Report - ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm

Report Overview

Submitted URL
ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku
IP
172.67.221.77
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 13:57:32
Access
public
Website Title
Pегистрация
Final URL
ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-24	1.9 kB	130 kB	104.17.25.14
ai-usmwall.click	unknown	unknown	No data	No data	11 kB	999 kB	172.67.221.77
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-25	410 B	90 kB	151.101.194.137
ipinfo.io	8136	2013-04-23	2013-12-16	2024-04-23	916 B	2.3 kB	34.117.186.192
userstatics.com	unknown	2020-11-05	2020-11-06	2024-04-18	645 B	11 kB	104.21.53.38

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-25 13:57:05	medium	Client IP	34.117.186.192	ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.min.js	244 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:42:50 Last Seen2024-04-25 15:57:39 Times Seen228 Hash e8a9b2127b0197d558dbbbcb99d80973 cb793f12ac3b8f7ac9cc69c9581bc2dc5d439ad5 cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6 Loading...

	ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku	394 B	2024-04-25	2024-04-25
Pretty URL ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku IP 172.67.221.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 15:57:38 Last Seen2024-04-25 15:57:38 Times Seen1 Hash 29a3cf5c94dc5a3fa6b1319cc993c276 fd9c517de34753f8f588a8b3122e2387a0e001f2 1b14412fb6d826b37fde7f7b9fad8657822914513a13e51733ffdbbc18527c89 Loading...

	ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku	8.2 kB	2024-04-25	2024-04-25
Pretty URL ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku IP 172.67.221.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 15:57:38 Last Seen2024-04-25 15:57:38 Times Seen1 Hash 7625a227b1ad8223b22f959a520186d1 7f68b4c835ca231a43801162e72a3c2cdb76aa21 8e5a01333738e2b40ae163711807391525cdc139a2821f3c0d014784739824cc Loading...

	ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku	346 B	2023-10-24	2024-04-25
Pretty URL ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku IP 172.67.221.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-24 10:27:57 Last Seen2024-04-25 15:57:38 Times Seen14 Hash bf42d00f0c1b2f879f5f7a7edff6a6a9 20e053f4eadfe0a4a0b6053bac2149ac240931ad bc2534b60e98bfd53848e8725661d633a7f9b338b7749b700cf0126fa7ece3a9 Loading...

	ai-usmwall.click/lander/gazinvest-forma2/js/jquery-3.6.0.min.js	90 kB	2023-11-12	2024-04-25
Pretty URL ai-usmwall.click/lander/gazinvest-forma2/js/jquery-3.6.0.min.js IP 172.67.221.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-12 00:10:16 Last Seen2024-04-25 15:57:39 Times Seen15 Hash c9cfa418058539d3bcf455ec384f72a9 15bd981180658c0e2c8ade5a7d2dbac95249fd47 4d51d11b4d346dfa7191904a365bd17507c08bbdaa7f0e2e7fb2dd41518d10ef Loading...

	code.jquery.com/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-05-05
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-05 01:17:04 Times Seen141440 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku	181 B	2023-10-24	2024-04-25
Pretty URL ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku IP 172.67.221.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-24 10:27:58 Last Seen2024-04-25 15:57:38 Times Seen15 Hash 566f72ef4f0884466ebf79e35836d442 08ee00c24fb40c37c349012c1d783878420e7017 dd670aea8e1647a11c98c6041804c0bb1cbf42c97c6f8f6817aed420288012d6 Loading...

	ipinfo.io/?callback=jQuery35103343605407494362_1714053425300&_=1714053425302	672 B	2024-04-25	2024-04-25
Pretty URL ipinfo.io/?callback=jQuery35103343605407494362_1714053425300&_=1714053425302 IP 34.117.186.192 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 15:57:38 Last Seen2024-04-25 15:57:39 Times Seen3 Hash 97103a4077a46af3b7e93af7bb48fa75 7eab746804f80eedffd43c88924040870ff1f4ab 5a607d4ea7f36a04e29d7247d712861fcece0abc6a2403aa0fcc65b5bd373a57 Loading...

	ai-usmwall.click/lander/gazinvest-forma2/js/jquery.min.js	96 kB	2023-12-08	2024-04-25
Pretty URL ai-usmwall.click/lander/gazinvest-forma2/js/jquery.min.js IP 172.67.221.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 13:24:03 Last Seen2024-04-25 15:57:39 Times Seen5 Hash 3880916f99287b9ba4ca4b364c7bcf67 05d8240ee72f8c475ef3abce946bf2176f54ca6b 6c90c370760905e048b2148921404d3f4ca684bcd0da83dbe06d155d2fd9698b Loading...

	ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku	313 B	2023-10-24	2024-04-25
Pretty URL ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku IP 172.67.221.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-24 10:27:58 Last Seen2024-04-25 15:57:39 Times Seen15 Hash 82e215f76452464181f0fb541311a738 ade083329fa0227120cfde73d1db0c73a0ba7b72 c4aece060608d7c80625767c5a36100e14000efae01c0f56741047a5b8888fa8 Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js	29 kB	2023-04-05	2024-05-04
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 15:31:11 Last Seen2024-05-04 21:00:57 Times Seen401 Hash caf7bdf0ce3f11830af1d3dd0dbf931e 958a4413837457b5e3b66ca292736de8286eafa8 b0de6c6e01a16a20bab373a1e7f7b5f3ad48d1b85210965d8c956319f8ac329f Loading...

	ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku	992 B	2024-04-25	2024-04-25
Pretty URL ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku IP 172.67.221.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 15:57:39 Last Seen2024-04-25 15:57:39 Times Seen1 Hash 41b9a6dea62760e96dfddf5048bbea3e 7338eb5aa5652ffc3f0756986d6e2eedb04725bb 1afbb1a0a69cb124e8f4c00e315104a0df7db8a83c1d0e7e706c47a80dd2eddc Loading...

	userstatics.com/get/script.js?referrer=https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku	133 B	2023-11-04	2024-05-04
Pretty URL userstatics.com/get/script.js?referrer=https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku IP 104.21.53.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-04 00:48:23 Last Seen2024-05-04 19:23:07 Times Seen879 Hash fea7fbf2c619fd4b7716fcaa64070c6c f192732937981a26f526b7c1293a2ae13bc59a22 df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26 Loading...

HTTP Transactions (22)

	URL	IP	Response	Size
	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.min.js	104.17.25.14	200 OK	44 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.min.js IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 44 kB (44414 bytes) Hash e8a9b2127b0197d558dbbbcb99d80973 cb793f12ac3b8f7ac9cc69c9581bc2dc5d439ad5 cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6 HTTP Headers `GET /ajax/libs/intl-tel-input/17.0.8/js/utils.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 25 Apr 2024 13:57:04 GMT content-type: application/javascript; charset=utf-8 content-length: 44414 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5f902e29-3b7cd" last-modified: Wed, 21 Oct 2020 12:48:41 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 57693 expires: Tue, 15 Apr 2025 13:57:04 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VVBQQqfNh7rIX1NRrIaf5%2BbfFiH8lPHP2NjndiA95NS3zysV0vb1MBNDAlnyBqhsrVJ7iXNjE06OhkGqPLvEMoZ0MPi%2F7b%2BLyIor5ZztrtiVsfwfeNjVk9BG4QE5ruzlFLRvkaBQ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 879ed7115dbf5699-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js	104.17.25.14	200 OK	8.9 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (26997) Size 8.9 kB (8889 bytes) Hash f38113141ba37f6d39da0f22fb96702a bec789ca106293f96d2cf31285236398776b911e 64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd HTTP Headers `GET /ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 25 Apr 2024 13:57:04 GMT content-type: application/javascript; charset=utf-8 content-length: 8889 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5f902e0e-72d9" last-modified: Wed, 21 Oct 2020 12:48:14 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 1270890 expires: Tue, 15 Apr 2025 13:57:04 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xHubT9%2FZkcOGGmnuqGnz%2FG3mA81pvr8A5vOrbraBIJbO%2FbgPnqnFmmum1NnKpojpdx8%2FruQpOu515FDfcm1Njc5wHis4ayPTLp0hbpuI0cPGUSJJk%2BDXB9handFmLFtGK5FiRo%2Fz"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 879ed7115dbc5699-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ai-usmwall.click/lander/gazinvest-forma2/images/clock.png	172.67.221.77	200 OK	2.5 kB
URL GET HTTP/3 ai-usmwall.click/lander/gazinvest-forma2/images/clock.png IP 172.67.221.77:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerGoogle Trust Services LLC Subjectai-usmwall.click Fingerprint82:45:19:2F:08:A6:2F:15:7A:31:DC:EF:C3:BB:A1:90:2A:AF:33:B5 ValidityThu, 11 Apr 2024 08:30:24 GMT - Wed, 10 Jul 2024 08:30:23 GMT File type PNG image data, 104 x 104, 8-bit/color RGBA, non-interlaced Size 2.5 kB (2528 bytes) Hash 1cf74a90dd80bd8a70006b0dc1558f4f d95d599d05f9d6698ae1f51ffa82feebece8c3fc 3c15efe651ccb3597c303452961e431ae5a5e88544e2f37e8fcd9e8e215d7459 HTTP Headers GET /lander/gazinvest-forma2/images/clock.png HTTP/1.1 Host: ai-usmwall.click User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Cookie: utm_source=1234; utm_medium=Baku; utm_term=new4; utm_content=GazInvest-Offers-9may-b-com1; utm_campaign=%7Butm_campaign%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 25 Apr 2024 13:57:04 GMT content-type: image/png content-length: 2528 last-modified: Wed, 10 Jan 2024 13:00:01 GMT etag: "659e94d1-9e0" expires: Sun, 05 May 2024 13:57:04 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JVrXbBPGt2tCQdrbBU0DEC8OI8hzBCBVWLYBSP9w9OqLwOlixD13p%2BiJG2NR8r508SxU445MapWdcjb9XwZRC1OB9MljyQN%2FWFvkaUXAMrTuZe3PVdUzkmdljD9b5Kl9pTs3"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 879ed71138d70afe-OSL alt-svc: h3=":443"; ma=86400

