| eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcounterfeit-trouble-784092eb2860.herokuapp.com%2Fu%3Fmid%3D65ed7b06b3755200073363e9&data=05%7C02%7Cguyse%40elal.co.il%7C3c1a7a8b0c6941b5949b08dc5e03108a%7C4e65b2ce63ec4dff8fd9290082cc0def%7C0%7C0%7C638488614458805617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=mgjEX5T6tvcELNQIKQ49fNs0DLZ%2BxyLjE0rIilAfQCA%3D&reserved=0 | 104.47.1.28 | | 202 B |
URL eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcounterfeit-trouble-784092eb2860.herokuapp.com%2Fu%3Fmid%3D65ed7b06b3755200073363e9&data=05%7C02%7Cguyse%40elal.co.il%7C3c1a7a8b0c6941b5949b08dc5e03108a%7C4e65b2ce63ec4dff8fd9290082cc0def%7C0%7C0%7C638488614458805617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=mgjEX5T6tvcELNQIKQ49fNs0DLZ%2BxyLjE0rIilAfQCA%3D&reserved=0 IP104.47.1.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeHTML document, ASCII text, with CRLF line terminators Hash6e9e1f4c56517c1ce88c9749bb59c2a2 41103d8999d2477b4ee9d016ebf7eadc0b161f46 a9d75bb3b3498c7656124cf09f3669104085ea371fec1d34656a24af1d91f599
GET /?url=https%3A%2F%2Fcounterfeit-trouble-784092eb2860.herokuapp.com%2Fu%3Fmid%3D65ed7b06b3755200073363e9&data=05%7C02%7Cguyse%40elal.co.il%7C3c1a7a8b0c6941b5949b08dc5e03108a%7C4e65b2ce63ec4dff8fd9290082cc0def%7C0%7C0%7C638488614458805617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=mgjEX5T6tvcELNQIKQ49fNs0DLZ%2BxyLjE0rIilAfQCA%3D&reserved=0 HTTP/1.1
Host: eur01.safelinks.protection.outlook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://counterfeit-trouble-784092eb2860.herokuapp.com/u?mid=65ed7b06b3755200073363e9
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 4.0
X-SL-GetUrlReputation-Verdict: Good
X-Robots-Tag: noindex, nofollow
X-AspNet-Version: 4.0.30319
X-ServerName: VE1EUR01WS213
X-ServerVersion: 15.20.7495.016
X-ServerLat: 1010
X-SafeLinks-Tracking-Id: a9fd8902-76d0-41a3-d1dc-08dc5e0dbd3a
X-Powered-By: ASP.NET
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
Date: Tue, 16 Apr 2024 12:07:08 GMT
Connection: close
Content-Length: 202
|
|
| counterfeit-trouble-784092eb2860.herokuapp.com/u?mid=65ed7b06b3755200073363e9 | 18.211.231.38 | 307 Temporary Redirect | 150 B |
URL User Request GET HTTP/1.1counterfeit-trouble-784092eb2860.herokuapp.com/u?mid=65ed7b06b3755200073363e9 IP18.211.231.38:443
CertificateIssuerAmazon Subject*.herokuapp.com Fingerprint3B:29:54:6C:7D:F7:0A:37:A4:57:D7:95:85:10:EA:20:C4:29:FB:F6 ValiditySat, 02 Mar 2024 00:00:00 GMT - Mon, 31 Mar 2025 23:59:59 GMT
File typeHTML document, ASCII text Hashf612864583537fae8bf94eb98be1c518 0873e1715de7739deef4bde2059dc8d7402e9f1d ccfbcfa9e685a99c77be7cf542a686c9d2b458f289ecce0bf9a662e2a3611f98
GET /u?mid=65ed7b06b3755200073363e9 HTTP/1.1
Host: counterfeit-trouble-784092eb2860.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: Cowboy
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713269229&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=DmXPQ9UP4k2nxn5zxXZvl%2B39B%2Bt7D%2BOjFeLSgAhoLRI%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713269229&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=DmXPQ9UP4k2nxn5zxXZvl%2B39B%2Bt7D%2BOjFeLSgAhoLRI%3D
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Location: https://www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9
Date: Tue, 16 Apr 2024 12:07:09 GMT
Content-Length: 150
Via: 1.1 vegur
|
|
| assets.apollo.io/js/unsubscribe-ui.js | 34.102.205.190 | | 104 kB |
URL assets.apollo.io/js/unsubscribe-ui.js IP34.102.205.190:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64641) Size104 kB (104338 bytes) Hash97579d4e4b5a5096424fee9eada4b09a a1ff12f9e66014fb81cfaef7a1d45ba189775bdf 5c0c980afa596f47e2ee8128218bf506fd1f60b297ec923afa19c53b76cf820e
GET /js/unsubscribe-ui.js HTTP/1.1
Host: assets.apollo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.aptracking1.com
DNT: 1
Connection: keep-alive
