Report - dateullauvib.cf/?ud=jlluarkmr&s=687474703a2f2f646174696e6773722e636f6d2f6e65772f3f733d393326263630323838323437363335353838312664693d37672d313935302665643d676d6126693d61646d696e39332c31383835342c726f6d616e6b6f6c6c6f333740676d61696c2e636f6d2cd0a0d0bed0bcd0b0d0bd2674733d3136383434393338313726313736313037343735353234373638&

Report Overview

Submitted URL
dateullauvib.cf/?ud=jlluarkmr&s=687474703a2f2f646174696e6773722e636f6d2f6e65772f3f733d393326263630323838323437363335353838312664693d37672d313935302665643d676d6126693d61646d696e39332c31383835342c726f6d616e6b6f6c6c6f333740676d61696c2e636f6d2cd0a0d0bed0bcd0b0d0bd2674733d3136383434393338313726313736313037343735353234373638&
IP
104.21.20.136
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-01 07:35:45
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
s.sloffer1.com	unknown	2021-03-18	2022-03-23	2023-05-31	2.3 kB	4.9 kB	52.1.220.62
cdn-dimi.akamaized.net	unknown	2014-03-18	2022-07-07	2023-05-31	4.3 kB	1.2 MB	88.221.27.128
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-01	1.1 kB	48 kB	142.250.74.163
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-31	878 B	37 kB	142.250.74.99
a.vfgtg.com	279695	2020-07-10	2020-10-09	2023-05-31	670 B	1.0 kB	18.192.108.151
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-31	680 B	1.9 kB	54.230.80.227
t.affoth2.com	unknown	2022-11-14	2023-05-18	2023-05-30	559 B	2.2 kB	54.230.111.52
a.vfgtc.com	unknown	2019-06-20	2019-09-27	2023-05-31	1.8 kB	2.0 kB	18.192.108.151
a.vfgtf.com	unknown	2019-08-02	2020-02-06	2023-05-31	920 B	1.1 kB	18.192.108.151
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-31	1.7 kB	3.5 kB	142.250.74.131
qgxvbz.lilustriousdate.com	unknown	2022-10-13	2023-04-06	2023-05-31	3.1 kB	62 kB	63.32.216.166
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-31	462 B	2.2 kB	142.250.74.106
dateullauvib.cf	unknown	unknown	2022-10-01	2023-05-17	1.3 kB	41 kB	104.21.20.136

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-01 07:35:25	low	Client IP	Internal IP	ET INFO DNS Query for Suspicious .cf Domain
2023-06-01 07:35:25	low	Client IP	172.67.192.239	ET INFO Suspicious Domain (*.cf) in TLS SNI

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1	2.3 kB	2023-06-01	2023-06-01
Pretty URL qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 IP 63.32.216.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 09:35:52 Last Seen2023-06-01 09:35:52 Times Seen1 Hash 35d40c46d4254c31117eae6e63e362cf 56e4abda7bf7ba8031278866e3b31ae4593741f7 69b1f97237be79e574b3b6d808f9e7e0e948a985216cd3d3b8bbd3de3236ea18 Loading...

	qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1	3.6 kB	2023-06-01	2023-06-01
Pretty URL qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 IP 63.32.216.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 09:35:52 Last Seen2023-06-01 09:35:52 Times Seen1 Hash 1b03882a7367a72f5ca4d1c24ad8d634 228a796951a967025d84a35243bec428b15448e6 82963bcf7dc0dc59e22edf22b41b8214a11eb205d304a86c3b40d95e724a5ad3 Loading...

	qgxvbz.lilustriousdate.com/js/pushjs/1.0.0/subscriber.js	9.4 kB	2023-05-23	2023-07-25
Pretty URL qgxvbz.lilustriousdate.com/js/pushjs/1.0.0/subscriber.js IP 63.32.216.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-23 13:07:49 Last Seen2023-07-25 20:18:06 Times Seen1187 Hash 9a76092417bab7e2f25aac9bb01c6a91 07158fa1c2bd1f320b4401b1a535430afe66655a 788a5bacebaac190a447e071de8c171e7f8baa55be95df07621b24ea4fb667a2 Loading...

	moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/shims/firebase.js	2.3 kB	2023-05-05	2024-04-26
Pretty URL moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/shims/firebase.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38:25 Last Seen2024-04-26 19:57:01 Times Seen9701 Hash 32d439c9ec8c789e843ae58b6774681c deb2c661dacf46eb3a1eacbba3e430dcf10cc395 f65e83801e16f98e150ae8843afb4c98c0b3ac0fa7fbe5a5ec687b08119732d6 Loading...

	qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1	3.6 kB	2023-06-01	2023-06-01
Pretty URL qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 IP 63.32.216.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 09:35:52 Last Seen2023-06-01 09:35:52 Times Seen1 Hash 91373956e3f43452e81a443a4ed82a5d 98ada21f6fc936a694621cfe14940e7ea3cc6262 950617704cdecc404695a58f593f9c2e819632e3237f9905db0203dc9ea7a6f7 Loading...

	qgxvbz.lilustriousdate.com/?s1=187050&s2=1773580&s3=170910&s5=backuser&click_id=1020c2e5989dea8eb0c3012109f6d5&iexpp=1&j1=1&j9=1&utm_source=da57dc555e50572d&j8=1	0 B	2023-03-07	2024-04-27
Pretty URL qgxvbz.lilustriousdate.com/?s1=187050&s2=1773580&s3=170910&s5=backuser&click_id=1020c2e5989dea8eb0c3012109f6d5&iexpp=1&j1=1&j9=1&utm_source=da57dc555e50572d&j8=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 06:11:27 Times Seen37112002 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	qgxvbz.lilustriousdate.com/js/pushjs/1.0.0/utils.js	7.1 kB	2023-03-07	2024-04-21
Pretty URL qgxvbz.lilustriousdate.com/js/pushjs/1.0.0/utils.js IP 63.32.216.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-21 23:30:57 Times Seen4796 Hash 711c7ecda710a342d24faef1dec76ede d1b38489603a2aecc2be5edb4fa4cd8d442fe727 41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js	36 kB	2023-03-07	2024-04-21
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-21 23:30:58 Times Seen11070 Hash 0cb7a0eb328ea70ab360f861314c8820 e3e20eb50dae36f4cbcef1890b1cc7878acb537a 4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9 Loading...

	qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1	10 kB	2023-06-01	2023-06-01
Pretty URL qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 IP 63.32.216.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 09:35:52 Last Seen2023-06-01 09:35:52 Times Seen1 Hash 126c1ccdaa9386c8b0b9640093680e88 8f6c3e98a56bb396eea445ba35a60e0f2c71025b 6303ad3cd00c8b3c04d407566493aca8f8607a353208b2109123a632db013918 Loading...

	qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1	393 B	2023-06-01	2023-06-01
Pretty URL qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 IP 63.32.216.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 09:35:52 Last Seen2023-06-01 09:35:52 Times Seen1 Hash 1234ce13158c692166aa923054e9f5f0 11e33097e0bf16210e85082f3d95abaa1a12b452 35363e95a54b629c0db64c163af753a9ed9fdce98c16e187e471a8ca2c677f78 Loading...