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css	104.17.25.14	200 OK	2.0 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type ASCII text Size 2.0 kB (1970 bytes) Hash a69aa970266649e0b08c2cb4bc166568 d9314a52085a2bb6d284421bb18a4c546ecb73d4 ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491 HTTP Headers `GET /ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 25 Apr 2024 13:57:04 GMT content-type: text/css; charset=utf-8 content-length: 1970 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5f902e0e-62a6" last-modified: Wed, 21 Oct 2020 12:48:14 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 855635 expires: Tue, 15 Apr 2025 13:57:04 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buqmFtNH575%2FpG4IrvYGQllo1kIIDGEqRgZ7DA2wfCxJAwWL216BOF2T0RaCcusPlfv6GSxUivA%2F9URqEe%2F4F4cdp8x7wq1rwYTTMd6jv%2BbnIC2jTR%2BClup11RY2JGDFqMUHwCe7"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 879ed7116dc55699-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ai-usmwall.click/lander/gazinvest-forma2/images/gazz.png	172.67.221.77	200 OK	12 kB
URL GET HTTP/3 ai-usmwall.click/lander/gazinvest-forma2/images/gazz.png IP 172.67.221.77:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerGoogle Trust Services LLC Subjectai-usmwall.click Fingerprint82:45:19:2F:08:A6:2F:15:7A:31:DC:EF:C3:BB:A1:90:2A:AF:33:B5 ValidityThu, 11 Apr 2024 08:30:24 GMT - Wed, 10 Jul 2024 08:30:23 GMT File type PNG image data, 713 x 350, 8-bit/color RGBA, non-interlaced Size 12 kB (11926 bytes) Hash ea8bcadf59548096a42c9315e36c8072 d7605dda97dd0e8e3aa9242c14e2387fa2dc17ce 00aa5e0d4c687d136ed95cf2d0a417c659813fba448d82fe80703bc9235712a1 HTTP Headers GET /lander/gazinvest-forma2/images/gazz.png HTTP/1.1 Host: ai-usmwall.click User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Cookie: utm_source=1234; utm_medium=Baku; utm_term=new4; utm_content=GazInvest-Offers-9may-b-com1; utm_campaign=%7Butm_campaign%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 25 Apr 2024 13:57:04 GMT content-type: image/png content-length: 11926 last-modified: Wed, 10 Jan 2024 13:00:01 GMT etag: "659e94d1-2e96" expires: Sun, 05 May 2024 13:57:04 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=htCYC22CMa6K9OEcO%2FA2NYG2WUn615uqnGB3x0wV%2FCwpp1ino5dGZOLxVaiw7lZiga%2BdWBwaQ1kFbt1HlrQp0w5W%2BLSXvYWo%2FbQJqoaSMVQuCY0a%2Fd8TGVLg%2Ba0e4kO%2Bj02l"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 879ed71128d10afe-OSL alt-svc: h3=":443"; ma=86400

	ai-usmwall.click/lander/gazinvest-forma2/images/present.png	172.67.221.77	200 OK	2.5 kB
URL GET HTTP/3 ai-usmwall.click/lander/gazinvest-forma2/images/present.png IP 172.67.221.77:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerGoogle Trust Services LLC Subjectai-usmwall.click Fingerprint82:45:19:2F:08:A6:2F:15:7A:31:DC:EF:C3:BB:A1:90:2A:AF:33:B5 ValidityThu, 11 Apr 2024 08:30:24 GMT - Wed, 10 Jul 2024 08:30:23 GMT File type PNG image data, 125 x 121, 8-bit/color RGBA, non-interlaced Size 2.5 kB (2477 bytes) Hash e1749c97dd560056756cc3a8cc6878d2 c4176ee43e5d681d5f49b7ff7eb47f430b55cc06 56e1eb0f1fb279fe8588109fca4a88e1c48007142ee39c4cc0619ec021562bc8 HTTP Headers GET /lander/gazinvest-forma2/images/present.png HTTP/1.1 Host: ai-usmwall.click User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Cookie: utm_source=1234; utm_medium=Baku; utm_term=new4; utm_content=GazInvest-Offers-9may-b-com1; utm_campaign=%7Butm_campaign%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 25 Apr 2024 13:57:04 GMT content-type: image/png content-length: 2477 last-modified: Wed, 10 Jan 2024 13:00:01 GMT etag: "659e94d1-9ad" expires: Sun, 05 May 2024 13:57:04 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HmsCfsD5hJGDQVP41xuy3Zol%2FzjpCu0wxPG3IFIyKxKVWPtRQYaFCgcAU6VvyERVmui0BGCYseGRZtoZ8qDGb33%2FfhG1LcZyJCLWX45LDsbJs0Fz6CPjIJMhz4MhEeEBpVuM"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 879ed71128d20afe-OSL alt-svc: h3=":443"; ma=86400

	ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku	172.67.221.77	200 OK	11 kB
URL User Request GET HTTP/2 ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku IP 172.67.221.77:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectai-usmwall.click Fingerprint82:45:19:2F:08:A6:2F:15:7A:31:DC:EF:C3:BB:A1:90:2A:AF:33:B5 ValidityThu, 11 Apr 2024 08:30:24 GMT - Wed, 10 Jul 2024 08:30:23 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (789) Size 11 kB (10782 bytes) Hash 26301e9f799cd662d0772f5b7cf4a8be 85c62f3880c1f06f1b99c31bc3ee68213935e341 65a803c29847d77005fd130ad2dd545dc3217d96eb047d594d468df682ea0409 HTTP Headers GET /m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku HTTP/1.1 Host: ai-usmwall.click User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Thu, 25 Apr 2024 13:57:04 GMT content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: Thu, 25 Apr 2024 13:57:04 GMT set-cookie: utm_source=1234; expires=Sat, 25-May-2024 13:57:04 GMT; Max-Age=2592000; path=/ utm_medium=Baku; expires=Sat, 25-May-2024 13:57:04 GMT; Max-Age=2592000; path=/ utm_term=new4; expires=Sat, 25-May-2024 13:57:04 GMT; Max-Age=2592000; path=/ utm_content=GazInvest-Offers-9may-b-com1; expires=Sat, 25-May-2024 13:57:04 GMT; Max-Age=2592000; path=/ utm_campaign=%7Butm_campaign%7D; expires=Sat, 25-May-2024 13:57:04 GMT; Max-Age=2592000; path=/ vary: Accept-Encoding x-powered-by: PHP/7.4.33 access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KYRuIFRAWkJcdQ1P%2F78jF67fX1GMRf5qeCIuzJ6xqMjiGdKDRVqDb%2BVsnRoy9MnZ3tuJrNIdUOpVyoTQ1Z0%2BJt706%2B2PbS0wFbdF7x1xqX4liHiuoA6P9xfmp4MGBweAwNkx"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 879ed70f29a056c5-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ai-usmwall.click/lander/gazinvest-forma2/images/b4d657e7ef262b88eb5f7ac021edda87.gif	172.67.221.77	200 OK	45 kB
URL GET HTTP/3 ai-usmwall.click/lander/gazinvest-forma2/images/b4d657e7ef262b88eb5f7ac021edda87.gif IP 172.67.221.77:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerGoogle Trust Services LLC Subjectai-usmwall.click Fingerprint82:45:19:2F:08:A6:2F:15:7A:31:DC:EF:C3:BB:A1:90:2A:AF:33:B5 ValidityThu, 11 Apr 2024 08:30:24 GMT - Wed, 10 Jul 2024 08:30:23 GMT File type GIF image data, version 89a, 256 x 256 Size 45 kB (45404 bytes) Hash 3f2590067056b4f0630d5b360e694fce 8686bc4a12cc862516974c39080f89de85c21fa6 ba67f5cbb26d1c913527475815f0c8d4c4519b092a7544f015cc021360240275 HTTP Headers GET /lander/gazinvest-forma2/images/b4d657e7ef262b88eb5f7ac021edda87.gif HTTP/1.1 Host: ai-usmwall.click User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Cookie: utm_source=1234; utm_medium=Baku; utm_term=new4; utm_content=GazInvest-Offers-9may-b-com1; utm_campaign=%7Butm_campaign%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 25 Apr 2024 13:57:05 GMT content-type: image/gif content-length: 45404 last-modified: Wed, 10 Jan 2024 13:00:01 GMT etag: "659e94d1-b15c" expires: Sun, 05 May 2024 13:57:04 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2BFgs6jqF1BpYeInTCFjwlfdKLegoSK5J1ydPj4KCrI%2FskfQfTNWyCSRnQV9hIeJnpNpOBoeWXPYezQek0ReCYnT4l1qh9QdyfjIQ4Xve9OoGfW2vpybmcMIzisx8kD4lUj5"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 879ed71138db0afe-OSL alt-svc: h3=":443"; ma=86400

	code.jquery.com/jquery-3.5.1.min.js	151.101.194.137	200 OK	90 kB
URL GET HTTP/2 code.jquery.com/jquery-3.5.1.min.js IP 151.101.194.137:443 ASN #54113 FASTLY Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerSectigo Limited Subject.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65451) Size 90 kB (89476 bytes) Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d HTTP Headers `GET /jquery-3.5.1.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: "28feccc0-15d84" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Thu, 25 Apr 2024 13:57:04 GMT age: 1582543 x-served-by: cache-lga21981-LGA, cache-hel1410026-HEL x-cache: HIT, HIT x-cache-hits: 1878, 15282 x-timer: S1714053425.989492,VS0,VE0 vary: Accept-Encoding content-length: 89476 X-Firefox-Spdy: h2