Referer: https://www.aptracking1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPrStY8x6Y4FmQwdvBwFPxqqj91g9yspD73OaErnhJNQe0EM9ydehXUDMDMJtUr0tn9mxwY
x-goog-generation: 1713263979892770
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 104338
content-encoding: gzip
x-goog-hash: crc32c=y0705g==, md5=0IMQCBfCUTOvpUyQ8Ncqdw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 104338
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 16 Apr 2024 11:10:37 GMT
last-modified: Tue, 16 Apr 2024 10:39:40 GMT
etag: "d083100817c25133afa54c90f0d72a77"
content-type: application/javascript
age: 3393
cache-control: no-transform,public,immutable,max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| assets.apollo.io/js/bundle-app-production-8015-a4a05b611c31fdf0ac15.js | 34.102.205.190 | 200 OK | 33 kB |
URL GET HTTP/3assets.apollo.io/js/bundle-app-production-8015-a4a05b611c31fdf0ac15.js IP34.102.205.190:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9 CertificateIssuerGoogle Trust Services LLC Subjectassets.apollo.io Fingerprint9A:08:77:B9:F3:F5:99:42:B1:FD:72:6E:ED:0A:40:15:59:6E:CA:8F ValidityWed, 06 Mar 2024 18:07:04 GMT - Tue, 04 Jun 2024 19:00:37 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Hash6237a4cdcbce9cf5d73cec3f74e31bb5 b5a70c6ff79807ab4c204b6e686cf6d010b06214 e4a00f4b22b17bf91b23ea56f334544cf1679ae5ee643c5202163deb79aabd0b
GET /js/bundle-app-production-8015-a4a05b611c31fdf0ac15.js HTTP/1.1
Host: assets.apollo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.aptracking1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
x-guploader-uploadid: ABPtcPphX-9kEISyScBw2eRGOEY0eZQ1GQ8Igg--wfLClQeXvxd0RUjbuXYmOoChZTg8t56zZWg
x-goog-generation: 1713263974067888
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 33086
content-encoding: gzip
x-goog-hash: crc32c=p/6eJA==, md5=HqopAq21CHU5P2f8iE39qw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 33086
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Tue, 16 Apr 2024 11:19:37 GMT
last-modified: Tue, 16 Apr 2024 10:39:34 GMT
etag: "1eaa2902adb50875393f67fc884dfdab"
content-type: application/javascript
age: 2853
cache-control: no-transform,public,immutable,max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| assets.apollo.io/js/bundle-app-production-8627-07fdd6b2e595c0888e76.js | 34.102.205.190 | | 5.0 kB |
URL assets.apollo.io/js/bundle-app-production-8627-07fdd6b2e595c0888e76.js IP34.102.205.190:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeJavaScript source, ASCII text, with very long lines (10042) Hash7d5ad8e7fba48ebbf2690bbd2dcb72f4 d60185d2aa6cb1c5a8d3139a19e6b6202d9b34a6 0297744cea33c39ca71fae8de0f2a273a529f348131cfd9fc46cd9bffe927a8d
GET /js/bundle-app-production-8627-07fdd6b2e595c0888e76.js HTTP/1.1
Host: assets.apollo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.aptracking1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
x-guploader-uploadid: ABPtcPqMQG56i754eKT-wzEhTqxyBKaC9gSFo0BvDWq-vV6aTNo-963ywAVuuR7z7Hkw7P12XldkrXC1jw
x-goog-generation: 1713263976390971
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 4951
content-encoding: gzip
x-goog-hash: crc32c=B2vTVw==, md5=+CGzQ+zoU2oBy/RaEqX6dg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 4951
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Tue, 16 Apr 2024 11:19:56 GMT
last-modified: Tue, 16 Apr 2024 10:39:36 GMT
etag: "f821b343ece8536a01cbf45a12a5fa76"
content-type: application/javascript
age: 2834
cache-control: no-transform,public,immutable,max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| assets.apollo.io/js/bundle-app-production-7012-aa5ef30cf39d392a8ad9.js | 34.102.205.190 | | 36 kB |
URL assets.apollo.io/js/bundle-app-production-7012-aa5ef30cf39d392a8ad9.js IP34.102.205.190:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashdade41ae1adf837e10f2d06b15065b04 9e4857b06dbc8386541f7d7615cd1c843c280d25 92975c4e4aead4c2ef7e6bec5e09809d57158f393be5f9901dd789550e46b5a8