	cdn-dimi.akamaized.net/landings/279205/1685522720/js/jquery.min.js?1685522720	86 kB	2023-03-07	2024-04-27
Pretty URL cdn-dimi.akamaized.net/landings/279205/1685522720/js/jquery.min.js?1685522720 IP 88.221.27.128 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-27 06:04:04 Times Seen384954 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	qgxvbz.lilustriousdate.com/sandbox%20eval%20code	123 B	2023-05-05	2024-04-26
Pretty URL qgxvbz.lilustriousdate.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38:25 Last Seen2024-04-26 19:57:01 Times Seen7419 Hash 239166f4d1bda569909c9af241098419 ad3987a93224de5c735c7c380daf5bfaecf60ac8 255566913e81e0587539abba68839777480779575271b734e817e7093f4dceec Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-app.js	25 kB	2023-03-07	2024-04-21
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-app.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-21 23:30:58 Times Seen10994 Hash 9164d0e8a317eceb870cca88c9683127 4617c910005f7100b4ff26a458a8b4463e33cdc6 15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931 Loading...

	cdn-dimi.akamaized.net/landings/279205/1685522720/js/translates.js?1685522720	24 kB	2023-03-25	2024-01-07
Pretty URL cdn-dimi.akamaized.net/landings/279205/1685522720/js/translates.js?1685522720 IP 88.221.27.128 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:54:23 Last Seen2024-01-07 22:49:29 Times Seen456 Hash 09375f18dc5bfd539f211887b6a178e6 01151d9836502715a56f01db102da22f462821d2 74e9cb9fca7f14f9de2c6416b1d99b3e28e0fd9c0501c848d8276de3a7036d5c Loading...

	cdn-dimi.akamaized.net/landings/279205/1685522720/js/scripts.js?1685522720	511 B	2023-03-25	2024-04-26
Pretty URL cdn-dimi.akamaized.net/landings/279205/1685522720/js/scripts.js?1685522720 IP 88.221.27.128 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:54:24 Last Seen2024-04-26 01:43:46 Times Seen568 Hash 69e75e0997cdd1b51ef2d8f78358e937 f816503aceb6edd2fd9f0cc3f911b99817ca611d 40c9bae2946917f32864946aabede4750f809cf9f3ab600669faab410b82526c Loading...

HTTP Transactions (34)

	URL	IP	Response	Size
	dateullauvib.cf/new/?s=93&&602882476355881&di=7g-1950&ed=gma&i=admin93,18854,romankollo37@gmail.com,%D0%A0%D0%BE%D0%BC%D0%B0%D0%BD&ts=1684493817&176107475524768	104.21.20.136	302 Found	0 B
URL User Request GET HTTP/1.1 dateullauvib.cf/new/?s=93&&602882476355881&di=7g-1950&ed=gma&i=admin93,18854,romankollo37@gmail.com,%D0%A0%D0%BE%D0%BC%D0%B0%D0%BD&ts=1684493817&176107475524768 IP 104.21.20.136:80 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /new/?s=93&&602882476355881&di=7g-1950&ed=gma&i=admin93,18854,romankollo37@gmail.com,%D0%A0%D0%BE%D0%BC%D0%B0%D0%BD&ts=1684493817&176107475524768 HTTP/1.1 Host: dateullauvib.cf User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Date: Thu, 01 Jun 2023 07:35:26 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/5.3.3 Set-Cookie: visited=1; expires=Sat, 01-Jul-2023 07:35:28 GMT Location: https://t.affoth2.com/pm51j4wny8/55609/5782/0/?bo=2753,2754,2755,2756&aff_sub1=va99&aff_sub2=test_dat_twuk2_geo CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEonNJATeTP16E%2ForGfC%2FQo%2FOYBiW8ScLcOmaoUO3xyYdfaR4TVRP8APA1yuEhTwNJyOKjAerhA2UFmeJOeNEY09Z7V9hHCxXRkeiKHtpu3ecU8zQrg3qHVqkiq5Sbg%2BXH0%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7d05c7a63f02b529-OSL alt-svc: h2=":443"; ma=60

	ocsp.r2m02.amazontrust.com/	54.230.80.227		471 B
URL ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 9b4e3c241d5cd29aac24e37cbcba0629 452f8ed305b18a3d313489542e3eeedc58640aaa cbaae741a31cd344605d13c1246edd5589781ae6ba47d7d2059ac1e144ed8389 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=7200 Date: Thu, 01 Jun 2023 07:35:26 GMT Last-Modified: Thu, 01 Jun 2023 07:04:21 GMT Server: ECAcc (dcb/7EDB) X-Cache: Miss from cloudfront Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: JIMw0AuFfx9rkX8wRtwEM1H8duiUCV1AKb1CIBKIPMW5LQAcN46LNA== Age: 1865`

	t.affoth2.com/pm51j4wny8/55609/5782/0/?bo=2753,2754,2755,2756&aff_sub1=va99&aff_sub2=test_dat_twuk2_geo	54.230.111.52	303 See Other	540 B
URL User Request GET HTTP/2 t.affoth2.com/pm51j4wny8/55609/5782/0/?bo=2753,2754,2755,2756&aff_sub1=va99&aff_sub2=test_dat_twuk2_geo IP 54.230.111.52:443 ASN #16509 AMAZON-02 Certificate IssuerAmazon Subjectaffoth2.com Fingerprint63:F1:7D:B8:4B:A2:FE:99:C9:EC:05:66:2E:F5:C3:FE:73:79:8B:E0 ValidityThu, 09 Feb 2023 00:00:00 GMT - Sat, 09 Mar 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (540), with no line terminators Size 540 B (540 bytes) Hash 789d95eede582de47aab82ecce06a7da 7bf1d435e960cf325db2f128ba582aa8012067b9 295ac7d82dae2472ebf5923a3057e45ddd4b5bd5edcef9b2358de0091949d0b5 HTTP Headers GET /pm51j4wny8/55609/5782/0/?bo=2753,2754,2755,2756&aff_sub1=va99&aff_sub2=test_dat_twuk2_geo HTTP/1.1 Host: t.affoth2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 303 See Other content-type: text/html; charset=utf-8 content-length: 540 location: https://a.vfgtg.com/f56fcd7b-c6ae-4a04-80bc-b5e7d92e158b?subID1=test_dat_twuk2_geo&affiliateID=75077&source=1021fc1f1dfcfad0fe36bade40f478&subID2=55609&Target=Email&affsource=test_dat_twuk2_geo&bo=2753%2C2754%2C2755%2C2756 server: nginx/1.19.0 date: Thu, 01 Jun 2023 07:35:27 GMT set-cookie: enc_aff_session_5782=ENC037a5226a313dd5d6d0bfae5d4ab62f33863ba862f6e12854377d3474e492d6f8a9b23b29ad912807afeb5eaead96f7dc1a1a0f608d877da9dc3e434f465dfb8373a229de24a2557e9d00696e952f05662b3577b2a68ff86a2d4e97a84acecd0ba5c526897d471c995a8fefd5a3f7876616920880cdb338cfa7192d798bab5285ccfa119c5273c34d67c8961e0612fd55ce5525c252f5c8829699329d98e5647e23a38d477; Path=/; Expires=Sat, 31 May 2025 07:35:27 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTEuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCBYODZfNjQ7IFJ2OjEwOS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzExMS4wIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; Path=/; Expires=Sat, 25 Apr 2026 18:15:27 GMT; Secure tracking_id: 1021fc1f1dfcfad0fe36bade40f478 vary: Accept strict-transport-security: max-age=15724800; includeSubDomains x-cache: Miss from cloudfront via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: sGYflwK_-smwgsOGmxKtU303mxY9pBiv8cI3DD_pAV5Cnt6tsWzPDA== X-Firefox-Spdy: h2