	ai-usmwall.click/lander/gazinvest-forma2/images/loa.gif	172.67.221.77	200 OK	417 kB
URL GET HTTP/3 ai-usmwall.click/lander/gazinvest-forma2/images/loa.gif IP 172.67.221.77:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerGoogle Trust Services LLC Subjectai-usmwall.click Fingerprint82:45:19:2F:08:A6:2F:15:7A:31:DC:EF:C3:BB:A1:90:2A:AF:33:B5 ValidityThu, 11 Apr 2024 08:30:24 GMT - Wed, 10 Jul 2024 08:30:23 GMT File type GIF image data, version 89a, 498 x 498 Size 417 kB (417351 bytes) Hash ae9a002cdde76f2b777a1a6f91822c19 94432ce9d9319270ba57d16cd3fa82ca56a4d55c 185f09b152e16dec9914f8506a0bbcaea540a47353ff09909a5a4d0a88fad0eb HTTP Headers GET /lander/gazinvest-forma2/images/loa.gif HTTP/1.1 Host: ai-usmwall.click User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Cookie: utm_source=1234; utm_medium=Baku; utm_term=new4; utm_content=GazInvest-Offers-9may-b-com1; utm_campaign=%7Butm_campaign%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 25 Apr 2024 13:57:04 GMT content-type: image/gif content-length: 417351 last-modified: Wed, 10 Jan 2024 13:00:01 GMT etag: "659e94d1-65e47" expires: Sun, 05 May 2024 13:57:04 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQC2U0UVc4PZzcwJ5zC3wVOtXXZvPq3G5FuxgrjRetOFMyI9%2BLy9RJg50JUylQ8XLyyRoARuKocq0%2BI53hSYQdhlOIntVtODMse%2BCq3Gf%2FAtV4uu0KnTPkAL0A6pgucVvCEV"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 879ed71128ce0afe-OSL alt-svc: h3=":443"; ma=86400

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/flags.png	104.17.25.14		71 kB
URL GET cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/flags.png IP 104.17.25.14:0 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced Size 71 kB (70862 bytes) Hash 416250f60d785a2e02f17e054d2e4e44 21572c9751e5a3dc20395befa0fcb349c32c4811 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55 HTTP Headers GET /ajax/libs/intl-tel-input/17.0.8/img/flags.png HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 25 Apr 2024 13:57:05 GMT content-type: image/png; charset=utf-8 content-length: 70862 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5f902e0e-114c9" last-modified: Wed, 21 Oct 2020 12:48:14 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 3074675 expires: Tue, 15 Apr 2025 13:57:05 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AtFfg4TBd2EaiS3KM%2BvShBgDskivjIGbtVnIvEzRDcNUnSjiBexwi%2F8v6Nj6SY0t37EAMo%2FeVj%2FxrQSo1%2BmC%2F865fb2ZSapEI%2BSBWmM3X4hxSU7vHdJzxVeM%2Fos85ult9qmmGOaM"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 879ed714cf9ab4ff-OSL alt-svc: h3=":443"; ma=86400

	ai-usmwall.click/lander/gazinvest-forma2/images/bg.jpg	172.67.221.77	200 OK	348 kB
URL GET HTTP/3 ai-usmwall.click/lander/gazinvest-forma2/images/bg.jpg IP 172.67.221.77:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerGoogle Trust Services LLC Subjectai-usmwall.click Fingerprint82:45:19:2F:08:A6:2F:15:7A:31:DC:EF:C3:BB:A1:90:2A:AF:33:B5 ValidityThu, 11 Apr 2024 08:30:24 GMT - Wed, 10 Jul 2024 08:30:23 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2400x1600, components 3 Size 348 kB (348342 bytes) Hash 1ba956690e23de05af6faf48ac9a14f1 4f2824f13b6d6c73b13c97bbd182cce2642741b7 bf1d48f8eaee604f013fca35b5f09ad2e1493981ef7768bbec18a24c9925c980 HTTP Headers GET /lander/gazinvest-forma2/images/bg.jpg HTTP/1.1 Host: ai-usmwall.click User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Cookie: utm_source=1234; utm_medium=Baku; utm_term=new4; utm_content=GazInvest-Offers-9may-b-com1; utm_campaign=%7Butm_campaign%7D; PHPREFS=full Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 25 Apr 2024 13:57:05 GMT content-type: image/jpeg content-length: 348342 last-modified: Wed, 10 Jan 2024 13:00:01 GMT etag: "659e94d1-550b6" expires: Sun, 05 May 2024 13:57:05 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xjI%2FIlahNY9Es%2BEiG5vmx3HjT7mzyL5kYAZvt6L6CoZzPrGif2l0nz1nGFvjkmjswI8G7yk6EeLVhPTdzpnVSCl4oHqipuOiwIYiHyLw1gaMIaVfIa9KzQrT%2BJ4nYGWGSa0C"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 879ed713ea8b0afe-OSL alt-svc: h3=":443"; ma=86400