GET /js/bundle-app-production-7012-aa5ef30cf39d392a8ad9.js HTTP/1.1
Host: assets.apollo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.aptracking1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
x-guploader-uploadid: ABPtcPolsdUiOFTkHhyWuwGYPBKAZheFTre3VOCmdc6qjZfrrdK4ADFCQLSaKzqz3S3uDMDeZD0
x-goog-generation: 1713268547852588
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 35888
content-encoding: gzip
x-goog-hash: crc32c=QGj0SA==, md5=EGOTyu9QtW4Nv7LLNGA9Kw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 35888
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Tue, 16 Apr 2024 12:03:24 GMT
last-modified: Tue, 16 Apr 2024 11:55:47 GMT
etag: "106393caef50b56e0dbfb2cb34603d2b"
content-type: application/javascript
age: 226
cache-control: no-transform,public,immutable,max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.aptracking1.com/favicon.ico | 34.149.61.18 | | 1.4 kB |
URL www.aptracking1.com/favicon.ico IP34.149.61.18:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeMS Windows icon resource - 1 icon, 16x16, 8 bits/pixel Hash1f5103571dcb6984d79efd6e129d5c48 ade1688fda202178126ecb7a56e851d482c50fb4 0afb297fcaf9ac134966020c8cf37ad63121529f28a509a57b3c4ee502f14e13
GET /favicon.ico HTTP/1.1
Host: www.aptracking1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9
Cookie: X-CSRF-TOKEN=U8ZF2g5ZVmdkljlYHJd6_mIArBsFZFgIgB4UiB52woTwy6SsQItGIckLH58JtzP7pHgTU6lpICOmgAkYMw5srQ; _leadgenie_session=nUHRFZplpk7EcfnxDs5e18i91n%2FXHWajHH5KyzUhtRvYbWwlFoR6iOjp3NJmY4FQZra1LrKbHp3sHI%2F9epOKAGvS%2FPVPAjOpLoeEOdkyo5PTFWK5uiQsThBgPOTC40UESXT%2BGmadWHr5gyz67UVE7Y0Pz4%2F9xy1eeHNjXpTSNY0129bOtefuq6vHbSphT2rFf%2BsaethwRabniDuCcMjR7xkUGNgxTqFy9WmqKyVtVBHo4az1U1XK6wAC5n0nYGMpkbGYDiAmNXTvHAVt%2BWGqnqK%2BMUFCw138md0%3D--Tr0QiTJgYUQIqQ2j--VEikip1PX4%2FiLpPfuOCJQw%3D%3D; GCLB=CO2Rmqa69PvnpwEQAw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 12:07:10 GMT
content-type: image/x-icon
content-length: 1406
last-modified: Tue, 16 Apr 2024 10:34:23 GMT
etag: "661e542f-57e"
server: nginx
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9 | 34.149.61.18 | 200 OK | 32 kB |
URL User Request GET HTTP/2www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9 IP34.149.61.18:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerLet's Encrypt Subject*.prod-gcp.apollo.io Fingerprint6E:FB:FB:5C:06:6F:11:C3:F2:AB:29:7D:52:2B:4E:A5:D0:8D:0A:07 ValidityWed, 28 Feb 2024 04:20:31 GMT - Tue, 28 May 2024 04:20:30 GMT
File typeJavaScript source, ASCII text, with very long lines (31013) Hash5fc788ef597ee034c74c6db56bf09b8c 8c5da934e70b359db845646f8845262430f9b531 64fb76ff715607d085e1f3f5e0c0f3f644e2a44f55a2582954824f6a97c5846a
GET /u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9 HTTP/1.1
Host: www.aptracking1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Origin
status: 200 OK
x-transaction-id: def47983a71dca6a0e1ec82e200f99fa
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=3600
etag: W/"64fb76ff715607d085e1f3f5e0c0f3f6"
x-frame-options: ALLOWALL
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn *.salesforce.com *.lightning.force.com
date: Tue, 16 Apr 2024 12:07:09 GMT
set-cookie: X-CSRF-TOKEN=U8ZF2g5ZVmdkljlYHJd6_mIArBsFZFgIgB4UiB52woTwy6SsQItGIckLH58JtzP7pHgTU6lpICOmgAkYMw5srQ; path=/; secure; SameSite=Lax
_leadgenie_session=nUHRFZplpk7EcfnxDs5e18i91n%2FXHWajHH5KyzUhtRvYbWwlFoR6iOjp3NJmY4FQZra1LrKbHp3sHI%2F9epOKAGvS%2FPVPAjOpLoeEOdkyo5PTFWK5uiQsThBgPOTC40UESXT%2BGmadWHr5gyz67UVE7Y0Pz4%2F9xy1eeHNjXpTSNY0129bOtefuq6vHbSphT2rFf%2BsaethwRabniDuCcMjR7xkUGNgxTqFy9WmqKyVtVBHo4az1U1XK6wAC5n0nYGMpkbGYDiAmNXTvHAVt%2BWGqnqK%2BMUFCw138md0%3D--Tr0QiTJgYUQIqQ2j--VEikip1PX4%2FiLpPfuOCJQw%3D%3D; path=/; secure; HttpOnly; SameSite=None
GCLB=CO2Rmqa69PvnpwEQAw; path=/; HttpOnly; expires=Tue, 16-Apr-2024 12:17:09 GMT
server: nginx
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|