	ocsp.r2m02.amazontrust.com/	54.230.80.227		471 B
URL ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 9b4e3c241d5cd29aac24e37cbcba0629 452f8ed305b18a3d313489542e3eeedc58640aaa cbaae741a31cd344605d13c1246edd5589781ae6ba47d7d2059ac1e144ed8389 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=7200 Date: Thu, 01 Jun 2023 07:35:27 GMT Last-Modified: Thu, 01 Jun 2023 07:04:59 GMT Server: ECAcc (dcb/7352) X-Cache: Miss from cloudfront Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: QpOG4M3r2Fy5I5gHZzNUtioK1OlJUR1AWJaBZbv0wCHCRXi0WSTJzA== Age: 1828`

	a.vfgtg.com/f56fcd7b-c6ae-4a04-80bc-b5e7d92e158b?subID1=test_dat_twuk2_geo&affiliateID=75077&source=1021fc1f1dfcfad0fe36bade40f478&subID2=55609&Target=Email&affsource=test_dat_twuk2_geo&bo=2753%2C2754%2C2755%2C2756	18.192.108.151	302 Found	0 B
URL User Request GET HTTP/2 a.vfgtg.com/f56fcd7b-c6ae-4a04-80bc-b5e7d92e158b?subID1=test_dat_twuk2_geo&affiliateID=75077&source=1021fc1f1dfcfad0fe36bade40f478&subID2=55609&Target=Email&affsource=test_dat_twuk2_geo&bo=2753%2C2754%2C2755%2C2756 IP 18.192.108.151:443 ASN #16509 AMAZON-02 Certificate IssuerLet's Encrypt Subjecta.vfgtg.com FingerprintEE:93:F0:E2:AD:28:CA:0B:43:4B:28:DC:10:1F:F8:41:E6:C6:57:2A ValidityFri, 19 May 2023 06:55:08 GMT - Thu, 17 Aug 2023 06:55:07 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /f56fcd7b-c6ae-4a04-80bc-b5e7d92e158b?subID1=test_dat_twuk2_geo&affiliateID=75077&source=1021fc1f1dfcfad0fe36bade40f478&subID2=55609&Target=Email&affsource=test_dat_twuk2_geo&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 Host: a.vfgtg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: nginx date: Thu, 01 Jun 2023 07:35:27 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://a.vfgtc.com/180a05d3-7b20-405d-9c23-478bec7671da?subID1=test_dat_twuk2_geo&affiliateID=75077&source=1021fc1f1dfcfad0fe36bade40f478&subID2=55609&target=&Site=&Bnr=ALGO&cid=wglq17bada3ivf4piric4mnq&affsource=test_dat_twuk2_geo&source=55609_test_dat_twuk2_geo pragma: no-cache set-cookie: f56fcd7b-c6ae-4a04-80bc-b5e7d92e158b-v4=I0xlYGS6CuDZXgPYGrfeAvBhigMmZZ_5Mj2WDvAFVp0; Max-Age=86400; Expires=Fri, 02-Jun-2023 07:35:27 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=rqa4fki24VnX2O3%2FxGMSM5oBoqNQoT8RDRtHhBSpTJwDck7KaTAPFVT3bRz%2B2YhmqQU83NCPit9XkEGp%2Fhmkyxm2QJl7nW3Ur1j3T3nvvfBlWmx0N%2B23BbktbJjpy5A5uKMOiyzSMumQnJIf%2BVz7bQ%3D%3D; Max-Age=31536000; Expires=Fri, 31-May-2024 07:35:27 GMT; Domain=a.vfgtg.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	a.vfgtc.com/180a05d3-7b20-405d-9c23-478bec7671da?subID1=test_dat_twuk2_geo&affiliateID=75077&source=1021fc1f1dfcfad0fe36bade40f478&subID2=55609&target=&Site=&Bnr=ALGO&cid=wglq17bada3ivf4piric4mnq&affsource=test_dat_twuk2_geo&source=55609_test_dat_twuk2_geo	18.192.108.151	302 Found	0 B
URL User Request GET HTTP/2 a.vfgtc.com/180a05d3-7b20-405d-9c23-478bec7671da?subID1=test_dat_twuk2_geo&affiliateID=75077&source=1021fc1f1dfcfad0fe36bade40f478&subID2=55609&target=&Site=&Bnr=ALGO&cid=wglq17bada3ivf4piric4mnq&affsource=test_dat_twuk2_geo&source=55609_test_dat_twuk2_geo IP 18.192.108.151:443 ASN #16509 AMAZON-02 Certificate IssuerLet's Encrypt Subjecta.vfgtc.com FingerprintEE:D6:97:11:47:4B:B0:A9:1D:EE:EE:A9:1D:D4:16:B3:3E:2A:19:6F ValidityFri, 12 May 2023 06:51:30 GMT - Thu, 10 Aug 2023 06:51:29 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /180a05d3-7b20-405d-9c23-478bec7671da?subID1=test_dat_twuk2_geo&affiliateID=75077&source=1021fc1f1dfcfad0fe36bade40f478&subID2=55609&target=&Site=&Bnr=ALGO&cid=wglq17bada3ivf4piric4mnq&affsource=test_dat_twuk2_geo&source=55609_test_dat_twuk2_geo HTTP/1.1 Host: a.vfgtc.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: nginx date: Thu, 01 Jun 2023 07:35:27 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=test_dat_twuk2_geo&aff_sub2=55609&aff_sub3=wglq17bada3ivf4pip9l0pco&aff_click_id=1021fc1f1dfcfad0fe36bade40f478&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_test_dat_twuk2_geo pragma: no-cache set-cookie: 180a05d3-7b20-405d-9c23-478bec7671da-v4=MkfwHdTJoDtSUXmTVuBmPKMC1jAbZ-GEIfp9yxTXnZ4; Max-Age=86400; Expires=Fri, 02-Jun-2023 07:35:27 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=GI7ItKkO1eDMaZTWuRFpOq%2FVnowPu4ApG7eUR4G3m0eof4I7LorOIWvWIioTP8iRTQUwRiYs%2BYTp0Jn7OrFo6PV75sYfNvXe4AAp%2B34dlnJaPR%2FCYBW24xTKhw6DKf3rKHIngu4U8Vyk1RJZ5LwDJg%3D%3D; Max-Age=31536000; Expires=Fri, 31-May-2024 07:35:27 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=test_dat_twuk2_geo&aff_sub2=55609&aff_sub3=wglq17bada3ivf4pip9l0pco&aff_click_id=1021fc1f1dfcfad0fe36bade40f478&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_test_dat_twuk2_geo	52.1.220.62	303 See Other	1.1 kB