	ipinfo.io/?callback=jQuery35103343605407494362_1714053425300&_=1714053425301	34.117.186.192	200 OK	672 B
URL GET HTTP/2 ipinfo.io/?callback=jQuery35103343605407494362_1714053425300&_=1714053425301 IP 34.117.186.192:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerLet's Encrypt Subjectipinfo.io FingerprintC3:D1:C0:FE:0C:C8:E1:18:4F:C8:22:D0:9C:FF:D9:F4:EF:72:CD:6B ValidityFri, 19 Apr 2024 20:17:23 GMT - Thu, 18 Jul 2024 20:17:22 GMT File type JavaScript source, ASCII text, with very long lines (391) Size 672 B (672 bytes) Hash 97103a4077a46af3b7e93af7bb48fa75 7eab746804f80eedffd43c88924040870ff1f4ab 5a607d4ea7f36a04e29d7247d712861fcece0abc6a2403aa0fcc65b5bd373a57 HTTP Headers `GET /?callback=jQuery35103343605407494362_1714053425300&_=1714053425301 HTTP/1.1 Host: ipinfo.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.24.0 date: Thu, 25 Apr 2024 13:57:05 GMT content-type: text/javascript; charset=utf-8 content-length: 672 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 2 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ipinfo.io/?callback=jQuery35103343605407494362_1714053425300&_=1714053425302	34.117.186.192	200 OK	672 B
URL GET HTTP/3 ipinfo.io/?callback=jQuery35103343605407494362_1714053425300&_=1714053425302 IP 34.117.186.192:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerLet's Encrypt Subjectipinfo.io FingerprintC3:D1:C0:FE:0C:C8:E1:18:4F:C8:22:D0:9C:FF:D9:F4:EF:72:CD:6B ValidityFri, 19 Apr 2024 20:17:23 GMT - Thu, 18 Jul 2024 20:17:22 GMT File type JavaScript source, ASCII text, with very long lines (391) Size 672 B (672 bytes) Hash 97103a4077a46af3b7e93af7bb48fa75 7eab746804f80eedffd43c88924040870ff1f4ab 5a607d4ea7f36a04e29d7247d712861fcece0abc6a2403aa0fcc65b5bd373a57 HTTP Headers `GET /?callback=jQuery35103343605407494362_1714053425300&_=1714053425302 HTTP/1.1 Host: ipinfo.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/3 200 OK server: nginx/1.24.0 date: Thu, 25 Apr 2024 13:57:05 GMT content-type: text/javascript; charset=utf-8 content-length: 672 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 3 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	ai-usmwall.click/lander/gazinvest-forma2/css/style.css	172.67.221.77	200 OK	1.6 kB
URL GET HTTP/3 ai-usmwall.click/lander/gazinvest-forma2/css/style.css IP 172.67.221.77:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerGoogle Trust Services LLC Subjectai-usmwall.click Fingerprint82:45:19:2F:08:A6:2F:15:7A:31:DC:EF:C3:BB:A1:90:2A:AF:33:B5 ValidityThu, 11 Apr 2024 08:30:24 GMT - Wed, 10 Jul 2024 08:30:23 GMT File type Unicode text, UTF-8 (with BOM) text Size 1.6 kB (1561 bytes) Hash 710f658a1c6c7ad755c413b56b9b5801 fadf7d00ce8a5e14a716e7a836db446633576a93 b6d95b72c3d95434272b426059d8d81ed720e19270fced905cefb6bbbff9fa20 HTTP Headers GET /lander/gazinvest-forma2/css/style.css HTTP/1.1 Host: ai-usmwall.click User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Cookie: utm_source=1234; utm_medium=Baku; utm_term=new4; utm_content=GazInvest-Offers-9may-b-com1; utm_campaign=%7Butm_campaign%7D Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 25 Apr 2024 13:57:04 GMT content-type: text/css last-modified: Wed, 10 Jan 2024 13:00:01 GMT etag: W/"659e94d1-bb0" expires: Sun, 05 May 2024 13:57:04 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=irKdaC12uG3oDSgAhex%2FY4BtokObRS66R%2Btau51Yin3RAkLZKiF24nv8ucBw0N9PxjUKAD0rqluf5vJGj1gBeI0F%2F3hu6z1oXvI7ZToa0mSWm5kxi37oOzORIQQiQ5%2FIu6tB"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 879ed71128c90afe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ai-usmwall.click/lander/gazinvest-forma2/js/jquery.min.js	172.67.221.77	200 OK	41 kB
URL GET HTTP/3 ai-usmwall.click/lander/gazinvest-forma2/js/jquery.min.js IP 172.67.221.77:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerGoogle Trust Services LLC Subjectai-usmwall.click Fingerprint82:45:19:2F:08:A6:2F:15:7A:31:DC:EF:C3:BB:A1:90:2A:AF:33:B5 ValidityThu, 11 Apr 2024 08:30:24 GMT - Wed, 10 Jul 2024 08:30:23 GMT File type JavaScript source, ASCII text, with very long lines (32547) Size 41 kB (41419 bytes) Hash 3880916f99287b9ba4ca4b364c7bcf67 05d8240ee72f8c475ef3abce946bf2176f54ca6b 6c90c370760905e048b2148921404d3f4ca684bcd0da83dbe06d155d2fd9698b HTTP Headers GET /lander/gazinvest-forma2/js/jquery.min.js HTTP/1.1 Host: ai-usmwall.click User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Cookie: utm_source=1234; utm_medium=Baku; utm_term=new4; utm_content=GazInvest-Offers-9may-b-com1; utm_campaign=%7Butm_campaign%7D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 25 Apr 2024 13:57:04 GMT content-type: application/javascript last-modified: Wed, 10 Jan 2024 13:00:01 GMT etag: W/"659e94d1-177f8" expires: Sun, 05 May 2024 13:57:04 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BryB19UdKACHqMLSY17V0l1lJR97FTHXHLgesGmnxlRB4Y1jbewfqmTGmD7LS3C3vRnSdSrA%2BpIbzGnsw%2BhyXyrPtanshKs33KhTrdq7ycShFBWigzPbd1STTYyvTQyz5DCg"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 879ed71128cc0afe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	userstatics.com/get/script.js?referrer=https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku	104.21.53.38		9.9 kB
URL GET userstatics.com/get/script.js?referrer=https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku IP 104.21.53.38:0 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerLet's Encrypt Subjectuserstatics.com FingerprintAB:62:24:6D:5D:BB:D9:D8:00:B7:CB:47:DD:7C:74:69:C8:48:16:49 ValidityThu, 28 Mar 2024 13:34:23 GMT - Wed, 26 Jun 2024 13:34:22 GMT File type ASCII text, with no line terminators Size 9.9 kB (9942 bytes) Hash fea7fbf2c619fd4b7716fcaa64070c6c f192732937981a26f526b7c1293a2ae13bc59a22 df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26 HTTP Headers GET /get/script.js?referrer=https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku HTTP/1.1 Host: userstatics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Thu, 25 Apr 2024 13:57:06 GMT content-type: text/html; charset=utf-8 x-powered-by: PHP/8.2.1 access-control-allow-origin: https://ai-usmwall.click access-control-allow-methods: GET, POST access-control-allow-headers: X-Requested-With,content-type access-control-allow-credentials: true cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fyuEaszxYQmh%2B23BHEzIgRcfu20roiY1mk1OIoXoN5GbQpy4Lv4hYfxBYIAQcdqPgOKUhNIVG51XwEB%2BADcYq1iZlMfrnRz1YY8M3oi8mxGHPyP1AO7uc4%2FNva9yletUyiU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 879ed71a4cb7569d-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ai-usmwall.click/lander/gazinvest-forma2/js/jquery-3.6.0.min.js	172.67.221.77	200 OK	90 kB
URL GET HTTP/3 ai-usmwall.click/lander/gazinvest-forma2/js/jquery-3.6.0.min.js IP 172.67.221.77:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerGoogle Trust Services LLC Subjectai-usmwall.click Fingerprint82:45:19:2F:08:A6:2F:15:7A:31:DC:EF:C3:BB:A1:90:2A:AF:33:B5 ValidityThu, 11 Apr 2024 08:30:24 GMT - Wed, 10 Jul 2024 08:30:23 GMT File type JavaScript source, ASCII text, with very long lines (65447) Size 90 kB (89963 bytes) Hash c9cfa418058539d3bcf455ec384f72a9 15bd981180658c0e2c8ade5a7d2dbac95249fd47 4d51d11b4d346dfa7191904a365bd17507c08bbdaa7f0e2e7fb2dd41518d10ef HTTP Headers GET /lander/gazinvest-forma2/js/jquery-3.6.0.min.js HTTP/1.1 Host: ai-usmwall.click User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Cookie: utm_source=1234; utm_medium=Baku; utm_term=new4; utm_content=GazInvest-Offers-9may-b-com1; utm_campaign=%7Butm_campaign%7D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Thu, 25 Apr 2024 13:57:04 GMT content-type: application/javascript last-modified: Wed, 10 Jan 2024 13:00:01 GMT etag: W/"659e94d1-15f6b" expires: Sun, 05 May 2024 13:57:04 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2IudxoiGNv8JNv%2FEXUBSzUo1FPWDAfEU%2Fs4LhD0PwY0%2BPfHs4pZl3jJwPYU39h14%2BuYkcGsvHtxgCMDS9URq6pF%2F9twlPtcgQjVbsEfbwxqgR3ULxYrgLY46K5zTiJiSayby"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 879ed71138dc0afe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ai-usmwall.click/lander/gazinvest-forma2/check.css	172.67.221.77	200 OK	13 kB
URL GET HTTP/3 ai-usmwall.click/lander/gazinvest-forma2/check.css IP 172.67.221.77:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerGoogle Trust Services LLC Subjectai-usmwall.click Fingerprint82:45:19:2F:08:A6:2F:15:7A:31:DC:EF:C3:BB:A1:90:2A:AF:33:B5 ValidityThu, 11 Apr 2024 08:30:24 GMT - Wed, 10 Jul 2024 08:30:23 GMT File type assembler source, ASCII text Size 13 kB (13129 bytes) Hash 78807fda77d140f3f0f43f33e3af56bb 3c2d43746f301487716684c3b5e8516725223b61 78c757cac3f0234982d411b08a58828c0b5ec85882628e60276398912dcc4ffe HTTP Headers GET /lander/gazinvest-forma2/check.css HTTP/1.1 Host: ai-usmwall.click User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Cookie: utm_source=1234; utm_medium=Baku; utm_term=new4; utm_content=GazInvest-Offers-9may-b-com1; utm_campaign=%7Butm_campaign%7D Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Thu, 25 Apr 2024 13:57:04 GMT content-type: text/css last-modified: Wed, 06 Mar 2024 13:03:52 GMT etag: W/"65e869b8-3349" expires: Sun, 05 May 2024 13:57:04 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qE1nImdNxltqc1YxHY3VlK%2FCWGGvB1AEuN5LjDmV5N7FmwmPXO5kU6NL7TOUR%2B02%2Bk4AfVg9amgx1G92E3WNgv40lsYcLzzckm5O4HpzPN65msGJ7ynGPtRkJsGVB3KYdV5i"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 879ed71128cb0afe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ai-usmwall.click/favicon.ico	172.67.221.77	404 Not Found	146 B
URL GET HTTP/3 ai-usmwall.click/favicon.ico IP 172.67.221.77:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerGoogle Trust Services LLC Subjectai-usmwall.click Fingerprint82:45:19:2F:08:A6:2F:15:7A:31:DC:EF:C3:BB:A1:90:2A:AF:33:B5 ValidityThu, 11 Apr 2024 08:30:24 GMT - Wed, 10 Jul 2024 08:30:23 GMT File type HTML document, ASCII text, with no line terminators Size 146 B (146 bytes) Hash 40b3fc14254227ec5012d996bf90c4e1 b0dd06eb5a779151151101337889ff09953f8ac0 740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca HTTP Headers GET /favicon.ico HTTP/1.1 Host: ai-usmwall.click User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Cookie: utm_source=1234; utm_medium=Baku; utm_term=new4; utm_content=GazInvest-Offers-9may-b-com1; utm_campaign=%7Butm_campaign%7D; PHPREFS=full Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 404 Not Found date: Thu, 25 Apr 2024 13:57:05 GMT content-type: text/html cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4ZYW%2B0B3OTere0Qd%2BXPmVs1ILa5KL1JX17yFMhB628WOEZEe5o97drX8l3HCrLyvLXmvTuEe83C1ihWsxLh6Mo5X8rkPmyotOebEHqTzAV8eAPV4EhxG%2FZUQjmxlV3KUKui"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 879ed7163bc10afe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ai-usmwall.click/lander/gazinvest-forma2/images/ruby.png	172.67.221.77	200 OK	3.5 kB
URL GET HTTP/3 ai-usmwall.click/lander/gazinvest-forma2/images/ruby.png IP 172.67.221.77:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerGoogle Trust Services LLC Subjectai-usmwall.click Fingerprint82:45:19:2F:08:A6:2F:15:7A:31:DC:EF:C3:BB:A1:90:2A:AF:33:B5 ValidityThu, 11 Apr 2024 08:30:24 GMT - Wed, 10 Jul 2024 08:30:23 GMT File type PNG image data, 100 x 117, 8-bit/color RGBA, non-interlaced Size 3.5 kB (3483 bytes) Hash 5c93cb2e265ebf865150e26dbea24490 de78c09010659b29eb044361094f7d4f4b10cfbc 90001d84776750a840536cb79a96d4fbbd64d93844d86e392e4e3cb385d68972 HTTP Headers GET /lander/gazinvest-forma2/images/ruby.png HTTP/1.1 Host: ai-usmwall.click User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Cookie: utm_source=1234; utm_medium=Baku; utm_term=new4; utm_content=GazInvest-Offers-9may-b-com1; utm_campaign=%7Butm_campaign%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Thu, 25 Apr 2024 13:57:04 GMT content-type: image/png content-length: 3483 last-modified: Wed, 10 Jan 2024 13:00:01 GMT etag: "659e94d1-d9b" expires: Sun, 05 May 2024 13:57:04 GMT cache-control: max-age=864000 access-control-allow-origin: * cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xe%2B4%2BHqHKXcaFK3F4FYfirIf%2F3s5QxxH8j17JfRehavBl61VktHn5CNxnUoiMyT2ChK%2B1JtVK%2BI0VNDK%2FkaQlgDmfI2hzpg4tfnnTfufL%2FNFowj5KF8fuVvqxXn6sHKpDgB9"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 879ed71138d30afe-OSL alt-svc: h3=":443"; ma=86400

