| secure.rdir-shield.com/91f058c8-e1bd-403d-9d30-21accce15920/2?ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type={zone_type}&cost=0.000000&visitor_id=806949653445619712 | 3.69.182.131 | 302 Found | 0 B |
URL User Request GET HTTP/2secure.rdir-shield.com/91f058c8-e1bd-403d-9d30-21accce15920/2?ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type={zone_type}&cost=0.000000&visitor_id=806949653445619712 IP3.69.182.131:443
CertificateIssuerLet's Encrypt Subjectsecure.rdir-shield.com FingerprintCB:D9:B4:62:95:03:84:F5:DD:42:39:77:97:AF:A0:14:84:7C:8C:CF ValidityTue, 16 Apr 2024 05:50:52 GMT - Mon, 15 Jul 2024 05:50:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /91f058c8-e1bd-403d-9d30-21accce15920/2?ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type={zone_type}&cost=0.000000&visitor_id=806949653445619712 HTTP/1.1
Host: secure.rdir-shield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 24 Apr 2024 10:42:32 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712
pragma: no-cache
set-cookie: 91f058c8-e1bd-403d-9d30-21accce15920-v4=5H88nVtLEZlSY1sG6OC1e_n-d4alfLB_P4qLmkLGC88; Max-Age=86400; Expires=Thu, 25-Apr-2024 10:42:32 GMT; Domain=secure.rdir-shield.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=ut6BZICT55waFpgAHockeQki2H57A2KnFVnfu_WUGjEuJrhRbZNCavo3gs_UtaoCYWYCxHrxRW5v7vGQClTMos2AlYhXHQi_zD1oFfPjfOdfQhBNbgRjjtS0azf_2jjc0lxym42yJrFDGQ-JM4WtsECtRqZ03qDaeSZE0liiceIbYy5xSxy_oX8QnaGeB4ei7eGWujQTLHQomcW9X6_vdRVlBf9sPvzg6qVitKC8lmifnehZVX0PN7dMyxfatpbFGHlpP7ioSChb7NswALiu61htOTUt9eDg8-UqsQijDEQlSiHX66osM_7NSCEc1M2C1PfoWcgUZvKr8r8htrUdFeuRAZoRdhlx73Cm7F6hemDF8OfnhziOx2cHJel85zY2T4_96aN2A_CEHPonEUbqwZhsISDNpRbEbxSfQ_MCd4q2rj4BBdRazJg9FA0WYaYUHnNCB025j97PktG7lTR2pU1EFGUdWRYYQZEWiYfzWQdRcOOao08axuOj2WXnLiFo-Cj2WSFYOvZvheDgDdUq9bHxSiWE27-Pd1d3MGeVlVo; Max-Age=86400; Expires=Thu, 25-Apr-2024 10:42:32 GMT; Domain=secure.rdir-shield.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/loading2.gif | 54.230.111.67 | 200 OK | 37 kB |
URL GET HTTP/2great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/loading2.gif IP54.230.111.67:443
Requested byhttps://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 CertificateIssuerAmazon Subjectmobicube.net Fingerprint8D:42:49:AB:16:94:C2:7B:7C:83:6D:64:3D:61:16:19:1F:0D:9D:25 ValidityWed, 20 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT
File typeGIF image data, version 89a, 70 x 70 Hashc26c3f849a5b578ed5494ade3dfb6837 add1f2224f425c034f040973e83edd798f0727a9 3dfebea695e74f95113339686c6167ecd8e05afb20d69e3fd74d2acc8689e39b
GET /2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/loading2.gif HTTP/1.1
Host: great-mob.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 37009
server: nginx
last-modified: Sat, 12 Mar 2016 19:28:38 GMT
accept-ranges: bytes
date: Wed, 24 Apr 2024 10:42:33 GMT
etag: "56e46de6-9091"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _lvNW8jCAhp02_1MFPDH2vaTMQkRohXGO6XEgkKAsiNpXdEWsykx7g==
age: 14635
X-Firefox-Spdy: h2
|
|
| great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/detect_device.js | 54.230.111.67 | 200 OK | 780 B |
URL GET HTTP/2great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/detect_device.js IP54.230.111.67:443
Requested byhttps://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 CertificateIssuerAmazon Subjectmobicube.net Fingerprint8D:42:49:AB:16:94:C2:7B:7C:83:6D:64:3D:61:16:19:1F:0D:9D:25 ValidityWed, 20 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hash53b7e9032a1668119ddf88bdd3821b2d a46fb1425bcfc023d8c3d19a64c1a4dcdba3066d ba9438b69a8a2a5438013555c4ff6ec05bea26cbc90eaab5f75c3b22d01ef035
GET /2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/detect_device.js HTTP/1.1
Host: great-mob.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 780
server: nginx
last-modified: Mon, 16 May 2022 19:48:24 GMT
accept-ranges: bytes
date: Wed, 24 Apr 2024 10:42:33 GMT
etag: "6282aa88-30c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -6eve4oOLUkgz2ObN2F8ZD3fZzihYQT369ZtcMzEfqdJRIYvQVo0cA==
age: 16915
X-Firefox-Spdy: h2
|
|
| great-mob.net/sw-check-permissions-4e1e4.js?var=91f058c8-e1bd-403d-9d30-21accce15920&ymid=wbljup5tfubaqiq03qfg0sbl&zoneId=5101589 | 54.230.111.67 | 200 OK | 566 B |
URL GET HTTP/2great-mob.net/sw-check-permissions-4e1e4.js?var=91f058c8-e1bd-403d-9d30-21accce15920&ymid=wbljup5tfubaqiq03qfg0sbl&zoneId=5101589 IP54.230.111.67:443
Requested byhttps://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 CertificateIssuerAmazon Subjectmobicube.net Fingerprint8D:42:49:AB:16:94:C2:7B:7C:83:6D:64:3D:61:16:19:1F:0D:9D:25 ValidityWed, 20 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT
Hash4926ad62fc01ecfbe8225653b1202737 bf4b858281bc7a6d5c73a37b1b27434e94b4c1b4 cdaee50cc9d7ae2fad4d3b4fce6e3e2590ace2be29110373f550ce11f8ab98bd
GET /sw-check-permissions-4e1e4.js?var=91f058c8-e1bd-403d-9d30-21accce15920&ymid=wbljup5tfubaqiq03qfg0sbl&zoneId=5101589 HTTP/1.1
Host: great-mob.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 566
server: nginx
last-modified: Sat, 04 Mar 2023 03:34:54 GMT
accept-ranges: bytes
date: Tue, 23 Apr 2024 12:19:34 GMT
etag: "6402bc5e-236"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ym4kUKRTJHMM_QEVtAEjVaI7Q6pywEDzV1qDalmhxfEtwwA9SVUroQ==
age: 80579
X-Firefox-Spdy: h2
|
|
| deefauph.com/zone?&pub=0&zone_id=5101589&is_mobile=false&domain=great-mob.net&var=91f058c8-e1bd-403d-9d30-21accce15920&ymid=wbljup5tfubaqiq03qfg0sbl&var_3=&var_4=&dsig=&tg=1&sw=3.1.502&trace_id=8c71a73f-f5a3-429d-9b5d-865131d2d4a7&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2deefauph.com/zone?&pub=0&zone_id=5101589&is_mobile=false&domain=great-mob.net&var=91f058c8-e1bd-403d-9d30-21accce15920&ymid=wbljup5tfubaqiq03qfg0sbl&var_3=&var_4=&dsig=&tg=1&sw=3.1.502&trace_id=8c71a73f-f5a3-429d-9b5d-865131d2d4a7&action=prerequest IP139.45.197.251:443
Requested byhttps://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 CertificateIssuerLet's Encrypt Subjectdeefauph.com Fingerprint6A:7A:28:B7:1F:2B:41:6A:FA:59:AF:E0:EA:F6:7A:20:E7:9B:71:62 ValidityFri, 05 Apr 2024 05:12:44 GMT - Thu, 04 Jul 2024 05:12:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5101589&is_mobile=false&domain=great-mob.net&var=91f058c8-e1bd-403d-9d30-21accce15920&ymid=wbljup5tfubaqiq03qfg0sbl&var_3=&var_4=&dsig=&tg=1&sw=3.1.502&trace_id=8c71a73f-f5a3-429d-9b5d-865131d2d4a7&action=prerequest HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://great-mob.net
DNT: 1
Connection: keep-alive
Referer: https://great-mob.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:42:33 GMT
content-length: 0
x-trace-id: eb1802373743eb01c1705ac4dd9f2469
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://great-mob.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1322
Origin: https://great-mob.net
DNT: 1
Connection: keep-alive
Referer: https://great-mob.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:42:33 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 96c3be7e0acc313ac3378c81d85ee31d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://great-mob.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1324
Origin: https://great-mob.net
DNT: 1
Connection: keep-alive
Referer: https://great-mob.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:42:33 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a4a44d23ed9e6e8e32ac7badbc6ed40d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://great-mob.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1325
Origin: https://great-mob.net
DNT: 1
Connection: keep-alive
Referer: https://great-mob.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:42:33 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: fefaa6e2a25ab2faa9cad61aee72c7ba
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://great-mob.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://great-mob.net/
Origin: https://great-mob.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:42:33 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://great-mob.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash19b5fe1182f73ace49486c1c7b1b426e 7371f60d085fab3b9dac6987438f9550bf114e6e 369df3d4549c14cad8a6b7f4f95d37dc41ecc1ab9a197adec89d9356c2e10981
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://great-mob.net/
Content-Type: application/json
Content-Length: 2214
Origin: https://great-mob.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:42:33 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://great-mob.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/jquery-3.6.0.min.js | 54.230.111.67 | 200 OK | 40 kB |
URL GET HTTP/2great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/jquery-3.6.0.min.js IP54.230.111.67:443
Requested byhttps://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 CertificateIssuerAmazon Subjectmobicube.net Fingerprint8D:42:49:AB:16:94:C2:7B:7C:83:6D:64:3D:61:16:19:1F:0D:9D:25 ValidityWed, 20 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash6a23fde32351756d70144eec2ec27a4c 51ef9dc5018b270922a166069cb7bdeee350cf84 a2288f38d0e668ccc43f3dd67168b0830aac9ee3232510009eb65d01f1001578
GET /2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/jquery-3.6.0.min.js HTTP/1.1
Host: great-mob.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
last-modified: Thu, 06 Jan 2022 15:49:08 GMT
content-encoding: gzip
date: Wed, 24 Apr 2024 10:42:33 GMT
etag: W/"61d70f74-15d9d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mrW29_Mt31zcUU0oagPeVjEAfz31iQEpywZCTfWtqHqw4TXK8FFSqQ==
age: 19414
X-Firefox-Spdy: h2
|
|
| great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/js-2rs.js | 54.230.111.67 | 200 OK | 2.4 kB |
URL GET HTTP/2great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/js-2rs.js IP54.230.111.67:443
Requested byhttps://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 CertificateIssuerAmazon Subjectmobicube.net Fingerprint8D:42:49:AB:16:94:C2:7B:7C:83:6D:64:3D:61:16:19:1F:0D:9D:25 ValidityWed, 20 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2579), with no line terminators Hash50c42ef3e94a44a96543db88754297bf 146fd22acf660efe4356d4770af50727439848f4 2935b8d34721e641852afcc8355e0b13c0ce69452814e654e1f472d4020ad3bc
GET /2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/js-2rs.js HTTP/1.1
Host: great-mob.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
last-modified: Fri, 19 May 2023 02:04:54 GMT
content-encoding: gzip
date: Wed, 24 Apr 2024 10:42:33 GMT
etag: W/"6466d946-94d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zdlXV-E80VL_GqPbM35Sg8lShe7weNV_fK44tKLsImHAgSNf94l3_w==
age: 33575
X-Firefox-Spdy: h2
|
|
| great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 | 54.230.111.67 | 200 OK | 26 kB |
URL User Request GET HTTP/2great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 IP54.230.111.67:443
CertificateIssuerAmazon Subjectmobicube.net Fingerprint8D:42:49:AB:16:94:C2:7B:7C:83:6D:64:3D:61:16:19:1F:0D:9D:25 ValidityWed, 20 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (13224) Hash17317e7c750997a3b8a131e74930ce38 7b31537bf495acf99bb4067a90139e5e9674b6a7 592f593ab70b252ffffbb6ebe9411a888cb398966317bc3fbf368e7285207ac0
GET /2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 HTTP/1.1
Host: great-mob.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
last-modified: Sat, 11 Mar 2023 19:16:10 GMT
content-encoding: gzip
date: Wed, 24 Apr 2024 10:42:32 GMT
etag: W/"640cd37a-66e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -krg9Tp_GOnBlrLaI5mz9bME4_DCvcsBesc-hU2rDf93_xZaLa8uUA==
age: 31654
X-Firefox-Spdy: h2
|
|
| deefauph.com/pfe/current/micro.tag.min.js?z=5101589&ymid=wbljup5tfubaqiq03qfg0sbl&var=91f058c8-e1bd-403d-9d30-21accce15920&sw=/sw-check-permissions-4e1e4.js | 139.45.197.251 | 200 OK | 37 kB |
URL GET HTTP/2deefauph.com/pfe/current/micro.tag.min.js?z=5101589&ymid=wbljup5tfubaqiq03qfg0sbl&var=91f058c8-e1bd-403d-9d30-21accce15920&sw=/sw-check-permissions-4e1e4.js IP139.45.197.251:443
Requested byhttps://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 CertificateIssuerLet's Encrypt Subjectdeefauph.com Fingerprint6A:7A:28:B7:1F:2B:41:6A:FA:59:AF:E0:EA:F6:7A:20:E7:9B:71:62 ValidityFri, 05 Apr 2024 05:12:44 GMT - Thu, 04 Jul 2024 05:12:43 GMT
File typeJavaScript source, ASCII text, with very long lines (36570), with no line terminators Hash9c707551764e528035154fcfc935d4da 8687a3418b6f0ded1dd3559be0c7ff8f6ed11e58 41f14ec09c4d467a2ff3351d0a9ff57dbbe0011995fd37afa97b3cbb5e40b0c2
GET /pfe/current/micro.tag.min.js?z=5101589&ymid=wbljup5tfubaqiq03qfg0sbl&var=91f058c8-e1bd-403d-9d30-21accce15920&sw=/sw-check-permissions-4e1e4.js HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://great-mob.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:42:33 GMT
content-type: application/javascript
last-modified: Wed, 24 Apr 2024 08:28:56 GMT
etag: W/"6628c2c8-8eda"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/mobile-detect.min.js | 54.230.111.67 | 200 OK | 37 kB |
URL GET HTTP/2great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/mobile-detect.min.js IP54.230.111.67:443
Requested byhttps://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712 CertificateIssuerAmazon Subjectmobicube.net Fingerprint8D:42:49:AB:16:94:C2:7B:7C:83:6D:64:3D:61:16:19:1F:0D:9D:25 ValidityWed, 20 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32053) Hash13d67ff5bf1413a7085e9673c1bb3f6f e9cb51ce68eb23e5c198e0d5c019df53b6f09283 773e5bbc4fb9297bc224eb406ea65168fe8d36586ff15b997e373943bbf0e643
GET /2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/mobile-detect.min.js HTTP/1.1
Host: great-mob.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://great-mob.net/2sp/mob/ng/gg8553sweep/ctr-btn-p-ng-mc-2sp/?campaign_name=NG%20PPR%20R%20BL-m%20AIRTEL%20dm%20a1&lander_name=Gg%20ng%2Fgg8553sweep%2Fctr-btn-p-ng-mc-2sp%2F&domain=secure.rdir-shield.com&clickid=wbljup5tfubaqiq03qfg0sbl&source=91f058c8-e1bd-403d-9d30-21accce15920&cep=W3z9WYSXRoGlVbCi1dqBlBGQDbRlWd8ZEYu1yvog3s9JvOHzhe6k_-H8Nzwycy4UHDUWgmEHUnmu9GvRzKJHWjs5D6i1kOD8_zfcBSme4sR9FfRc5st-j5mOiGVasB3iPKiQ5Cncw8zTUDFujfN8x4DIturDs6lF2RnmXo6CRHmws1lVteqJNTo-xGAHSGPbMJnrVbue7luIJ5RLsBFXRMVv495Umdg8wvQiGDpu98Jdj6qrwa7J_vk4hayYQse1SPBHo0qyDX_pIlv69I4WQJ_4CjB5R8ceente24VhPqggkSpMeomUIkSIs1maW3j67A8blFk3hzWLv0ep3IycpDxlRlgmulx3I1B9gmMCSU0i9EafDcWkSE0Od-4J0ajQuiyGJGdGtAOhOiFaZ7plMiiM0hZLjtBciOamK28dJoU9TZyZ0bbX9NWacIA3m19YXDyAyM2TnzDnYjovYZzgmflpnmwnGNyapb-Lvzy_xz7Dd2d6z_oa066weACcDHcrvVC2Ctw5RjOkPxYHLCyuRaUu56NeiK24Ldjy4tYrn9o&lptoken=17c5130295f071be5245&ZoneID=6136994&subzone_id=3189326&bannerid=20853573&user_activity=medium&zone_type=%7Bzone_type%7D&cost=0.000000&visitor_id=806949653445619712
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
last-modified: Thu, 03 Mar 2016 18:48:54 GMT
content-encoding: br
date: Wed, 24 Apr 2024 10:42:33 GMT
etag: W/"56d88716-8ed9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -U2aPbs2_Kui0EV3-BQYBpOPLGKsVfuFDO_FNYOCmqINo5JLjNOToQ==
age: 33575
X-Firefox-Spdy: h2
|
|