URL User Request GET HTTP/2 s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=test_dat_twuk2_geo&aff_sub2=55609&aff_sub3=wglq17bada3ivf4pip9l0pco&aff_click_id=1021fc1f1dfcfad0fe36bade40f478&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_test_dat_twuk2_geo IP 52.1.220.62:443 ASN #14618 AMAZON-AES Certificate IssuerLet's Encrypt Subject.sloffer1.com FingerprintAD:2B:0D:A7:67:39:A1:AF:B6:0B:A1:25:1C:19:68:1B:42:28:E8:20 ValidityTue, 04 Apr 2023 19:37:28 GMT - Mon, 03 Jul 2023 19:37:27 GMT File type HTML document, ASCII text, with very long lines (1112), with no line terminators Size 1.1 kB (1112 bytes) Hash ab4df2ef93311ef84eb5f282443f25cc 3205f0d6437cd6a25b10601b98bbe73b50eeaf75 dc8f7ca02c120207086209284b31335104df13b101ba0ae013c34c3d510d5df6 HTTP Headers GET /75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=test_dat_twuk2_geo&aff_sub2=55609&aff_sub3=wglq17bada3ivf4pip9l0pco&aff_click_id=1021fc1f1dfcfad0fe36bade40f478&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_test_dat_twuk2_geo HTTP/1.1 Host: s.sloffer1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 303 See Other server: nginx/1.19.0 date: Thu, 01 Jun 2023 07:35:28 GMT content-type: text/html; charset=utf-8 content-length: 1112 location: https://a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&affiliateID=44542&source=1021dbf37142cc24c642e868bb7cda&subID2=75077&s2=1021dbf37142cc24c642e868bb7cda&s3=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=test_dat_twuk2_geo&affsource=test_dat_twuk2_geo&aff_click_id=1021dbf37142cc24c642e868bb7cda&affsource=55609_test_dat_twuk2_geo&bo=2753%2C2754%2C2755%2C2756 set-cookie: aff_ran_url_3785=26412; Path=/; Expires=Fri, 02 Jun 2023 07:35:28 GMT; Secure enc_aff_session_3785=ENC038ea05f3b62b0c8cfd58ba3677988c91a637c59da0477b92d10ad70defad41dab440cab71f0cc65656f6854c3e38c21f4160f18b746378a8f57b24f2c53a0ae0f7beb9561033f3ce804ce2fa12aba097a4a19f1b456ce2fdf44dc47a921aebab465abeff9b790642364c0187741429f9ac0a745b4318d73f0aef16ae68a496744ee20cd369c6c44643d5d655e270a17e62f29bb0cac5e8380141e6e7b97c43e3169fbdda85a5ab547b9d00c80abb4e4b3eca658f758e8198cee92770137b3b1dc09513aa3; Path=/; Expires=Sat, 31 May 2025 07:35:28 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTEuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCBYODZfNjQ7IFJ2OjEwOS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzExMS4wIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; Path=/; Expires=Sat, 25 Apr 2026 18:15:28 GMT; Secure tracking_id: 1021dbf37142cc24c642e868bb7cda vary: Accept strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&affiliateID=44542&source=1021dbf37142cc24c642e868bb7cda&subID2=75077&s2=1021dbf37142cc24c642e868bb7cda&s3=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=test_dat_twuk2_geo&affsource=test_dat_twuk2_geo&aff_click_id=1021dbf37142cc24c642e868bb7cda&affsource=55609_test_dat_twuk2_geo&bo=2753%2C2754%2C2755%2C2756	18.192.108.151	302 Found	0 B
URL User Request GET HTTP/2 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&affiliateID=44542&source=1021dbf37142cc24c642e868bb7cda&subID2=75077&s2=1021dbf37142cc24c642e868bb7cda&s3=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=test_dat_twuk2_geo&affsource=test_dat_twuk2_geo&aff_click_id=1021dbf37142cc24c642e868bb7cda&affsource=55609_test_dat_twuk2_geo&bo=2753%2C2754%2C2755%2C2756 IP 18.192.108.151:443 ASN #16509 AMAZON-02 Certificate IssuerLet's Encrypt Subjecta.vfgtf.com Fingerprint78:C0:73:86:D5:C0:38:91:33:C3:D0:81:3B:6B:47:8F:D4:83:AA:4C ValidityTue, 16 May 2023 06:11:12 GMT - Mon, 14 Aug 2023 06:11:11 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&affiliateID=44542&source=1021dbf37142cc24c642e868bb7cda&subID2=75077&s2=1021dbf37142cc24c642e868bb7cda&s3=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=test_dat_twuk2_geo&affsource=test_dat_twuk2_geo&aff_click_id=1021dbf37142cc24c642e868bb7cda&affsource=55609_test_dat_twuk2_geo&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 Host: a.vfgtf.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: nginx date: Thu, 01 Jun 2023 07:35:28 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&affiliateID=170910&source=1021dbf37142cc24c642e868bb7cda&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=we28e4c3n32rkf4p2rfdj9cu&affsource=test_dat_twuk2_geo&source=75077_test_dat_twuk2_geo pragma: no-cache set-cookie: ab267e05-23a0-430a-bac4-772f7f629740-v4=zm65rqhge818tSU9L8xxl0tAbeMkNfpcYzuhn67kObg; Max-Age=86400; Expires=Fri, 02-Jun-2023 07:35:28 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=ieqq6c4dtNab6wBuhSQLsyirwvgNyWMCi2RN8NAA7rUkBH2pFsrqoavc0iMLfCF7ZRLWz%2BRoOoHvGl3oKzN8GknD7ofLs3oaEucqc66V%2BvnrCSd7R1mUfXT3RexQz08uGfN8dzwU3nroe6pA4b9f3A%3D%3D; Max-Age=31536000; Expires=Fri, 31-May-2024 07:35:28 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&affiliateID=170910&source=1021dbf37142cc24c642e868bb7cda&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=we28e4c3n32rkf4p2rfdj9cu&affsource=test_dat_twuk2_geo&source=75077_test_dat_twuk2_geo	18.192.108.151	302 Found	0 B
URL User Request GET HTTP/2 a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&affiliateID=170910&source=1021dbf37142cc24c642e868bb7cda&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=we28e4c3n32rkf4p2rfdj9cu&affsource=test_dat_twuk2_geo&source=75077_test_dat_twuk2_geo IP 18.192.108.151:443 ASN #16509 AMAZON-02 Certificate IssuerLet's Encrypt Subjecta.vfgtc.com FingerprintEE:D6:97:11:47:4B:B0:A9:1D:EE:EE:A9:1D:D4:16:B3:3E:2A:19:6F ValidityFri, 12 May 2023 06:51:30 GMT - Thu, 10 Aug 2023 06:51:29 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&affiliateID=170910&source=1021dbf37142cc24c642e868bb7cda&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=we28e4c3n32rkf4p2rfdj9cu&affsource=test_dat_twuk2_geo&source=75077_test_dat_twuk2_geo HTTP/1.1 Host: a.vfgtc.