	ai-usmwall.click/lander/gazinvest-forma2/css2.html	172.67.221.77	200 OK	0 B
URL GET HTTP/3 ai-usmwall.click/lander/gazinvest-forma2/css2.html IP 172.67.221.77:443 ASN #13335 CLOUDFLARENET Requested by https://ai-usmwall.click/m6VRm9m9?cost=[CPC]&external_id=[CLICK]&creative_id=[TID]&ad_campaign_id=[CID]&source=[SID]&utm_campaign={utm_campaign}&utm_source=1234&utm_term=new4&utm_content=GazInvest-Offers-9may-b-com1&utm_medium=Baku Certificate IssuerGoogle Trust Services LLC Subjectai-usmwall.click Fingerprint82:45:19:2F:08:A6:2F:15:7A:31:DC:EF:C3:BB:A1:90:2A:AF:33:B5 ValidityThu, 11 Apr 2024 08:30:24 GMT - Wed, 10 Jul 2024 08:30:23 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /lander/gazinvest-forma2/css2.html HTTP/1.1 Host: ai-usmwall.click User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ai-usmwall.click/lander/gazinvest-forma2/css/style.css Cookie: utm_source=1234; utm_medium=Baku; utm_term=new4; utm_content=GazInvest-Offers-9may-b-com1; utm_campaign=%7Butm_campaign%7D Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Thu, 25 Apr 2024 13:57:05 GMT content-type: text/html last-modified: Wed, 10 Jan 2024 13:00:01 GMT x-content-type-options: nosniff cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3M3dDb61pJqP0ROG2jB2GycOWDGDovHs6x1tvaepiSxdJG5lJ18TdU%2Bnw75FnEuOpWJBJ%2ByvKqAaNuD%2BPR50MhBpmScM8M9eev9YY6jOkmEqw%2BR%2FWV6z0jRpsM8onodZ%2FNw3"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 879ed7136a0e0afe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML