b162a01fb9fbbec92f331ea29ad6
GET /bitcoinup/img/winner-4.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-1cdf"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 0c85a6f0878bde9a13e2695284e56646
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/winner-3.jpg
193.34.166.240200 OK 5.0 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/winner-3.jpg
IP 193.34.166.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 174x160, components 3\012- data
Hash 5d7fdf896d015f2c1071ceee4f76ec6b
f933e134d605a067a5db1f520b95c554b483da6b
dcf7576efeb4bc57fdc3bec5dec029713cd041626753c16d6b247aadd009469c
GET /bitcoinup/img/winner-3.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-13b4"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 0f4c6cb8b9f4618969539a51ead13d50
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/question-img-1.jpg
193.34.166.240200 OK 17 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/question-img-1.jpg
IP 193.34.166.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 666x417, components 3\012- data
Hash 3951c079b510888d7fab7af997d737a5
ffde07239a228e3c2578d1c3b909c5f1f96a4937
54090a279c74de0e9ac8c69d0ea84a8f92ca6e66c5e78794d112d0e9b7d2f68b
GET /bitcoinup/img/question-img-1.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-5072"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 6c2f651f409d8cca440adc2d2c12c5b7
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/question-img-2.jpg
193.34.166.240200 OK 25 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/question-img-2.jpg
IP 193.34.166.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 666x417, components 3\012- data
Hash f7e37518f75b4a99f46f82e3b88b7dae
25ee6db0da341904c5359d43de859c735e484f04
0db8748c583074170d3f426c777f74f2fc3cc4cb24cf6ff7ff7bf71ebcdaaac9
GET /bitcoinup/img/question-img-2.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-755f"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: a379db54aaed7d134420c36fab8be352
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/phone-footer.png
193.34.166.240200 OK 37 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/phone-footer.png
IP 193.34.166.240:0
File type PNG image data, 407 x 488, 8-bit colormap, non-interlaced\012- data
Hash 08bc132135587bc27dee5f8ba392a626
f07d5afe7180663da1542ae8bee1a884f95f4d63
84c43eea7a64a3cb36b832cb0b02a1eca0a6fb879b74edbe24169a7e70337840
GET /bitcoinup/img/phone-footer.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-8ec7"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: c07726fc314cfe30d96337e1417ad95a
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/mcafee.png
193.34.166.240200 OK 2.8 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/mcafee.png
IP 193.34.166.240:0
File type PNG image data, 178 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 56e0cd08a42b2a1a1dd99f228d572dcc
0f01f4fa6c9641dec69e1043a53d5a8771453ede
7407c6f28fe791f74ce0a4f39e4d32ee4c7cce27a587f669db5f8fd40b2febd9
GET /bitcoinup/img/mcafee.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-afe"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: c318fa4675cbf1d9255e8afc92141f08
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/bitgo.png
193.34.166.240200 OK 3.1 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/bitgo.png
IP 193.34.166.240:0
File type PNG image data, 88 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 097c2c245487348c09af7e343d9e5e9f
50fbf5510905846680c6a0fc80ec505e8194ff3b
a45cbde0c189acd0cf1d6de88f98f5e43709a0c1b092d7d3335693229e665f86
GET /bitcoinup/img/bitgo.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-c08"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 672f839584e29312f46638fe6db7b698
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/visa.png
193.34.166.240200 OK 4.0 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/visa.png
IP 193.34.166.240:0
File type PNG image data, 101 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 7202817bb490723ad2a7ed99439cea0c
3fce5e5fd69377e57da7a8f9a51e9891715f8eeb
c55016cc6ae5d74aab0f4be18c86eec7e9dc6b6afbfd911ad36c85d00e5d64b9
GET /bitcoinup/img/visa.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-f5b"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: c71295bf9473e488fddb048a805c5d5a
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.195200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://best-offer-no1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 17:10:21 GMT
expires: Wed, 04 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 50
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/librefranklin/v4/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjnTLgNs.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/librefranklin/v4/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjnTLgNs.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15320, version 1.0\012- data
Hash 805e3f7f31c9f2f0f343deecef57f692
b85e02b31cb237417316c2375690315e6cef6758
0a154fd74d1c2e3998aa7eec894a1b334ae50fda2cb99d86d5acab0b1f4b32c4
GET /s/librefranklin/v4/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjnTLgNs.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://best-offer-no1.com
Connection: keep-alive
Referer: https://best-offer-no1.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 13:23:24 GMT
expires: Sun, 01 Oct 2023 13:23:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jul 2019 19:20:41 GMT
content-type: font/woff2
age: 272867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
best-offer-no1.com/intgrtn/api/v1/integration/sdk.css?v=2.63.2
193.34.166.240200 OK 8.2 kB URL HTTP/1.1 best-offer-no1.com/intgrtn/api/v1/integration/sdk.css?v=2.63.2
IP 193.34.166.240:0
Hash f8d2693bbce48cb3c19117b0d43e9cc4
5a4ed5df84262978776ee5fd1d2418ebde6f08ba
0ec8d1ead3f977cf5f4421c42570d18ac80796c2ccbc6b855af7c68e3470b922
GET /intgrtn/api/v1/integration/sdk.css?v=2.63.2 HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 09:01:21 GMT
Vary: Accept-Encoding
ETag: W/"62de5be1-1344e"
Expires: Tue, 25 Jul 2023 09:04:44 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
X-Server: ornare
PX-X-Request-Id: 8312774e5658709a2dfdee8dc009bba3
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
PX-Cache-Status: HIT
best-offer-no1.com/bitcoinup/img/winner-3-big.jpg
193.34.166.240200 OK 17 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/winner-3-big.jpg
IP 193.34.166.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 266x540, components 3\012- data
Hash d20dfd4e59170c4025d619d380a85d05
773826cbdea438bbb19fd9480850667414434ff8
e4abf6b5e6f935c4055016c49366db2281b6280dab137f879382cb6f4f013dcb
GET /bitcoinup/img/winner-3-big.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-41e4"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 2339fdd740878bf88ccaddb4ea902697
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/mastercard.png
193.34.166.240200 OK 2.4 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/mastercard.png
IP 193.34.166.240:0
File type PNG image data, 195 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ce2bbb0bcc887b262f7fe32eda47f35
fb973bc77d1038f8c07f0468fb8883a87930c9a2
765c9f3bdc03f76213a83c6de7e1a31412f2f22ad621de992fc30de9897dac3e
GET /bitcoinup/img/mastercard.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-933"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 662406daa4324c4e3b04f95c993fed86
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/bitcoin-revolution-deposit-269x300-1.png
193.34.166.240200 OK 68 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/bitcoin-revolution-deposit-269x300-1.png
IP 193.34.166.240:0
File type PNG image data, 269 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 90ca06f43ee583486b0d120da0ced5e2
01bb60396a767d98e214629f8df8b30ec9b7dc6e
cf294f24f3206d90a994edd5cf175d23d35cbf8ee941624b69c5d3b7177d6ac0
GET /bitcoinup/img/bitcoin-revolution-deposit-269x300-1.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-10b1a"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 659537147293e9111905a95ea86e64da
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/intgrtn/api/v1/locations/current.php?&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ
193.34.166.240200 OK 206 B URL HTTP/1.1 best-offer-no1.com/intgrtn/api/v1/locations/current.php?&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ
IP 193.34.166.240:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 93d3c89f4b0524d8512ed97a4ff783c1
fe54fb3bbf79cb7ba9843c99078aab80a65bf4b7
351218373405ce9e8b51541cb4f568153de98e216a92f6a08d868e18a6374965
GET /intgrtn/api/v1/locations/current.php?&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: ornare
PX-X-Request-Id: 2654a018640f19cc8c52bfe8f91695d1
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
best-offer-no1.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ
193.34.166.240200 OK 1.8 kB URL HTTP/1.1 best-offer-no1.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ
IP 193.34.166.240:0
File type JSON data\012- , ASCII text, with very long lines (4140), with no line terminators
Hash c227844f294b07f422f4a9d501f301c9
33c064bb0fd856fb1e55b11873c8ed6114d7d274
bee3f81b0c723d9e0a8519293e64510021892cdc0080f749f0281d76e06816f8
GET /intgrtn/api/v1/projects/agreements.php?type=4&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: ornare
PX-X-Request-Id: 00555baf61e85871017eb9e104b06110
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
best-offer-no1.com/intgrtn/api/v1/integration/assets/img/eye-1.png
193.34.166.240200 OK 1.1 kB URL HTTP/1.1 best-offer-no1.com/intgrtn/api/v1/integration/assets/img/eye-1.png
IP 193.34.166.240:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 5bf67e283b31db289f9c688d355e2f69
cc0e399b41878e01eb5d932bcc729606ca9783fc
da41684c01ab082ccba66af435a4a2c512a0755d8de5343a36d3919aec61c0ff
GET /intgrtn/api/v1/integration/assets/img/eye-1.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/intgrtn/api/v1/integration/sdk.css?v=2.63.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 13:58:11 GMT
Vary: Accept-Encoding
ETag: W/"633aea73-405"
Expires: Tue, 03 Oct 2023 16:10:49 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
X-Server: ornare
PX-X-Request-Id: 43928ae7a7afd77881b862b8196bb564
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
PX-Cache-Status: HIT
best-offer-no1.com/bitcoinup/img/Ellipsis-2s-151px.svg
193.34.166.240200 OK 2.6 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/Ellipsis-2s-151px.svg
IP 193.34.166.240:0
File type SVG Scalable Vector Graphics image\012- exported SGML document, ASCII text, with very long lines (2649), with no line terminators
Hash a4fdaedbce1078e7d3ad00e720a2c7f0
9ec5189f70a4d35c117ddddc3e70240dbbab4417
5cb1132270a8ff89655d460f817f99e10859995c418e358a698ed7e67b689991
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/img/Ellipsis-2s-151px.svg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/svg+xml
Content-Length: 2649
Connection: keep-alive
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: "62455170-a59"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: f270cbbb2de6d66631664b740a0e08c6
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Accept-Ranges: bytes
best-offer-no1.com/bitcoinup/css/img/arow-faq.png
193.34.166.240200 OK 356 B URL HTTP/1.1 best-offer-no1.com/bitcoinup/css/img/arow-faq.png
IP 193.34.166.240:0
File type PNG image data, 8 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 31e95dfa4d42480d41ed195281c8657d
8180562ca9e9d533382601983e5d3015ee9af17c
fbada089462c61aa047588fd7179f2126eb2114832dcc3603c485e01e27456e6
GET /bitcoinup/css/img/arow-faq.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/css/style(1).css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-150"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 75468f6bd501deaf4fcb2639f49f06ca
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/intgrtn/api/v1/projects/details.php?&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&language=en
193.34.166.240200 OK 6.4 kB URL HTTP/1.1 best-offer-no1.com/intgrtn/api/v1/projects/details.php?&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&language=en
IP 193.34.166.240:0
File type JSON data\012- , ASCII text, with very long lines (44795), with no line terminators
Hash 0ce0a8a1803fa0fd06faeb7f51a99a2c
260fd3e69b3835e8a777f1a62f8546cbff5f1d95
e5fcdd09e17c63c3d31a833ee86d8f705707ddd7755bd9df9ea43ab5cc7f0c5d
GET /intgrtn/api/v1/projects/details.php?&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&language=en HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: ornare
PX-X-Request-Id: b5bb9ef6abee2926b0c496dc8a3f146c
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
best-offer-no1.com/bitcoinup/img/winner-2-big.jpg
193.34.166.240200 OK 29 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/winner-2-big.jpg
IP 193.34.166.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x540, components 3\012- data
Hash bc159653f1b641e98ba8db1e9a1e9bf6
6aa800c5e0626ba8be3c01855c4a8ba1b7b990cc
df97dcc06b90d0e910cc9ca521007aa3aecbf3a27ca838832eabf4dd218a617e
GET /bitcoinup/img/winner-2-big.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-7306"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 46746815496cddc6afc76381171f907e
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/winner-4-big.jpg
193.34.166.240200 OK 33 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/winner-4-big.jpg
IP 193.34.166.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x540, components 3\012- data
Hash 71cb0a23493f930984e3d3ee8bf41954
9ba9e218a7f8d4990dfc7c3dfe10d5e92fa9ba8a
dce02c2ba0ce1f7270d97596c37c34d9338394e80cc7429f03c8c63356a012a6
GET /bitcoinup/img/winner-4-big.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-7fe0"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: a8764107910dc54576fa9bbf7bffa760
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/bitcoinicon.png?v=12
193.34.166.240200 OK 15 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/bitcoinicon.png?v=12
IP 193.34.166.240:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash b5ca491a95ab223571b472ca2fe27f06
b3e9b03c920d75d24d0bfe4b22e67189f64f54cb
2aff294ee5ba5c9953746e6a1dd54fc9299c9d0d14ff906616f924d9ace5f3ad
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/img/bitcoinicon.png?v=12 HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-3b06"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: be31ed0b213a7bfa7cfb3a1a8fdc743b
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/winner-1-big.jpg
193.34.166.240200 OK 22 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/winner-1-big.jpg
IP 193.34.166.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x540, components 3\012- data
Hash 965cb8650d0aa92beb1a2117c4636d9b
99fdfd69010556e6bd667a54c753c8957acda394
989d1e46f000eb0e97e1d6fdf1972210b8b56bd17106900875bb2a76b75df44b
GET /bitcoinup/img/winner-1-big.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-5476"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 3ce13ed9709baf06b4496a9ea671afd2
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/star-icon.png
193.34.166.240200 OK 3.6 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/star-icon.png
IP 193.34.166.240:0
File type PNG image data, 119 x 129, 8-bit colormap, non-interlaced\012- data
Hash 2dc94a44833eb233d775a05128c57c74
3825453eac8c691e49965ddd1667d61ce54a0cf3
1d0e45a35508c518109725dc87f875a33781d27931fa8f3c3316c2f4b8ebb6e9
GET /bitcoinup/img/star-icon.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-f1d"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: e2f7c972a808f2f2d68dd7fd496d3c2b
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/bitcoinup/img/money-icon.png
193.34.166.240200 OK 3.0 kB URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/money-icon.png
IP 193.34.166.240:0
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash ecbd9776216c2a213fdc9e6c10b7cfdf
f59692183d33096e2b38bbe802148e5985c7e43a
71268a92b6a9f243f1174211e70e816bafd3f86659146352bb2698511962f506
GET /bitcoinup/img/money-icon.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-cbb"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 993ecb0e4e5f95a1ebbbb6b90fe67494
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
best-offer-no1.com/intgrtn/api/v1/integration/assets/img/flags32.png
193.34.166.240200 OK 45 kB URL HTTP/1.1 best-offer-no1.com/intgrtn/api/v1/integration/assets/img/flags32.png
IP 193.34.166.240:0
File type PNG image data, 32 x 8352, 8-bit colormap, non-interlaced\012- data
Hash 62000c9a41e76ec0b0e32059361c12a1
711ba42f1ca771cdb62c7fa7525a402f269972eb
15dbef1df9e79173424fe716ae37e10bec686d179f002aaca1f29dfa5f7c9dba
GET /intgrtn/api/v1/integration/assets/img/flags32.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/intgrtn/api/v1/integration/sdk.css?v=2.63.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 27 Jul 2022 10:16:08 GMT
Vary: Accept-Encoding
ETag: W/"62e11068-afed"
Expires: Thu, 27 Jul 2023 10:27:47 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
X-Server: ornare
PX-X-Request-Id: ff639f3065a549abd5ad8b77b0a8ed1b
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
PX-Cache-Status: HIT
best-offer-no1.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ
193.34.166.240200 OK 1.8 kB URL HTTP/1.1 best-offer-no1.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ
IP 193.34.166.240:0
File type JSON data\012- , ASCII text, with very long lines (4141), with no line terminators
Hash 138dae2d99fda0ae990e6223e3babdf2
8371d20156dd8641ae97308ac049dd1c5aa45b85
428c46d4ea63abef4ffdfdbbaf8e1099d64cf60a1f17f642b700a6d2e7883961
GET /intgrtn/api/v1/projects/agreements.php?type=4&clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:12 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: ornare
PX-X-Request-Id: 9e2ebb323a912c0c80a7e13eda77df3b
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
best-offer-no1.com/intgrtn/api/v1/events/add.php
193.34.166.240200 OK 159 B URL HTTP/1.1 best-offer-no1.com/intgrtn/api/v1/events/add.php
IP 193.34.166.240:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d5ded039feb590fa4ec7931d4838ad5f
23f555766ea6a31da261dd0132f73683b6d60904
85b63b67b5c3748fd374beccce02ef6815fd8ebbfee65d501e478418632a2c34
Analyzer Verdict Alert fortinet Phishing
POST /intgrtn/api/v1/events/add.php HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Content-Length: 92
Origin: https://best-offer-no1.com
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:12 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://best-offer-no1.com
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: ornare
PX-X-Request-Id: 37ea645dacf5de007f9cb0e2c7393514
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19542
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 17:11:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19542
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 17:11:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19542
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 17:11:12 GMT
Connection: keep-alive
best-offer-no1.com/bitcoinup/img/favicon.png
193.34.166.240200 OK 559 B URL HTTP/1.1 best-offer-no1.com/bitcoinup/img/favicon.png
IP 193.34.166.240:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 947e86915ea8f7876998361f9433e8a9
36eb60cb504527258bb90ce4a71beca1f4ade7ce
3ae09f6ebcaad0eaaaf9e24fee0487cbc4dff6d9755bf18a42a08a7d1c62e89a
GET /bitcoinup/img/favicon.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en; intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 17:11:12 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2022 07:00:00 GMT
ETag: W/"62455170-217"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: b76e3e0428e983bba8aa56d3b1d24381
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 69266
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 67313
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
age: 68413
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 44899
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24a4a122273ef9f772852031eb13114a
c20f1fac9020eb4bd6c84583f73872979639b991
8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7H1QKlOtoBoVz93G5lddxHSGiTjtMnHJCZX5FhwqhNPkspslaDoFQA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:57:01 GMT
age: 69251
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 69318
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
best-offer-no1.com/bitcoinup/media/en-1.mp4
193.34.166.240206 Partial Content 0 B URL HTTP/1.1 best-offer-no1.com/bitcoinup/media/en-1.mp4
IP 193.34.166.240:0
Analyzer Verdict Alert fortinet Phishing
GET /bitcoinup/media/en-1.mp4 HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://best-offer-no1.com/bitcoinup/lp-en.php?intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ&country=US&intgrtn_redirectReturningLead=auto
Cookie: intgrtn_language=en; intgrtn_clickID=AR75WoEk3BdxleDMgYL1rwpZoxKg8pKy4vGjZmbP0n6qV2JzQ; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Server: nginx
Date: Tue, 04 Oct 2022 17:11:12 GMT
Content-Type: video/mp4
Content-Length: 10620917
Connection: keep-alive
Last-Modified: Mon, 15 Nov 2021 08:00:24 GMT
ETag: "61921398-a20ff5"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: ornare
PX-X-Request-Id: 578c17963b9f839de6d68f0171372258
PX-IPCountryISO: NO
PX-IPTimestamp: 1662046186 1664903186 1664893272
Content-Range: bytes 0-10620916/10620917