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: 180a05d3-7b20-405d-9c23-478bec7671da-v4=MkfwHdTJoDtSUXmTVuBmPKMC1jAbZ-GEIfp9yxTXnZ4; cc-v4=GI7ItKkO1eDMaZTWuRFpOq%2FVnowPu4ApG7eUR4G3m0eof4I7LorOIWvWIioTP8iRTQUwRiYs%2BYTp0Jn7OrFo6PV75sYfNvXe4AAp%2B34dlnJaPR%2FCYBW24xTKhw6DKf3rKHIngu4U8Vyk1RJZ5LwDJg%3D%3D Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 302 Found server: nginx date: Thu, 01 Jun 2023 07:35:28 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://s.sloffer1.com/170910/3458/0/?aff_sub=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&aff_sub2=75077&aff_sub3=wglq17bada3ivf4p2pesnje8&aff_sub4=_bucket&aff_sub5=&aff_click_id=1021dbf37142cc24c642e868bb7cda&source=75077_test_dat_twuk2_geo pragma: no-cache set-cookie: 2d2fb929-79a5-4a1c-840d-3f370da182b6-v4=8XOTK9eHjqNNmE1lSlYQOajcYuEYmedvuRsSuhAxINs; Max-Age=86400; Expires=Fri, 02-Jun-2023 07:35:28 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=iM7%2FS0HHNI2Q7G9ul1P0nSa1XWzK8lL%2B5TxwIsOA2diAkTi4zn%2Fmsq23wFGpOAXX5lQOtPEj6Yw9Hc%2BZPBi4Eexjlx7UmPibBAgAxTTocl2wn15YOC%2FE94K5hG2A2ReycLJVJRoyBAcZ7ESaz%2BWbwg%3D%3D; Max-Age=31536000; Expires=Fri, 31-May-2024 07:35:28 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	s.sloffer1.com/170910/3458/0/?aff_sub=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&aff_sub2=75077&aff_sub3=wglq17bada3ivf4p2pesnje8&aff_sub4=_bucket&aff_sub5=&aff_click_id=1021dbf37142cc24c642e868bb7cda&source=75077_test_dat_twuk2_geo	52.1.220.62	303 See Other	506 B
URL User Request GET HTTP/2 s.sloffer1.com/170910/3458/0/?aff_sub=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&aff_sub2=75077&aff_sub3=wglq17bada3ivf4p2pesnje8&aff_sub4=_bucket&aff_sub5=&aff_click_id=1021dbf37142cc24c642e868bb7cda&source=75077_test_dat_twuk2_geo IP 52.1.220.62:443 ASN #14618 AMAZON-AES Certificate IssuerLet's Encrypt Subject.sloffer1.com FingerprintAD:2B:0D:A7:67:39:A1:AF:B6:0B:A1:25:1C:19:68:1B:42:28:E8:20 ValidityTue, 04 Apr 2023 19:37:28 GMT - Mon, 03 Jul 2023 19:37:27 GMT File type HTML document, ASCII text, with very long lines (506), with no line terminators Size 506 B (506 bytes) Hash bd913ceb3df16f0650885df304513d2d 3a5b44497f36b296afe6ceeafbf44056255234d1 e16569fb4eeee643dcdbc1b150f5b69894dceba3090671865ff70be4fc4c31c3 HTTP Headers GET /170910/3458/0/?aff_sub=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&aff_sub2=75077&aff_sub3=wglq17bada3ivf4p2pesnje8&aff_sub4=_bucket&aff_sub5=&aff_click_id=1021dbf37142cc24c642e868bb7cda&source=75077_test_dat_twuk2_geo HTTP/1.1 Host: s.sloffer1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: aff_ran_url_3785=26412; enc_aff_session_3785=ENC038ea05f3b62b0c8cfd58ba3677988c91a637c59da0477b92d10ad70defad41dab440cab71f0cc65656f6854c3e38c21f4160f18b746378a8f57b24f2c53a0ae0f7beb9561033f3ce804ce2fa12aba097a4a19f1b456ce2fdf44dc47a921aebab465abeff9b790642364c0187741429f9ac0a745b4318d73f0aef16ae68a496744ee20cd369c6c44643d5d655e270a17e62f29bb0cac5e8380141e6e7b97c43e3169fbdda85a5ab547b9d00c80abb4e4b3eca658f758e8198cee92770137b3b1dc09513aa3; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTEuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCBYODZfNjQ7IFJ2OjEwOS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzExMS4wIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 303 See Other server: nginx/1.19.0 date: Thu, 01 Jun 2023 07:35:28 GMT content-type: text/html; charset=utf-8 content-length: 506 location: https://qgxvbz.lilustriousdate.com?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 set-cookie: enc_aff_session_3458=ENC0374837f3fdbdf925536b517997c393b45a0cddded1d1dde5a2e3558e72800a4266bff7466c99289721b56b68fa63a36282f844d80f20d4fcdb7b2120408277389f81b02bab63d353b35e3a00a107ee2752f14aac4c739d8d46b32f1e5b6ec01f3440d095d7a6226dbae176bc005138b6cb337ff4154781753f1452ea9d3eb7eab356477136bd30e15dfc623dd235f3482261e6b2690d693c927aea81eb72482fc0d04e117c7ca6de6d62e7879eb4bf74db0322cf942c62dff31d279bb8626d99e9096b6145fb4d307f22ce289e3f1467c1af6393812d3e0d2b4f0d6b96c4a88c4235f19d9; Path=/; Expires=Sat, 31 May 2025 07:35:28 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTEuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCBYODZfNjQ7IFJ2OjEwOS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzExMS4wIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; Path=/; Expires=Sat, 25 Apr 2026 18:15:28 GMT; Secure tracking_id: 1020c2e5989dea8eb0c3012109f6d5 vary: Accept strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	cdn-dimi.akamaized.net/landings/279205/1685522720/css/reset.min.css?1685522720	88.221.27.128	200 OK	527 B
URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/279205/1685522720/css/reset.min.css?1685522720 IP 88.221.27.128:443 ASN #20940 Akamai International B.V. Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerDigiCert Inc Subjecta248.e.akamai.net Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37 ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT File type CSV text\012- , ASCII text Size 527 B (527 bytes) Hash 36f11c31f5b3885dc017f41ed8f5817c e928be87b659d200361c277fcc3ed1fd13b2a472 b59fdf3a529889ad3a8d013a347d5586f3da8361e71291cc9215edb830d1e45e HTTP Headers `GET /landings/279205/1685522720/css/reset.min.css?1685522720 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qgxvbz.lilustriousdate.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK x-amz-id-2: KiMg8+9q3ArevHEYYGgWMMicRHppls/jb2S7yJebRtM1fztRhTCDd8NQrdFzD8EzLmz8hAKVs30= x-amz-request-id: D1XJ7E6XA19M2JN2 Last-Modified: Wed, 31 May 2023 08:45:22 GMT ETag: "36f11c31f5b3885dc017f41ed8f5817c" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Content-Type: text/css Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Thu, 01 Jun 2023 07:35:29 GMT Content-Length: 527 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

	cdn-dimi.akamaized.net/landings/279205/1685522720/css/style.css?1685522720	88.221.27.128	200 OK	1.8 kB
URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/279205/1685522720/css/style.css?1685522720 IP 88.221.27.128:443 ASN #20940 Akamai International B.V. Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerDigiCert Inc Subjecta248.e.akamai.net Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37 ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT File type ASCII text Size 1.8 kB (1835 bytes) Hash 50e68ca989043b052b196b593868c50d 7a4de8942d19d16e9e83445404fafecb0616f971 163b87d940693d2035ff0a922f4fbebbba23f553520fbb4a400b739c16f862aa HTTP Headers `GET /landings/279205/1685522720/css/style.css?1685522720 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qgxvbz.lilustriousdate.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK x-amz-id-2: NQsRCNPePDo2YjPmtFNw8uAcEcfyYEV90FlEI2Spf3BvXKwI2EpT6pros5GPXpJ/FlOIJNOUv+w= x-amz-request-id: D1XH2AP9NEY1FK3X Last-Modified: Wed, 31 May 2023 08:45:22 GMT ETag: "50e68ca989043b052b196b593868c50d" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Content-Type: text/css Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Thu, 01 Jun 2023 07:35:29 GMT Content-Length: 1835 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

	cdn-dimi.akamaized.net/landings/279205/1685522720/js/scripts.js?1685522720	88.221.27.128	200 OK	511 B
URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/279205/1685522720/js/scripts.js?1685522720 IP 88.221.27.128:443 ASN #20940 Akamai International B.V. Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerDigiCert Inc Subjecta248.e.akamai.net Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37 ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT File type ASCII text Size 511 B (511 bytes) Hash 69e75e0997cdd1b51ef2d8f78358e937 f816503aceb6edd2fd9f0cc3f911b99817ca611d 40c9bae2946917f32864946aabede4750f809cf9f3ab600669faab410b82526c HTTP Headers `GET /landings/279205/1685522720/js/scripts.js?1685522720 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qgxvbz.lilustriousdate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: aBB8s78f2NXMLMdU6r0rxGUyIgutD9b27QtRH4Bh8RtI0qVYBMIEfBiTDcvvK8bv1zpQ1MJRsSo= x-amz-request-id: Q0D96H9W9XCS2CFE Last-Modified: Wed, 31 May 2023 08:45:23 GMT ETag: "69e75e0997cdd1b51ef2d8f78358e937" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Content-Type: text/javascript Server: AmazonS3 Content-Length: 511 Date: Thu, 01 Jun 2023 07:35:29 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"`

	cdn-dimi.akamaized.net/landings/279205/1685522720/js/jquery.min.js?1685522720	88.221.27.128	200 OK	30 kB
URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/279205/1685522720/js/jquery.min.js?1685522720 IP 88.221.27.128:443 ASN #20940 Akamai International B.V. Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerDigiCert Inc Subjecta248.e.akamai.net Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37 ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT File type ASCII text, with very long lines (32065) Size 30 kB (29855 bytes) Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e HTTP Headers `GET /landings/279205/1685522720/js/jquery.min.js?1685522720 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qgxvbz.lilustriousdate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK x-amz-id-2: kVTNNi8nf8LYG5Xh2j4IvP//javELSA0r09oKgEZ8OP6AV5AvYwobtCTA6CddEl7LnaTUJxb+E8= x-amz-request-id: D1XV932BDH842S4F Last-Modified: Wed, 31 May 2023 08:45:23 GMT ETag: "2f6b11a7e914718e0290410e85366fe9" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Content-Type: text/javascript Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Thu, 01 Jun 2023 07:35:29 GMT Content-Length: 29855 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

	cdn-dimi.akamaized.net/landings/279205/1685522720/js/translates.js?1685522720	88.221.27.128	200 OK	8.6 kB
URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/279205/1685522720/js/translates.js?1685522720 IP 88.221.27.128:443 ASN #20940 Akamai International B.V. Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerDigiCert Inc Subjecta248.e.akamai.net Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37 ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT File type Unicode text, UTF-8 text Size 8.6 kB (8568 bytes) Hash 09375f18dc5bfd539f211887b6a178e6 01151d9836502715a56f01db102da22f462821d2 74e9cb9fca7f14f9de2c6416b1d99b3e28e0fd9c0501c848d8276de3a7036d5c HTTP Headers `GET /landings/279205/1685522720/js/translates.js?1685522720 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qgxvbz.lilustriousdate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK x-amz-id-2: 9PcvGuJ0v2cdFKaNP+MeZ42Z8HJWw5DZfadefh9HwAdBaVDjyx/rnHeDQ2+ehmK1jzNpXNdNpFc= x-amz-request-id: D1XX4MYAHJWD6383 Last-Modified: Wed, 31 May 2023 08:45:23 GMT ETag: "09375f18dc5bfd539f211887b6a178e6" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Content-Type: text/javascript Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Thu, 01 Jun 2023 07:35:29 GMT Content-Length: 8568 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

	cdn-dimi.akamaized.net/landings/279205/1685522720/images/girl-ico.png	88.221.27.128	200 OK	1.5 kB
URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/279205/1685522720/images/girl-ico.png IP 88.221.27.128:443 ASN #20940 Akamai International B.V. Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerDigiCert Inc Subjecta248.e.akamai.net Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37 ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 1.5 kB (1540 bytes) Hash 87fa20787233a7ac89d1ee83563832c6 2fd58653f791912508d469a274fbdffbc7177bf6 2cb1de63c827301236cb47fc705964c827deb48b360148e11a28c15ea9ef66d0 HTTP Headers `GET /landings/279205/1685522720/images/girl-ico.png HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qgxvbz.lilustriousdate.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: b1cGVXmhZTGfYIjbDP100JGYQfTQkOze2YGsE7fDC5cnDySsQWHTlDRVYDQI+QzXN5l2eUtuPYo= x-amz-request-id: EDPQNFVY2FBBJR58 Last-Modified: Wed, 31 May 2023 08:45:22 GMT ETag: "87fa20787233a7ac89d1ee83563832c6" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Content-Type: image/png Server: AmazonS3 Content-Length: 1540 Date: Thu, 01 Jun 2023 07:35:29 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"`

	cdn-dimi.akamaized.net/landings/279205/1685522720/images/logo.svg	88.221.27.128	200 OK	11 kB
URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/279205/1685522720/images/logo.svg IP 88.221.27.128:443 ASN #20940 Akamai International B.V. Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerDigiCert Inc Subjecta248.e.akamai.net Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37 ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4864) Size 11 kB (10652 bytes) Hash 89efea4d57e53488be96c41f813895c2 4ace0a06591c30d245809c58f7cf3aad9e602959 ea91bcc64cbe5159a96da591bdec4939528366b64226c688cc4462baf74dfdd3 HTTP Headers `GET /landings/279205/1685522720/images/logo.svg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qgxvbz.lilustriousdate.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: qVI+5DhulWdaFfpJff77QXAIWc+M5SYtWz6VJpEU798+ZqJxEVnboMh8nCXrImmKjcMaxfZtTKI= x-amz-request-id: GYYMDWY58S5NHTKA Last-Modified: Wed, 31 May 2023 08:45:22 GMT ETag: "89efea4d57e53488be96c41f813895c2" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Content-Type: image/svg+xml Server: AmazonS3 Content-Length: 10652 Date: Thu, 01 Jun 2023 07:35:29 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 582908ff8bc13bc9b5422491129d8b0e 8deb8d1987e09761ca90108160cc262f1ee8dffa daa1cabdc684ac8d98c86cd6aa983b52bb982052a8a7b6632f565a606c85a8b2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 07:35:29 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 582908ff8bc13bc9b5422491129d8b0e 8deb8d1987e09761ca90108160cc262f1ee8dffa daa1cabdc684ac8d98c86cd6aa983b52bb982052a8a7b6632f565a606c85a8b2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 07:35:29 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash fd0c5fcd552e140b1496b4697b18a3a4 264e38a9d130f40f54539a52cba317d16aea03ef a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 07:35:29 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	qgxvbz.lilustriousdate.com/ortb	63.32.216.166	200 OK	29 B
URL POST HTTP/2 qgxvbz.lilustriousdate.com/ortb IP 63.32.216.166:443 ASN #16509 AMAZON-02 Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerLet's Encrypt Subject.lilustriousdate.com Fingerprint3D:3C:F0:41:B8:2C:67:BE:A4:09:40:31:E8:1A:C7:CE:F3:D1:F6:57 ValiditySun, 19 Mar 2023 02:03:05 GMT - Sat, 17 Jun 2023 02:03:04 GMT File type JSON data\012- , ASCII text, with no line terminators Size 29 B (29 bytes) Hash c453d1e33844d14bbd7ec2846eb408f6 b934f52ed7fbed0cee5874cb0fcafdd1cb450fcd 2b159267580e469b4eed0aaf47253e353fdf727043d52d969bd85cbff7fd4a1a HTTP Headers POST /ortb HTTP/1.1 Host: qgxvbz.lilustriousdate.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/json, text/javascript, /*; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 332 Origin: https://qgxvbz.lilustriousdate.com DNT: 1 Connection: keep-alive Referer: https://qgxvbz.lilustriousdate.com/?s1=187050&s2=1773580&s3=170910&s5=backuser&click_id=1020c2e5989dea8eb0c3012109f6d5&iexpp=1&j1=1&j9=1&utm_source=da57dc555e50572d&j8=1 Cookie: unique_id=6477c460000311ce; unique_id2=64779c9a00060765; 64779c9a00060765_c=1; ref_token=139342_16403_18151_187050_100041; 64779c9a00060765_sl=[279205] Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Thu, 01 Jun 2023 07:35:29 GMT content-type: text/plain; charset=utf-8 content-length: 29 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash fd0c5fcd552e140b1496b4697b18a3a4 264e38a9d130f40f54539a52cba317d16aea03ef a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 07:35:29 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2	142.250.74.163	200 OK	24 kB
URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 IP 142.250.74.163:443 ASN #15169 GOOGLE Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6 ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data Size 24 kB (23580 bytes) Hash e1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 HTTP Headers GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://qgxvbz.lilustriousdate.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 23580 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 30 May 2023 17:30:39 GMT expires: Wed, 29 May 2024 17:30:39 GMT cache-control: public, max-age=31536000 age: 137090 last-modified: Tue, 02 May 2023 15:17:22 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdn-dimi.akamaized.net/landings/279205/1685522720/images/video-1.mp4	88.221.27.128	206 Partial Content	1.1 MB
URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/279205/1685522720/images/video-1.mp4 IP 88.221.27.128:443 ASN #20940 Akamai International B.V. Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerDigiCert Inc Subjecta248.e.akamai.net Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37 ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size 1.1 MB (1132123 bytes) Hash d5f9fbb8667b2e86bbaaf15275a9be13 c84c479303ff26a5d32ef557e379fbe8b13feca2 80206cf6a74ae1964057fa05d339f7edb224536a94b91c235205710feed9e027 HTTP Headers GET /landings/279205/1685522720/images/video-1.mp4 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- DNT: 1 Connection: keep-alive Referer: https://qgxvbz.lilustriousdate.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache HTTP/1.1 206 Partial Content x-amz-id-2: UIrILt25SDV/1J0Tnw51ttYJXSM1fc4EBn8OPBruN6zjVP3brK1IiUJ3ESlh/wuYaQMmH8b9b8Y= x-amz-request-id: GYYYEEAVKX76A621 Last-Modified: Wed, 31 May 2023 08:45:22 GMT ETag: "d5f9fbb8667b2e86bbaaf15275a9be13" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Content-Type: video/mp4 Server: AmazonS3 Date: Thu, 01 Jun 2023 07:35:29 GMT Content-Range: bytes 0-1132122/1132123 Content-Length: 1132123 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

	fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2	142.250.74.163	200 OK	23 kB
URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP 142.250.74.163:443 ASN #15169 GOOGLE Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6 ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data Size 23 kB (23040 bytes) Hash de69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 HTTP Headers GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://qgxvbz.lilustriousdate.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 23040 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 30 May 2023 17:30:39 GMT expires: Wed, 29 May 2024 17:30:39 GMT cache-control: public, max-age=31536000 age: 137090 last-modified: Tue, 02 May 2023 15:07:25 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash fd0c5fcd552e140b1496b4697b18a3a4 264e38a9d130f40f54539a52cba317d16aea03ef a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 07:35:29 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	cdn-dimi.akamaized.net/landings/279205/1685522720/images/favicon.ico?t=20230601073528	88.221.27.128	200 OK	14 kB
URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/279205/1685522720/images/favicon.ico?t=20230601073528 IP 88.221.27.128:443 ASN #20940 Akamai International B.V. Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerDigiCert Inc Subjecta248.e.akamai.net Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37 ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT File type MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel\012- data Size 14 kB (13868 bytes) Hash 135aeed168833e38d0839e1709e41891 a689caccb7b0a9918ff731bef2a1e3d04aff07ec 74d44e795ea62dcb66e995bfc7a0914e4fb64041567e05cc9118cfc8608caa45 HTTP Headers `GET /landings/279205/1685522720/images/favicon.ico?t=20230601073528 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qgxvbz.lilustriousdate.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: 3zzCo+Fj7NoZM9XELK7DZh2dLtEz1AnjepJCNaHLMdCZsjUo602azmCO9Y7V3eRkvGDV6iilAuY= x-amz-request-id: 45SG0CYSZKJJDA32 Last-Modified: Wed, 31 May 2023 08:45:22 GMT ETag: "135aeed168833e38d0839e1709e41891" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Content-Type: image/x-icon Server: AmazonS3 Content-Length: 13868 Date: Thu, 01 Jun 2023 07:35:29 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"`

	www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js	142.250.74.99	200 OK	10 kB
URL GET HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js IP 142.250.74.99:443 ASN #15169 GOOGLE Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6 ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT File type ASCII text, with very long lines (35547) Size 10 kB (10017 bytes) Hash 0cb7a0eb328ea70ab360f861314c8820 e3e20eb50dae36f4cbcef1890b1cc7878acb537a 4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9 HTTP Headers `GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qgxvbz.lilustriousdate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 10017 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 27 May 2023 13:53:37 GMT expires: Sun, 26 May 2024 13:53:37 GMT cache-control: public, max-age=31536000 age: 409313 last-modified: Thu, 10 May 2018 20:35:52 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	qgxvbz.lilustriousdate.com/js/pushjs/1.0.0/utils.js	63.32.216.166	200 OK	12 kB
URL GET HTTP/2 qgxvbz.lilustriousdate.com/js/pushjs/1.0.0/utils.js IP 63.32.216.166:443 ASN #16509 AMAZON-02 Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerLet's Encrypt Subject.lilustriousdate.com Fingerprint3D:3C:F0:41:B8:2C:67:BE:A4:09:40:31:E8:1A:C7:CE:F3:D1:F6:57 ValiditySun, 19 Mar 2023 02:03:05 GMT - Sat, 17 Jun 2023 02:03:04 GMT File type C source, ASCII text, with very long lines (32159) Size 12 kB (11991 bytes) Hash 00738e907fd1a670838eb135e7a166b3 16d0d4c418cb7c569a0475cd6f945f5dbe972472 0bb28ad2467d16e13ce1dbb8d7303537a987dc4de1a3cfe6ad3ed2d5e494b109 HTTP Headers GET /js/pushjs/1.0.0/utils.js HTTP/1.1 Host: qgxvbz.lilustriousdate.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qgxvbz.lilustriousdate.com/?s1=187050&s2=1773580&s3=170910&s5=backuser&click_id=1020c2e5989dea8eb0c3012109f6d5&iexpp=1&j1=1&j9=1&utm_source=da57dc555e50572d&j8=1 Cookie: unique_id=6477c460000311ce; unique_id2=64779c9a00060765; 64779c9a00060765_c=1; ref_token=139342_16403_18151_187050_100041; 64779c9a00060765_sl=[279205] Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Thu, 01 Jun 2023 07:35:29 GMT content-type: application/javascript expires: Thu, 08 Jun 2023 07:35:29 GMT cache-control: max-age=604800 content-encoding: gzip X-Firefox-Spdy: h2`

	fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap	142.250.74.106	200 OK	1.5 kB
URL GET HTTP/2 fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT File type ASCII text, with very long lines (1566), with no line terminators Size 1.5 kB (1530 bytes) Hash bef54a4f8ad5d25fc816b34ad3298c30 6e7414798c5ddeccd9b28f79316617dbe59c30ae 6f1630b5aa4ebf650967d76a891d2690f3ad4478da4875b9ad564335c40366c3 HTTP Headers `GET /css2?family=Lato:wght@400;700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cdn-dimi.akamaized.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 01 Jun 2023 07:35:29 GMT date: Thu, 01 Jun 2023 07:35:29 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	dateullauvib.cf/?ud=jlluarkmr&s=687474703a2f2f646174696e6773722e636f6d2f6e65772f3f733d393326263630323838323437363335353838312664693d37672d313935302665643d676d6126693d61646d696e39332c31383835342c726f6d616e6b6f6c6c6f333740676d61696c2e636f6d2cd0a0d0bed0bcd0b0d0bd2674733d3136383434393338313726313736313037343735353234373638&	172.67.192.239	302 Found	40 kB
URL User Request GET HTTP/2 dateullauvib.cf/?ud=jlluarkmr&s=687474703a2f2f646174696e6773722e636f6d2f6e65772f3f733d393326263630323838323437363335353838312664693d37672d313935302665643d676d6126693d61646d696e39332c31383835342c726f6d616e6b6f6c6c6f333740676d61696c2e636f6d2cd0a0d0bed0bcd0b0d0bd2674733d3136383434393338313726313736313037343735353234373638& IP 172.67.192.239:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectdateullauvib.cf Fingerprint84:47:02:37:DA:A0:24:56:AE:20:54:1B:94:73:9A:8E:14:A2:31:A4 ValidityFri, 26 May 2023 04:33:17 GMT - Thu, 24 Aug 2023 04:33:16 GMT File type Size 40 kB (39686 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /?ud=jlluarkmr&s=687474703a2f2f646174696e6773722e636f6d2f6e65772f3f733d393326263630323838323437363335353838312664693d37672d313935302665643d676d6126693d61646d696e39332c31383835342c726f6d616e6b6f6c6c6f333740676d61696c2e636f6d2cd0a0d0bed0bcd0b0d0bd2674733d3136383434393338313726313736313037343735353234373638& HTTP/1.1 Host: dateullauvib.cf User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Thu, 01 Jun 2023 07:35:26 GMT content-type: text/html; charset=UTF-8 location: http://dateullauvib.cf/new/?s=93&&602882476355881&di=7g-1950&ed=gma&i=admin93,18854,romankollo37@gmail.com,Ð Ð¾Ð¼Ð°Ð½&ts=1684493817&176107475524768 x-powered-by: PHP/5.3.3 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0fFQ1zfItdjq9xOpJc6JYVn1Q2DqONTC6TyAFufO12pApCf7hBfr5QZPCAujIG4xverdj5ei%2FkrNurOChqcPztNqN6TRt4BacfrbIhjaIRdq5GNRKbgAJpMaFm7OWPbmtQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d05c7a4a84bb4f4-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	qgxvbz.lilustriousdate.com/js/pushjs/1.0.0/subscriber.js	63.32.216.166	200 OK	9.4 kB
URL GET HTTP/2 qgxvbz.lilustriousdate.com/js/pushjs/1.0.0/subscriber.js IP 63.32.216.166:443 ASN #16509 AMAZON-02 Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerLet's Encrypt Subject.lilustriousdate.com Fingerprint3D:3C:F0:41:B8:2C:67:BE:A4:09:40:31:E8:1A:C7:CE:F3:D1:F6:57 ValiditySun, 19 Mar 2023 02:03:05 GMT - Sat, 17 Jun 2023 02:03:04 GMT File type C source text\012- troff or preprocessor input, ASCII text, with very long lines (9653), with no line terminators Size 9.4 kB (9389 bytes) Hash 84b622eb79d84a20b4fb5d3e2e122e2a 73eb77325e2b070e36f393eb4db66fa5af549ac6 514e603036c84a1e1afbc3b0eb748362dbd294f6af16bf88637d7b27f7a224dc HTTP Headers GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1 Host: qgxvbz.lilustriousdate.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qgxvbz.lilustriousdate.com/?s1=187050&s2=1773580&s3=170910&s5=backuser&click_id=1020c2e5989dea8eb0c3012109f6d5&iexpp=1&j1=1&j9=1&utm_source=da57dc555e50572d&j8=1 Cookie: unique_id=6477c460000311ce; unique_id2=64779c9a00060765; 64779c9a00060765_c=1; ref_token=139342_16403_18151_187050_100041; 64779c9a00060765_sl=[279205] Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Thu, 01 Jun 2023 07:35:29 GMT content-type: application/javascript expires: Thu, 08 Jun 2023 07:35:29 GMT cache-control: max-age=604800 content-encoding: gzip X-Firefox-Spdy: h2`

	qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1	63.32.216.166	200 OK	40 kB
URL User Request GET HTTP/2 qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 IP 63.32.216.166:443 ASN #16509 AMAZON-02 Certificate IssuerLet's Encrypt Subject.lilustriousdate.com Fingerprint3D:3C:F0:41:B8:2C:67:BE:A4:09:40:31:E8:1A:C7:CE:F3:D1:F6:57 ValiditySun, 19 Mar 2023 02:03:05 GMT - Sat, 17 Jun 2023 02:03:04 GMT File type Size 40 kB (39686 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 HTTP/1.1 Host: qgxvbz.lilustriousdate.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx date: Thu, 01 Jun 2023 07:35:28 GMT content-type: text/html; charset=utf-8 set-cookie: unique_id=6477c460000311ce; Path=/; Expires=Mon, 31 Jul 2023 07:35:28 GMT; Secure; SameSite=None unique_id2=64779c9a00060765; Path=/; Expires=Wed, 30 Aug 2023 07:35:28 GMT; Secure; SameSite=None 64779c9a00060765_c=1; Path=/; Expires=Wed, 30 Aug 2023 07:35:28 GMT; Secure; SameSite=None ref_token=139342_16403_18151_187050_100041; Path=/; Expires=Sat, 01 Jul 2023 07:35:28 GMT; Secure; SameSite=None impression=; Path=/; Expires=Thu, 01 Jun 2023 07:35:28 GMT; Secure; SameSite=None 64779c9a00060765_sl=[279205]; Path=/; Expires=Thu, 15 Jun 2023 07:35:28 GMT; Secure; SameSite=None content-encoding: gzip X-Firefox-Spdy: h2

	www.gstatic.com/firebasejs/5.0.2/firebase-app.js	142.250.74.99	200 OK	25 kB
URL GET HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js IP 142.250.74.99:443 ASN #15169 GOOGLE Requested by https://qgxvbz.lilustriousdate.com/?utm_source=da57dc555e50572d&s1=187050&s2=1773580&s3=170910&s5=test_dat_twuk2_geo%3B55609_test_dat_twuk2_geo&click_id=1020c2e5989dea8eb0c3012109f6d5&j1=1&j8=1&j9=1 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6 ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT File type ASCII text, with very long lines (25088) Size 25 kB (25130 bytes) Hash 9164d0e8a317eceb870cca88c9683127 4617c910005f7100b4ff26a458a8b4463e33cdc6 15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931 HTTP Headers `GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qgxvbz.lilustriousdate.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 8604 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 27 May 2023 20:32:50 GMT expires: Sun, 26 May 2024 20:32:50 GMT cache-control: public, max-age=31536000 age: 385360 last-modified: Thu, 10 May 2018 20:35:51 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML