Report - tds.findlocalgirls.online/f7e0488c-1558-4c2d-b221-76eb065b2e1e?placement=ban1s&banner={%25utm_source|url|%25}&clickid={clickid}&campaignid=Kg9b5A

Report Overview

Visited public
2023-11-01 19:40:48
Tags
URL
tds.findlocalgirls.online/f7e0488c-1558-4c2d-b221-76eb065b2e1e?placement=ban1s&banner={%25utm_source|url|%25}&clickid={clickid}&campaignid=Kg9b5A
Finishing URL
deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
IP / ASN
18.193.235.10
#16509 AMAZON-02
Title
Deiligenaboer.com

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
clkemist.com	unknown	2023-08-31	2023-09-05 11:54:13	2023-11-01 12:37:37	591 B	1.4 kB	188.114.97.1
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-11-01 05:09:12	694 B	1.4 kB	142.250.74.99
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-09-20 20:05:47	2.2 kB	123 kB	142.250.74.132
a.medfoodsafety.com	unknown	2021-05-03	2022-09-08 22:27:23	2023-11-01 10:29:39	525 B	23 kB	172.64.171.12
www.deiligenaboer.com	unknown	2023-04-19	2023-05-04 11:47:24	2023-10-31 11:32:25	1.4 kB	29 kB	34.117.126.88
samlesamtykke.com	unknown	2018-05-22	2018-05-31 11:13:35	2023-10-31 18:03:22	963 B	19 kB	35.195.163.35
tds.findlocalgirls.online	unknown	2019-02-25	2019-07-29 11:33:05	2023-11-01 10:38:38	601 B	911 B	18.193.235.10
mxg.maxigamma.com	909292	2020-12-04	2020-12-04 14:36:32	2023-11-01 05:10:19	743 B	875 B	18.184.182.95
iwanttobealonenow.com	unknown	2021-11-03	2022-01-25 14:30:55	2023-10-30 08:40:42	569 B	849 B	3.33.186.253
deiligenaboer.com	unknown	2023-04-19	2023-05-04 11:47:24	2023-10-31 11:32:44	9.3 kB	2.0 MB	34.117.126.88
chmstrclck.com	unknown	2022-04-05	2022-04-28 16:16:32	2023-11-01 10:38:51	565 B	23 kB	188.114.97.1
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-11-01 12:39:23	2.9 kB	819 kB	142.250.74.35
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-01 13:01:04	881 B	153 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-01 11:43:11	1.0 kB	33 kB	142.250.74.131
api.samlesamtykke.com	unknown	2018-05-22	2018-05-31 11:13:36	2023-10-31 18:03:25	3.7 kB	7.9 kB	35.195.163.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-01	medium	clkemist.com	Sinkholed
2023-11-01	medium	chmstrclck.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (22)

	URL	From	Size	First Seen	Last Seen
	deiligenaboer.com/landers/media-registry.js	ScriptElement	120 kB	2023-10-24	2023-11-05
Pretty URL deiligenaboer.com/landers/media-registry.js IP 34.117.126.88 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 10:44 Last Seen2023-11-05 13:19 Times Seen55 Hash 6d3bdfb680ae2bb8857aef82b463379e 0e8311f19f1ebfe31abc3b89c867e4a6dc7af0c9 d1c61bde82e9224b31e3c743e0a5e650249284c034817554ffaec5447c6c93b2 Loading...

	www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js	ScriptElement	473 kB	2023-10-18	2024-08-22
Pretty URL www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-18 16:21 Last Seen2024-08-22 11:17 Times Seen8871 Hash 4efc45f285352a5b252b651160e1ced9 c7ba19e7058ec22c8d0f7283ab6b722bb7a135d7 253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9kZWlsaWdlbmFib2VyLmNvbTo0NDM.&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uqmpyq13rfob	ScriptElement	75 B	2023-03-07	2025-05-11
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9kZWlsaWdlbmFib2VyLmNvbTo0NDM.&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uqmpyq13rfob IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-05-11 11:04 Times Seen14265 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9kZWlsaWdlbmFib2VyLmNvbTo0NDM.&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uqmpyq13rfob	ScriptElement	52 kB	2024-08-20	2024-08-20
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9kZWlsaWdlbmFib2VyLmNvbTo0NDM.&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uqmpyq13rfob IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 21:28 Last Seen2024-08-20 21:28 Times Seen1 Hash fb1c25b952e40dfc2a96d10bc193e85f 5ea8be1e849107010b342c077b51cb5b5a9912f7 3011d77438f383c4bb062f803f9c409f16438e6dc2490d9f2ed4f9b3a0bb2cc8 Loading...

	www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c	ScriptElement	250 kB	2023-11-01	2023-11-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 20:40 Last Seen2023-11-01 20:40 Times Seen1 Hash d361dbe7f54b54019f1af0aed0b91f26 c00ce1eca032dc19a2d9e9f096259f39259e82c4 50df77dd7a94aac483acf8a6ad5cf85829aab2b29a879e9000b53e39cacff403 Loading...

	deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906	ScriptElement	147 B	2023-03-07	2025-04-11
Pretty URL deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906 IP 34.117.126.88 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09 Last Seen2025-04-11 13:51 Times Seen943 Hash b85aa80cb826211a36318337793411db e34920a6965fb7b9102be2dcde8ae363e4355686 e4de3377c03566f32b347f14973f5e998466e585c9bbd27f7dc9099ecf77e7a2 Loading...

	deiligenaboer.com/landers/js/ad-provider.js	ScriptElement	1.0 kB	2023-08-07	2024-08-21
Pretty URL deiligenaboer.com/landers/js/ad-provider.js IP 34.117.126.88 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-07 11:55 Last Seen2024-08-21 09:41 Times Seen691 Hash acd920e8f5657057e8003b79905c5266 cd96548060dbbc3f715cb81c3810d893eedec260 38b34bce7e5ad8268f51a16a6633c17923130b2fac9eeb6ceaca6beb50990681 Loading...

	deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906	ScriptElement	5.9 kB	2023-10-30	2024-08-20
Pretty URL deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906 IP 34.117.126.88 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-30 22:46 Last Seen2024-08-20 21:44 Times Seen17 Hash 91f5e548e1d6acc573cd76e790852892 1a6a2f56e1c6d06f56203fd41a99885e4a6aa262 702848396cc5e887d324699bc108a60b7b7e3312b3f4f8ce7f19ea7f74975076 Loading...

	www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s	ScriptElement	974 B	2023-10-20	2024-08-21
Pretty URL www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-20 23:56 Last Seen2024-08-21 04:00 Times Seen65 Hash b87b49cf8e40e8c6bd0e5626f611dcce 0799e0d62529a017935bcbf7e1f0cf79c64cb014 0bf8f1c545f7eb86c99f3854dae21bcef71f77376b2d90cd3109de64fb5f875b Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB	ScriptElement	184 kB	2023-11-01	2023-11-01
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 20:40 Last Seen2023-11-01 20:40 Times Seen1 Hash 032c8a15692cf04850d02c44c8116555 605629dcc5bd9920c997a331ee1f0e7833581df8 786c8487bc9fe43ddafd082ce3ef53128e6b779702ccb2ebaf69d80d81cf08a9 Loading...

	www.google.com/recaptcha/enterprise.js	ScriptElement	940 B	2023-10-20	2024-08-21
Pretty URL www.google.com/recaptcha/enterprise.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-20 22:20 Last Seen2024-08-21 04:01 Times Seen79 Hash e0cbdbb29cae526a9517316a4ba6f6d4 a93bdb7fc87528fcb3e533053cc2948478c987de 8370cc6a8e01ada022503e0371936fec280ef5ae7a0a32fadc7feb2b95d592be Loading...

	deiligenaboer.com/landers/js/vendor.js	ScriptElement	124 kB	2023-08-15	2024-08-21
Pretty URL deiligenaboer.com/landers/js/vendor.js IP 34.117.126.88 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-15 05:51 Last Seen2024-08-21 08:42 Times Seen454 Hash 46f5c7dc66b222fd8bd191cfd3e97e72 6a3c9d5666d747fb5e554e9277717b95a61322b8 48048f47ff85cb91cb0779df1ed2f59a64041bc0f6b40bcd1e56184909c7a0a0 Loading...

	samlesamtykke.com/cc.js?wId=1ZsmPYCLtU0ecstdnabWhm&domain=deiligenaboer.com&languageCode=nb&languageTerritory=NO&sessionId=ccfe684d3e264519b62a28d1ae002036	ScriptElement	121 kB	2023-11-01	2023-11-01
Pretty URL samlesamtykke.com/cc.js?wId=1ZsmPYCLtU0ecstdnabWhm&domain=deiligenaboer.com&languageCode=nb&languageTerritory=NO&sessionId=ccfe684d3e264519b62a28d1ae002036 IP 35.195.163.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 20:40 Last Seen2023-11-01 20:40 Times Seen1 Hash 5cd7fc7a4793cb871b843457044bcaea a4285b20281da19d87fb0c9e0859842fd5b3261f 11559b223e8d319c2363846bd7bbb08bdee01a8d61c55e04b2f98fa663975ccb Loading...

	deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906	ScriptElement	103 B	2023-03-07	2025-05-07
Pretty URL deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906 IP 34.117.126.88 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09 Last Seen2025-05-07 13:29 Times Seen534 Hash b375c74456053411ec5414e21ecf870f 00a6b32dd64dbf1470f439ce9fa89c712500eebc a200a9bc6b415237c4571f14eb0eaa8f0f0fcfcd7eeafa8860441a805e4a144f Loading...

	deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906	ScriptElement	774 B	2023-03-08	2024-08-21
Pretty URL deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906 IP 34.117.126.88 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 11:49 Last Seen2024-08-21 08:57 Times Seen199 Hash 491ba8150680d16cd7fe169a073926c2 125d36808b1b581581ed0f7a22ec10afc1e52ec7 a2b2a0cfdef8b030906379f17525d82a952caba189171401a276e436b0f83842 Loading...

	deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906	ScriptElement	308 B	2023-03-07	2025-05-07
Pretty URL deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906 IP 34.117.126.88 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09 Last Seen2025-05-07 13:29 Times Seen898 Hash 8a81377a647bdea836809865c62d171b dd72dda89aacfe74746d2c73421ea55a23ab313d 9c7aa944eeb31b5765d0c1674cdc445dff6dd572a6fe897f6d5137ce181d44a9 Loading...

	deiligenaboer.com/landers/js/landing110.js	ScriptElement	77 kB	2023-10-23	2024-08-21
Pretty URL deiligenaboer.com/landers/js/landing110.js IP 34.117.126.88 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-23 17:23 Last Seen2024-08-21 03:43 Times Seen46 Hash 05c94e65f317060d081791d1403bf76d 652cf75e9b9db8ac4639f3983f7da1d093f4d31d 7324b1c147116af63cb43cbbbf63d8f0537e63f53c5903147affb10e9cc6ca6e Loading...

		Size	First Seen	Last Seen
	#1 Eval - 7d9069fc9c44a3dd56d9f63aaa7e2ee3	16 kB	2023-10-24 09:06	2024-08-21 03:38
Pretty Observations First Seen2023-10-24 09:06 Last Seen2024-08-21 03:38 Times Seen2317 Hash 7d9069fc9c44a3dd56d9f63aaa7e2ee3 904d53356b92d2a9e0a9f063b491e00564480187 ab6089b370268523ebdae4c4c3b12db7d90120198cbbe727923e306a45fc8e1c Loading...

	#2 Eval - bba05dc5a215e4bcf7a6916de30aac62	22 B	2023-10-24 09:06	2024-08-21 03:38
Pretty Observations First Seen2023-10-24 09:06 Last Seen2024-08-21 03:38 Times Seen2314 Hash bba05dc5a215e4bcf7a6916de30aac62 8848fe7027ca9bd8f2796b39fdecf359613e9b7f 79fc53613f455024f0087c1c4c3061bd26d9e684a9ddcb4e1b03500d2fbc474c Loading...

	#3 Eval - dfef1f0349bee34328a4970a9616eb32	18 kB	2024-08-20 21:28	2024-08-20 21:28
Pretty Observations First Seen2024-08-20 21:28 Last Seen2024-08-20 21:28 Times Seen1 Hash dfef1f0349bee34328a4970a9616eb32 1d0fa6f17d721f8a656b9630b25386f620af273f e8f74e2613b91db3cd419d5f566e28da663b4738cea3d2d6412a9de2acbf59bc Loading...

	#4 Eval - 25f01f1b8da5f578654460ccdc4350de	64 B	2023-10-24 09:06	2024-08-21 03:38
Pretty Observations First Seen2023-10-24 09:06 Last Seen2024-08-21 03:38 Times Seen2314 Hash 25f01f1b8da5f578654460ccdc4350de 9008c0f6cc2806a8c763cbdb2ae3ea10eabad835 8d7328fdd3971326616ee4f2f563f8f4fefc71860dfb13ca55012914ed72e80e Loading...

	#5 Eval - 4cd33eef55fc7eb9bc7fc3e63e440f91	22 B	2023-10-24 09:06	2024-08-21 03:38
Pretty Observations First Seen2023-10-24 09:06 Last Seen2024-08-21 03:38 Times Seen2315 Hash 4cd33eef55fc7eb9bc7fc3e63e440f91 43376f586b280081bd4b0a1934fa7a565403a851 5a68442a1c3b6c1b04368e3627d0958ef928ee6ab99d25d81cd56f7ac7976330 Loading...

HTTP Transactions (51)

URL IP Response Size

tds.findlocalgirls.online/f7e0488c-1558-4c2d-b221-76eb065b2e1e?placement=ban1s&banner={%25utm_source|url|%25}&clickid={clickid}&campaignid=Kg9b5A

18.193.235.10

302 Found

0 B

URL User Request GET HTTP/2
tds.findlocalgirls.online/f7e0488c-1558-4c2d-b221-76eb065b2e1e?placement=ban1s&banner={%25utm_source|url|%25}&clickid={clickid}&campaignid=Kg9b5A
IP
18.193.235.10:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjecttds.findlocalgirls.online
FingerprintF0:CD:6E:92:27:CB:25:AF:1E:F2:41:EA:75:37:B3:C6:E6:DB:D1:4D
ValidityTue, 12 Sep 2023 05:52:21 GMT - Mon, 11 Dec 2023 05:52:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f7e0488c-1558-4c2d-b221-76eb065b2e1e?placement=ban1s&banner={%25utm_source|url|%25}&clickid={clickid}&campaignid=Kg9b5A HTTP/1.1
Host: tds.findlocalgirls.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Wed, 01 Nov 2023 19:40:28 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://clkemist.com/v1/redirect/9737?clickid=wgc8rml644rmhjnsiivbspg8&utm_camp=ban1s&utm_land=%7B%25utm_source%7Curl%7C%25%7D&utm_content=mb01
pragma: no-cache
set-cookie: f7e0488c-1558-4c2d-b221-76eb065b2e1e-v4=Rku9bBdVDmPCnYV6FGtHwwKQ3YCEDxyBsCsQJk_t9mY; Max-Age=86400; Expires=Thu, 02-Nov-2023 19:40:28 GMT; Domain=tds.findlocalgirls.online; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=UgZmn%2BNAp9bbzvJoYVJVyQdQZASi25LeIIX55QDIaEI5xXh5lkpIEsLMxEJjkemiPt8FMvGSQr9%2FzlvFlQMX5MeL%2BnWvQZxReXW3nThZFfq5IAdAQC8B2TeCsD1lfBJo7mGrUQEI7omHOgBIEf%2BQTw%3D%3D; Max-Age=31536000; Expires=Thu, 31-Oct-2024 19:40:28 GMT; Domain=tds.findlocalgirls.online; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

clkemist.com/v1/redirect/9737?clickid=wgc8rml644rmhjnsiivbspg8&utm_camp=ban1s&utm_land=%7B%25utm_source%7Curl%7C%25%7D&utm_content=mb01

188.114.97.1

301 Moved Permanently

540 B

URL User Request GET HTTP/2
clkemist.com/v1/redirect/9737?clickid=wgc8rml644rmhjnsiivbspg8&utm_camp=ban1s&utm_land=%7B%25utm_source%7Curl%7C%25%7D&utm_content=mb01
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectclkemist.com
FingerprintCF:76:41:9A:62:53:93:EC:28:A5:58:A9:A3:44:5D:12:31:34:4A:67
ValidityTue, 05 Sep 2023 08:52:40 GMT - Mon, 04 Dec 2023 08:52:39 GMT

File type
HTML document, ASCII text, with very long lines (540), with no line terminators
Size
540 B (540 bytes)
Hash
9c1c5290bef10e95c0f760b02f2e93d8
36df2264075fe29a92994dc40ff7c77c8983a869
64e51d636bdf3c217ca49b86b28a3602de40daa125d45af365e3cd585234b4b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /v1/redirect/9737?clickid=wgc8rml644rmhjnsiivbspg8&utm_camp=ban1s&utm_land=%7B%25utm_source%7Curl%7C%25%7D&utm_content=mb01 HTTP/1.1
Host: clkemist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Wed, 01 Nov 2023 19:40:28 GMT
content-type: text/html; charset=utf-8
location: https://chmstrclck.com/v1/redirect/9738?utm_campaign=ban1s&utm_medium=%7B%25utm_source%7Curl%7C%25%7D&utm_term=mb01
x-powered-by: lb-ads-display/3.1.0
x-environment: prod
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Accept
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2RPRuIF%2FDZ7FAHxLMEUm%2BSgtbkokzskEdNzDVlRhH2nXhyTschw1%2FcOlo2XOpyKs4Lq4Rm6YoYN3HlGhPGJ%2B29Lo7JYV4BQ9zJOh7pAWlE9yF7hptzYJ3su3UERsGw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f69c14eab7b50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mxg.maxigamma.com/4bd1e769-2bf7-41fe-abcf-928ae633f53e?adzone=4793702&site=4780719&campaign=213040&s1=2906&banner=3833076&keywords=&Epom={Epom}&country=NO&a=902&flow_id={flow_id}&atrack=432bde4bXba6cXdi0bXhc11Xgfe6ef2chh63JafihhfgfbhJbac0d0Jchcc0gfJdgh0gaiJdgicg0bJeghJiiihJbJiiiiJb0bJbe

18.184.182.95

302 Found

0 B

URL User Request GET HTTP/2
mxg.maxigamma.com/4bd1e769-2bf7-41fe-abcf-928ae633f53e?adzone=4793702&site=4780719&campaign=213040&s1=2906&banner=3833076&keywords=&Epom={Epom}&country=NO&a=902&flow_id={flow_id}&atrack=432bde4bXba6cXdi0bXhc11Xgfe6ef2chh63JafihhfgfbhJbac0d0Jchcc0gfJdgh0gaiJdgicg0bJeghJiiihJbJiiiiJb0bJbe
IP
18.184.182.95:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectmxg.maxigamma.com
Fingerprint2D:4F:86:F0:BB:53:FE:D2:43:60:5E:3D:8E:F0:50:40:CA:2C:8E:3B
ValidityTue, 12 Sep 2023 06:11:29 GMT - Mon, 11 Dec 2023 06:11:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /4bd1e769-2bf7-41fe-abcf-928ae633f53e?adzone=4793702&site=4780719&campaign=213040&s1=2906&banner=3833076&keywords=&Epom={Epom}&country=NO&a=902&flow_id={flow_id}&atrack=432bde4bXba6cXdi0bXhc11Xgfe6ef2chh63JafihhfgfbhJbac0d0Jchcc0gfJdgh0gaiJdgicg0bJeghJiiihJbJiiiiJb0bJbe HTTP/1.1
Host: mxg.maxigamma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Wed, 01 Nov 2023 19:40:29 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://iwanttobealonenow.com/?a=902&c=109432&s2=wqum47t8q8i0bjnsi5phbo7c&s3=2906&s1=2906&s4=VLS-wqum47t8q8i0bjnsi5phbo7c
pragma: no-cache
set-cookie: 4bd1e769-2bf7-41fe-abcf-928ae633f53e-v4=HscXdC4ro1SI8e7D5ff4WM4UeSy3NTa8VfdkgLELFcs; Max-Age=86400; Expires=Thu, 02-Nov-2023 19:40:29 GMT; Domain=mxg.maxigamma.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=dHXejgqSwzrlRJUIIjUdcgUHoZUkwROEgg3O9hW4hb9o8sxJy0fd2hAk%2BUPpTplNFo98HPhIA7LeV%2ByPjCJgJSeoH4VD7F1C5pVoOsjW4%2FfvOVgNIU5Cdv9FQeKYHpxIbDm%2F5KaGvzFu0%2FhKN62Lxw%3D%3D; Max-Age=31536000; Expires=Thu, 31-Oct-2024 19:40:29 GMT; Domain=mxg.maxigamma.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

iwanttobealonenow.com/?a=902&c=109432&s2=wqum47t8q8i0bjnsi5phbo7c&s3=2906&s1=2906&s4=VLS-wqum47t8q8i0bjnsi5phbo7c

3.33.186.253

302 Found

0 B

URL User Request GET HTTP/2
iwanttobealonenow.com/?a=902&c=109432&s2=wqum47t8q8i0bjnsi5phbo7c&s3=2906&s1=2906&s4=VLS-wqum47t8q8i0bjnsi5phbo7c
IP
3.33.186.253:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectiwanttobealonenow.com
Fingerprint29:86:9D:A6:99:19:BE:CD:1F:FE:92:BB:57:B6:96:03:4B:B0:F4:98
ValiditySun, 06 Aug 2023 00:00:00 GMT - Wed, 04 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?a=902&c=109432&s2=wqum47t8q8i0bjnsi5phbo7c&s3=2906&s1=2906&s4=VLS-wqum47t8q8i0bjnsi5phbo7c HTTP/1.1
Host: iwanttobealonenow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 01 Nov 2023 19:40:29 GMT
content-length: 0
location: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
server: nginx/1.18.0
set-cookie: pt30=a7322bc877a542ab83b0fe64efe2df14; Max-Age=2592000; Expires=Fri, 01-Dec-2023 19:40:28 GMT; Domain=iwanttobealonenow.com; Path=/; Secure; HttpOnly; SameSite=None
ptc=a7322bc877a542ab83b0fe64efe2df14; Max-Age=157680000; Expires=Mon, 30-Oct-2028 19:40:28 GMT; Domain=iwanttobealonenow.com; Path=/; Secure; HttpOnly; SameSite=None
ptbs=a7322bc877a542ab83b0fe64efe2df14; Domain=iwanttobealonenow.com; Path=/; Secure; HttpOnly; SameSite=None
ptr=pt5621dadc409c4fa194eb6d191c4a16a1; Max-Age=157680000; Expires=Mon, 30-Oct-2028 19:40:28 GMT; Domain=iwanttobealonenow.com; Path=/; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/zhe_9AQ0mUY

142.250.74.99

471 B

URL
ocsp.pki.goog/s/gts1d4/zhe_9AQ0mUY
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
197b5388546025b83078c35f2427c618
6d76eca59636cb35a93f707da1b8cbed707b6ec5
93d83508eefb208e39a4f0325f6222ebb4eadacdc01e4ccc378077c16b1aabd1

HTTP Headers

POST /s/gts1d4/zhe_9AQ0mUY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Nov 2023 19:40:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

deiligenaboer.com/landers/js/ad-provider.js

34.117.126.88

200 OK

512 B

URL GET HTTP/2
deiligenaboer.com/landers/js/ad-provider.js
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
ASCII text, with very long lines (979)
Size
512 B (512 bytes)
Hash
acd920e8f5657057e8003b79905c5266
cd96548060dbbc3f715cb81c3810d893eedec260
38b34bce7e5ad8268f51a16a6633c17923130b2fac9eeb6ceaca6beb50990681

HTTP Headers

GET /landers/js/ad-provider.js HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Nov 2023 14:16:15 GMT
server: nginx/1.14.2
content-type: application/javascript
last-modified: Tue, 31 Oct 2023 19:28:35 GMT
etag: "65415563-3fb-gzip"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 38791720 37646848
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-encoding: gzip
content-length: 512
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2

deiligenaboer.com/landers/images/loader/loading.gif

34.117.126.88

200 OK

2.9 kB

URL GET HTTP/2
deiligenaboer.com/landers/images/loader/loading.gif
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
GIF image data, version 89a, 128 x 15\012- data
Size
2.9 kB (2892 bytes)
Hash
62b08454087f1ef8b27bd2bcda330537
cac1914632f4c859f6176a84078f1017bad069f8
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6

HTTP Headers

GET /landers/images/loader/loading.gif HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Nov 2023 16:49:48 GMT
server: nginx/1.14.2
content-type: image/gif
content-length: 2892
last-modified: Tue, 31 Oct 2023 19:28:24 GMT
etag: "65415558-b4c"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 39273645 39026900
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2

deiligenaboer.com/landers/images/general/google-logo.svg

34.117.126.88

200 OK

688 B

URL GET HTTP/2
deiligenaboer.com/landers/images/general/google-logo.svg
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (688), with no line terminators
Size
688 B (688 bytes)
Hash
686f8efa6e3e28e96d1c08399e8d353d
4524589b0dceefb6ae6389f36634441df69152d5
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b

HTTP Headers

GET /landers/images/general/google-logo.svg HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:40:30 GMT
server: nginx/1.14.2
content-type: image/svg+xml
content-length: 688
last-modified: Tue, 31 Oct 2023 19:28:23 GMT
etag: "65415557-2b0"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 10375174
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/zhe_9AQ0mUY

142.250.74.99

471 B

URL
ocsp.pki.goog/s/gts1d4/zhe_9AQ0mUY
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
197b5388546025b83078c35f2427c618
6d76eca59636cb35a93f707da1b8cbed707b6ec5
93d83508eefb208e39a4f0325f6222ebb4eadacdc01e4ccc378077c16b1aabd1

HTTP Headers

POST /s/gts1d4/zhe_9AQ0mUY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Nov 2023 19:40:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.deiligenaboer.com/img/logo.png

34.117.126.88

200 OK

12 kB

URL GET HTTP/2
www.deiligenaboer.com/img/logo.png
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
PNG image data, 300 x 110, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12435 bytes)
Hash
7168cb2dbcfc367c2b45946617a76ff1
1c2033c172a3fe6fe9a78f4e3208876819d18aaa
ebb1ab6f05a7595d7e552e004681ac0c417c6824ebdc2ce4773928907db650b0

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: www.deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:40:30 GMT
server: Apache/2.4.57 (Ubuntu)
vary: X-Forwarded-Proto
last-modified: Wed, 01 Nov 2023 05:43:27 GMT
etag: "3093-60910c02328c4"
accept-ranges: bytes
content-length: 12435
x-ua-compatible: IE=edge,chrome=1
content-type: image/png
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.deiligenaboer.com/favicon/apple-touch-icon-180x180.png

34.117.126.88

404 Not Found

283 B

URL GET HTTP/3
www.deiligenaboer.com/favicon/apple-touch-icon-180x180.png
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
283 B (283 bytes)
Hash
a222628f142aeaa70d6a339582d38957
3151490bf730c9e6d70d7e3c6f5bf69286807663
b4a0675f8ac567199071b8542ca380799f0fe5dacd7f22fdbdcc4a29d2e39aaa

HTTP Headers

GET /favicon/apple-touch-icon-180x180.png HTTP/1.1
Host: www.deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Wed, 01 Nov 2023 19:40:30 GMT
server: Apache/2.4.57 (Ubuntu)
content-length: 283
content-type: text/html; charset=iso-8859-1
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s

142.250.74.132

200 OK

59 kB

URL GET HTTP/2
www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint13:D2:E3:B0:25:78:80:D7:35:78:09:81:0D:21:CE:31:CB:EF:DA:75
ValidityMon, 09 Oct 2023 08:11:26 GMT - Mon, 01 Jan 2024 08:11:25 GMT

File type
gzip compressed data\012- data
Size
59 kB (59248 bytes)
Hash
01ed16b8dacd2f02d23a0102b7a730f0
4564b6de82922336b76a60f76e8aca8d675682f9
67e4a0edf00295c391d1021d02e1dd01d47d85b3aa65cd2067ec533dfc6e947f

HTTP Headers

GET /recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deiligenaboer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Wed, 01 Nov 2023 19:40:30 GMT
date: Wed, 01 Nov 2023 19:40:30 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js

142.250.74.35

200 OK

189 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
ASCII text, with very long lines (689)
Size
189 kB (188860 bytes)
Hash
4efc45f285352a5b252b651160e1ced9
c7ba19e7058ec22c8d0f7283ab6b722bb7a135d7
253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a

HTTP Headers

GET /recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://deiligenaboer.com
DNT: 1
Connection: keep-alive
Referer: https://deiligenaboer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 188860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 19:22:51 GMT
expires: Thu, 31 Oct 2024 19:22:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 1059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js

142.250.74.35

200 OK

189 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
ASCII text, with very long lines (689)
Size
189 kB (188860 bytes)
Hash
4efc45f285352a5b252b651160e1ced9
c7ba19e7058ec22c8d0f7283ab6b722bb7a135d7
253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a

HTTP Headers

GET /recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://deiligenaboer.com
DNT: 1
Connection: keep-alive
Referer: https://deiligenaboer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 188860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 19:22:51 GMT
expires: Thu, 31 Oct 2024 19:22:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 1059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

deiligenaboer.com/landers/media-registry.js

34.117.126.88

200 OK

8.4 kB

URL GET HTTP/3
deiligenaboer.com/landers/media-registry.js
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
8.4 kB (8410 bytes)
Hash
6d3bdfb680ae2bb8857aef82b463379e
0e8311f19f1ebfe31abc3b89c867e4a6dc7af0c9
d1c61bde82e9224b31e3c743e0a5e650249284c034817554ffaec5447c6c93b2

HTTP Headers

GET /landers/media-registry.js HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 Nov 2023 19:01:55 GMT
server: UploadServer
x-guploader-uploadid: ABPtcPo879k2kXZktTJb6tZZwjJQuACDC90WuqRQD3fZpUfW4vonassTn-c23veWnxyZXbzmMgE8Btb83ew0qy2lOixandPaDWSC
x-goog-generation: 1698780635052548
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 120229
x-goog-hash: crc32c=ENJ43A==, md5=bTvftoCuK7iFeu+CtGM3ng==
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
expires: Wed, 01 Nov 2023 20:01:55 GMT
cache-control: public, max-age=3600
age: 2315
last-modified: Tue, 31 Oct 2023 19:30:35 GMT
etag: "6d3bdfb680ae2bb8857aef82b463379e-gzip"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-encoding: gzip
content-length: 8410
via: 1.1 google

deiligenaboer.com/landers/translations/nb-no2.json

34.117.126.88

200 OK

218 kB

URL GET HTTP/3
deiligenaboer.com/landers/translations/nb-no2.json
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (613)
Size
218 kB (217565 bytes)
Hash
6505c5b276168b445590c610362a03e5
16e7f1d164cbca5deb42f45147c46489a3106e69
cd7c5d4abe72ba25bdd975bba97fa428a1d56f3b49df4fd5b7e8b32bfffe084b

HTTP Headers

GET /landers/translations/nb-no2.json HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 Nov 2023 19:31:29 GMT
server: UploadServer
x-guploader-uploadid: ABPtcPoT6WJL9ksccARw9ojKj4N441XyZCOilLGNY38ZhPMvC_gcXbOJTuY-gNkb5W7t5KD6Uifjl98dFdbFW3YkXLikUk_tyBo9
x-goog-generation: 1692107122792132
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 217565
x-goog-hash: crc32c=ySx7vw==, md5=ZQXFsnYWi0RVkMYQNioD5Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 217565
access-control-allow-origin: *
expires: Wed, 01 Nov 2023 20:31:29 GMT
cache-control: public, max-age=3600
age: 541
last-modified: Tue, 15 Aug 2023 13:45:22 GMT
etag: "6505c5b276168b445590c610362a03e5"
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

samlesamtykke.com/cc.js?wId=1ZsmPYCLtU0ecstdnabWhm&domain=deiligenaboer.com&languageCode=nb&languageTerritory=NO&sessionId=ccfe684d3e264519b62a28d1ae002036

35.195.163.35

200 OK

14 kB

URL GET HTTP/2
samlesamtykke.com/cc.js?wId=1ZsmPYCLtU0ecstdnabWhm&domain=deiligenaboer.com&languageCode=nb&languageTerritory=NO&sessionId=ccfe684d3e264519b62a28d1ae002036
IP
35.195.163.35:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerLet's Encrypt
Subjectsamlesamtykke.com
FingerprintBA:50:17:9D:33:F1:6B:84:D1:8D:2B:E5:3E:FA:2E:85:0A:8D:EC:40
ValidityMon, 30 Oct 2023 19:14:51 GMT - Sun, 28 Jan 2024 19:14:50 GMT

File type
ASCII text
Size
14 kB (14202 bytes)
Hash
5cd7fc7a4793cb871b843457044bcaea
a4285b20281da19d87fb0c9e0859842fd5b3261f
11559b223e8d319c2363846bd7bbb08bdee01a8d61c55e04b2f98fa663975ccb

HTTP Headers

GET /cc.js?wId=1ZsmPYCLtU0ecstdnabWhm&domain=deiligenaboer.com&languageCode=nb&languageTerritory=NO&sessionId=ccfe684d3e264519b62a28d1ae002036 HTTP/1.1
Host: samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deiligenaboer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 01 Nov 2023 19:40:30 GMT
content-type: application/javascript
content-length: 14202
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2

deiligenaboer.com/landers/css/fontawesome-all.min.css

34.117.126.88

200 OK

35 kB

URL GET HTTP/2
deiligenaboer.com/landers/css/fontawesome-all.min.css
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
ASCII text, with very long lines (65393)
Size
35 kB (35256 bytes)
Hash
5f79b655243533fbc7e8961637791555
adcebd60252e56347b5e76470d7ae67cba5ba13a
2a4d150740b9870cf23c4c16a19752b650d394ac3d8cfbf6e92c0d57b92545af

HTTP Headers

GET /landers/css/fontawesome-all.min.css HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Nov 2023 14:19:44 GMT
server: nginx/1.14.2
content-type: text/css
last-modified: Tue, 31 Oct 2023 19:28:23 GMT
etag: W/"65415557-c970"
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 11797448 10455182
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js

142.250.74.35

200 OK

189 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
ASCII text, with very long lines (689)
Size
189 kB (188860 bytes)
Hash
4efc45f285352a5b252b651160e1ced9
c7ba19e7058ec22c8d0f7283ab6b722bb7a135d7
253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a

HTTP Headers

GET /recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 188860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 19:22:51 GMT
expires: Thu, 31 Oct 2024 19:22:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 1059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB

142.250.74.168

200 OK

66 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint97:15:34:CA:DF:1A:DF:2E:7B:EF:E9:6E:44:21:30:2B:ED:13:54:AE
ValidityMon, 09 Oct 2023 08:03:58 GMT - Mon, 01 Jan 2024 08:03:57 GMT

File type
ASCII text, with very long lines (3026)
Size
66 kB (65821 bytes)
Hash
032c8a15692cf04850d02c44c8116555
605629dcc5bd9920c997a331ee1f0e7833581df8
786c8487bc9fe43ddafd082ce3ef53128e6b779702ccb2ebaf69d80d81cf08a9

HTTP Headers

GET /gtm.js?id=GTM-KBRH6NB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deiligenaboer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Nov 2023 19:40:31 GMT
expires: Wed, 01 Nov 2023 19:40:31 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 Nov 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65821
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

deiligenaboer.com/landers/images/landing110/default/human/bg2.jpg?geo=no

34.117.126.88

200 OK

236 kB

URL GET HTTP/3
deiligenaboer.com/landers/images/landing110/default/human/bg2.jpg?geo=no
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1049, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1678], progressive, precision 8, 1678x1049, components 3\012- data
Size
236 kB (235552 bytes)
Hash
90a3eb611d5c16b96674869b1c6f8949
6a5c4ce14557b067b711d674eb29efe59f640336
3270f0e194030a22003ca6875aa080bf53022d08700fbafff05bd4abc1a8d01e

HTTP Headers

GET /landers/images/landing110/default/human/bg2.jpg?geo=no HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 Nov 2023 19:40:31 GMT
server: nginx/1.14.2
content-type: image/jpeg
content-length: 235552
last-modified: Tue, 31 Oct 2023 19:28:24 GMT
etag: "65415558-39820"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 39465829
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

deiligenaboer.com/landers/images/landing110/default/human/02.webp

34.117.126.88

200 OK

434 kB

URL GET HTTP/3
deiligenaboer.com/landers/images/landing110/default/human/02.webp
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
434 kB (433814 bytes)
Hash
25755c4de037d51761e3dfa4d2b1f081
77bce73ecaaa5e73d68b87e537ad0e4775676dcf
41b56728010f1bd03ebe2cc740d1806208e646639a5ef85dac44f9858379d311

HTTP Headers

GET /landers/images/landing110/default/human/02.webp HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 Nov 2023 19:40:31 GMT
server: nginx/1.14.2
content-type: image/webp
content-length: 433814
last-modified: Tue, 31 Oct 2023 19:28:24 GMT
etag: "65415558-69e96"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 38107749
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

deiligenaboer.com/landers/images/landing110/default/human/01.webp

34.117.126.88

200 OK

356 kB

URL GET HTTP/3
deiligenaboer.com/landers/images/landing110/default/human/01.webp
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
356 kB (355548 bytes)
Hash
92d1cc3330502a4af12ac0222a1fa33c
263e3a6fc4987466b45e0be3c1b8d18eb9f40a73
34d7408a0012674d38637e693bd9f5ce8dae0d29567859bc70c49f50720ba6f5

HTTP Headers

GET /landers/images/landing110/default/human/01.webp HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 Nov 2023 19:37:18 GMT
server: nginx/1.14.2
content-type: image/webp
content-length: 355548
last-modified: Tue, 31 Oct 2023 19:28:24 GMT
etag: "65415558-56cdc"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 39273657 39465177
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c

142.250.74.168

200 OK

86 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint97:15:34:CA:DF:1A:DF:2E:7B:EF:E9:6E:44:21:30:2B:ED:13:54:AE
ValidityMon, 09 Oct 2023 08:03:58 GMT - Mon, 01 Jan 2024 08:03:57 GMT

File type
ASCII text, with very long lines (5955)
Size
86 kB (85703 bytes)
Hash
d361dbe7f54b54019f1af0aed0b91f26
c00ce1eca032dc19a2d9e9f096259f39259e82c4
50df77dd7a94aac483acf8a6ad5cf85829aab2b29a879e9000b53e39cacff403

HTTP Headers

GET /gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deiligenaboer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Nov 2023 19:40:31 GMT
expires: Wed, 01 Nov 2023 19:40:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85703
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.131

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9kZWlsaWdlbmFib2VyLmNvbTo0NDM.&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uqmpyq13rfob
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Oct 2023 16:00:01 GMT
expires: Sun, 27 Oct 2024 16:00:01 GMT
cache-control: public, max-age=31536000
age: 358830
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js

142.250.74.35

200 OK

189 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
ASCII text, with very long lines (689)
Size
189 kB (188860 bytes)
Hash
4efc45f285352a5b252b651160e1ced9
c7ba19e7058ec22c8d0f7283ab6b722bb7a135d7
253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a

HTTP Headers

GET /recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 188860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 19:22:51 GMT
expires: Thu, 31 Oct 2024 19:22:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 1060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906

34.117.126.88

200 OK

20 kB

URL User Request GET HTTP/2
deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
gzip compressed data, from Unix\012- data
Size
20 kB (20439 bytes)
Hash
9db27c0bda062782e2b769a454f3165d
aad55fdf6cd60ca1d66204cda9d8ebd1a0641d31
f6a812410a3bb206fd8ebbbbe3b4653c0a7ef7a979033b27c3a31007b45aff50

HTTP Headers

GET /landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906 HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:40:29 GMT
server: nginx/1.14.2
content-type: text/html;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: deiligenaboer.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 39048386
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9kZWlsaWdlbmFib2VyLmNvbTo0NDM.&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uqmpyq13rfob
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Oct 2023 05:14:09 GMT
expires: Tue, 07 Nov 2023 05:14:09 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 138382
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

samlesamtykke.com/cc.css

35.195.163.35

200 OK

3.9 kB

URL GET HTTP/2
samlesamtykke.com/cc.css
IP
35.195.163.35:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerLet's Encrypt
Subjectsamlesamtykke.com
FingerprintBA:50:17:9D:33:F1:6B:84:D1:8D:2B:E5:3E:FA:2E:85:0A:8D:EC:40
ValidityMon, 30 Oct 2023 19:14:51 GMT - Sun, 28 Jan 2024 19:14:50 GMT

File type
assembler source, ASCII text
Size
3.9 kB (3892 bytes)
Hash
ddb6776d9e0b9844c9f57355d7492805
da918eb4fefa9d625e5858496c2c4a20ad893619
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34

HTTP Headers

GET /cc.css HTTP/1.1
Host: samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deiligenaboer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 01 Nov 2023 19:40:31 GMT
content-type: text/css
content-length: 3892
last-modified: Thu, 15 Oct 2020 08:07:25 GMT
etag: "6073-5b1b123761e40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2

api.samlesamtykke.com/consent/collector

35.195.163.35

200 OK

0 B

URL POST HTTP/2
api.samlesamtykke.com/consent/collector
IP
35.195.163.35:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerLet's Encrypt
Subjectsamlesamtykke.com
FingerprintBA:50:17:9D:33:F1:6B:84:D1:8D:2B:E5:3E:FA:2E:85:0A:8D:EC:40
ValidityMon, 30 Oct 2023 19:14:51 GMT - Sun, 28 Jan 2024 19:14:50 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /consent/collector HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://deiligenaboer.com/
Origin: https://deiligenaboer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 01 Nov 2023 19:40:31 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://deiligenaboer.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2

api.samlesamtykke.com/consent/collector

35.195.163.35

200 OK

4.6 kB

URL POST HTTP/2
api.samlesamtykke.com/consent/collector
IP
35.195.163.35:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerLet's Encrypt
Subjectsamlesamtykke.com
FingerprintBA:50:17:9D:33:F1:6B:84:D1:8D:2B:E5:3E:FA:2E:85:0A:8D:EC:40
ValidityMon, 30 Oct 2023 19:14:51 GMT - Sun, 28 Jan 2024 19:14:50 GMT

File type
JSON data\012- , ASCII text, with very long lines (4641), with no line terminators
Size
4.6 kB (4641 bytes)
Hash
2341a4a7565efc7753db429b843d78e6
d00081c54e501024e722503f7bf203fcccc00830
14bdc58e9bc802159e8acff442f74b72fdcd6434c532768a733942292aaaf5c7

HTTP Headers

POST /consent/collector HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 168
Origin: https://deiligenaboer.com
DNT: 1
Connection: keep-alive
Referer: https://deiligenaboer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 01 Nov 2023 19:40:31 GMT
content-type: application/vnd.api+json
content-length: 4641
access-control-allow-origin: https://deiligenaboer.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2

api.samlesamtykke.com/consent/loadSegment

35.195.163.35

200 OK

0 B

URL POST HTTP/2
api.samlesamtykke.com/consent/loadSegment
IP
35.195.163.35:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerLet's Encrypt
Subjectsamlesamtykke.com
FingerprintBA:50:17:9D:33:F1:6B:84:D1:8D:2B:E5:3E:FA:2E:85:0A:8D:EC:40
ValidityMon, 30 Oct 2023 19:14:51 GMT - Sun, 28 Jan 2024 19:14:50 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /consent/loadSegment HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://deiligenaboer.com/
Origin: https://deiligenaboer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 01 Nov 2023 19:40:31 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://deiligenaboer.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2

api.samlesamtykke.com/consent/loadSegment

35.195.163.35

200 OK

284 B

URL POST HTTP/2
api.samlesamtykke.com/consent/loadSegment
IP
35.195.163.35:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerLet's Encrypt
Subjectsamlesamtykke.com
FingerprintBA:50:17:9D:33:F1:6B:84:D1:8D:2B:E5:3E:FA:2E:85:0A:8D:EC:40
ValidityMon, 30 Oct 2023 19:14:51 GMT - Sun, 28 Jan 2024 19:14:50 GMT

File type
JSON data\012- HTML document, Unicode text, UTF-8 text, with no line terminators
Size
284 B (284 bytes)
Hash
3b5b46131cac937efb3f56e11e0412a9
58ce0cff3be7080200e85206df18f1cd5d6c4841
4927caed672e4a6ab0dec07adfb90e5c15213e562a6873e0943699d82cca467e

HTTP Headers

POST /consent/loadSegment HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 223
Origin: https://deiligenaboer.com
DNT: 1
Connection: keep-alive
Referer: https://deiligenaboer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 01 Nov 2023 19:40:31 GMT
content-type: application/vnd.api+json
content-length: 284
access-control-allow-origin: https://deiligenaboer.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2

api.samlesamtykke.com/consent/loadSegment

35.195.163.35

200 OK

360 B

URL POST HTTP/2
api.samlesamtykke.com/consent/loadSegment
IP
35.195.163.35:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerLet's Encrypt
Subjectsamlesamtykke.com
FingerprintBA:50:17:9D:33:F1:6B:84:D1:8D:2B:E5:3E:FA:2E:85:0A:8D:EC:40
ValidityMon, 30 Oct 2023 19:14:51 GMT - Sun, 28 Jan 2024 19:14:50 GMT

File type
JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (357), with no line terminators
Size
360 B (360 bytes)
Hash
b81ec878e5adcd0863faef7e7e6fe44a
faed2737ec33732d35c72dd8032da0c3a925ea0d
d4e02dfa1bd03cd275a801d83acadb1c3fdaced7f6ff26abdf36addaeda5d714

HTTP Headers

POST /consent/loadSegment HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 224
Origin: https://deiligenaboer.com
DNT: 1
Connection: keep-alive
Referer: https://deiligenaboer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 01 Nov 2023 19:40:31 GMT
content-type: application/vnd.api+json
content-length: 360
access-control-allow-origin: https://deiligenaboer.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2

api.samlesamtykke.com/consent/confirmExplicit

35.195.163.35

200 OK

0 B

URL POST HTTP/2
api.samlesamtykke.com/consent/confirmExplicit
IP
35.195.163.35:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerLet's Encrypt
Subjectsamlesamtykke.com
FingerprintBA:50:17:9D:33:F1:6B:84:D1:8D:2B:E5:3E:FA:2E:85:0A:8D:EC:40
ValidityMon, 30 Oct 2023 19:14:51 GMT - Sun, 28 Jan 2024 19:14:50 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /consent/confirmExplicit HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://deiligenaboer.com/
Origin: https://deiligenaboer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 01 Nov 2023 19:40:31 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://deiligenaboer.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2

api.samlesamtykke.com/consent/confirmExplicit

35.195.163.35

200 OK

0 B

URL POST HTTP/2
api.samlesamtykke.com/consent/confirmExplicit
IP
35.195.163.35:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerLet's Encrypt
Subjectsamlesamtykke.com
FingerprintBA:50:17:9D:33:F1:6B:84:D1:8D:2B:E5:3E:FA:2E:85:0A:8D:EC:40
ValidityMon, 30 Oct 2023 19:14:51 GMT - Sun, 28 Jan 2024 19:14:50 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /consent/confirmExplicit HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 535
Origin: https://deiligenaboer.com
DNT: 1
Connection: keep-alive
Referer: https://deiligenaboer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 01 Nov 2023 19:40:31 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://deiligenaboer.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2

deiligenaboer.com/landers/images/landing110/default/human/bg3.jpg?geo=no

34.117.126.88

200 OK

252 kB

URL GET HTTP/3
deiligenaboer.com/landers/images/landing110/default/human/bg3.jpg?geo=no
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1049, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1678], progressive, precision 8, 1678x1049, components 3\012- data
Size
252 kB (252103 bytes)
Hash
0f9bdcdeef9b2da2a61a110c107408f0
4990f39815d159a6088788f44e742df7b440c86b
5a8574aa3a7b643e14544e67ecb9b39c9234c13a880d45e7526aeb55156a5476

HTTP Headers

GET /landers/images/landing110/default/human/bg3.jpg?geo=no HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Cookie: _ga_QXFHHE16V3=GS1.1.1698867632.1.0.1698867632.0.0.0; _ga=GA1.1.249443360.1698867632
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 Nov 2023 19:40:36 GMT
server: nginx/1.14.2
content-type: image/jpeg
content-length: 252103
last-modified: Tue, 31 Oct 2023 19:28:24 GMT
etag: "65415558-3d8c7"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 10721750
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

deiligenaboer.com/landers/images/landing110/default/human/bg1.jpg?geo=no

34.117.126.88

200 OK

223 kB

URL GET HTTP/3
deiligenaboer.com/landers/images/landing110/default/human/bg1.jpg?geo=no
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1049, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1678], progressive, precision 8, 1678x1049, components 3\012- data
Size
223 kB (223271 bytes)
Hash
c63587435328d5e821aabbb8ee2ca756
6d01219674c07d911887478a15d6620ce44a9872
c1c7ed1141a110e2786ada7a3f162a4b1b9dc99f33b8c18c8ea7bf8bcf4c5bbb

HTTP Headers

GET /landers/images/landing110/default/human/bg1.jpg?geo=no HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Cookie: _ga_QXFHHE16V3=GS1.1.1698867632.1.0.1698867632.0.0.0; _ga=GA1.1.249443360.1698867632
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 Nov 2023 19:38:20 GMT
server: nginx/1.14.2
content-type: image/jpeg
content-length: 223271
last-modified: Tue, 31 Oct 2023 19:28:24 GMT
etag: "65415558-36827"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 10375205 10436265
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2

142.250.74.132

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9kZWlsaWdlbmFib2VyLmNvbTo0NDM.&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uqmpyq13rfob
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint71:34:F9:A1:80:2F:AF:05:CB:45:8A:35:D5:48:03:3F:B3:6F:61:30
ValidityMon, 09 Oct 2023 08:04:03 GMT - Mon, 01 Jan 2024 08:04:02 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
26c4f76e985234506205b82e3e6e520f
987d32a005fd1a1be9cc3a4f85796705beadb340
bd7e05751a03c3c81bf4f38808d12af294f672494f6b9d7641aaf0dfbb5fb012

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9kZWlsaWdlbmFib2VyLmNvbTo0NDM.&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uqmpyq13rfob
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Wed, 01 Nov 2023 19:40:31 GMT
date: Wed, 01 Nov 2023 19:40:31 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9kZWlsaWdlbmFib2VyLmNvbTo0NDM.&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uqmpyq13rfob
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Oct 2023 23:15:14 GMT
expires: Wed, 30 Oct 2024 23:15:14 GMT
cache-control: public, max-age=31536000
age: 73517
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.deiligenaboer.com/favicon/favicon.ico

34.117.126.88

200 OK

15 kB

URL GET HTTP/3
www.deiligenaboer.com/favicon/favicon.ico
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15086 bytes)
Hash
4dd420146b8d36b5c4c55127619abab3
46afa76598f3d0642177e0479bf87b4423aa1a8c
f0f8afcc4674feea15d5539af6d7f5a7cdcbf03daf1470102edc08c471b3235f

HTTP Headers

GET /favicon/favicon.ico HTTP/1.1
Host: www.deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 Nov 2023 19:40:30 GMT
server: Apache/2.4.57 (Ubuntu)
vary: X-Forwarded-Proto
last-modified: Tue, 31 Oct 2023 10:16:19 GMT
etag: "3aee-60900721fa86a"
accept-ranges: bytes
content-length: 15086
x-ua-compatible: IE=edge,chrome=1
content-type: image/vnd.microsoft.icon
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9kZWlsaWdlbmFib2VyLmNvbTo0NDM.&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uqmpyq13rfob

142.250.74.132

200 OK

60 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9kZWlsaWdlbmFib2VyLmNvbTo0NDM.&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uqmpyq13rfob
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint71:34:F9:A1:80:2F:AF:05:CB:45:8A:35:D5:48:03:3F:B3:6F:61:30
ValidityMon, 09 Oct 2023 08:04:03 GMT - Mon, 01 Jan 2024 08:04:02 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (51846)
Size
60 kB (60334 bytes)
Hash
397954baf36a6cec6cc0c58b813b608e
3c6084b90ce67b6cded85ce037dc4496cd89a329
2cb86aa01c01d0c27be219072b5464b68b7d85a231954688c2499e97d370fd3f

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9kZWlsaWdlbmFib2VyLmNvbTo0NDM.&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uqmpyq13rfob HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deiligenaboer.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Nov 2023 19:40:30 GMT
content-security-policy: script-src 'nonce-7p7LtcGLk3Zfb3QQOYu_Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css

142.250.74.35

200 OK

56 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9kZWlsaWdlbmFib2VyLmNvbTo0NDM.&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uqmpyq13rfob
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
ASCII text, with very long lines (56398), with no line terminators
Size
56 kB (56398 bytes)
Hash
eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

GET /recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Oct 2023 15:41:35 GMT
expires: Wed, 30 Oct 2024 15:41:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
content-type: text/css
vary: Accept-Encoding
age: 100735
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise.js

142.250.74.132

200 OK

940 B

URL GET HTTP/2
www.google.com/recaptcha/enterprise.js
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint13:D2:E3:B0:25:78:80:D7:35:78:09:81:0D:21:CE:31:CB:EF:DA:75
ValidityMon, 09 Oct 2023 08:11:26 GMT - Mon, 01 Jan 2024 08:11:25 GMT

File type
ASCII text, with very long lines (940), with no line terminators
Size
940 B (940 bytes)
Hash
e0cbdbb29cae526a9517316a4ba6f6d4
a93bdb7fc87528fcb3e533053cc2948478c987de
8370cc6a8e01ada022503e0371936fec280ef5ae7a0a32fadc7feb2b95d592be

HTTP Headers

GET /recaptcha/enterprise.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deiligenaboer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Wed, 01 Nov 2023 19:40:30 GMT
date: Wed, 01 Nov 2023 19:40:30 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

deiligenaboer.com/landers/css/vegas.min.css

34.117.126.88

200 OK

12 kB

URL GET HTTP/2
deiligenaboer.com/landers/css/vegas.min.css
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
ASCII text
Size
12 kB (11808 bytes)
Hash
b8abc72c16479198c206a456a02f1dca
d704f7acb4b8daf00787d4ba4f6e33b26be2a28c
a8d530eff57d706b6469ac6bdc3ce13cbfaecc832792ad7a102b19e156632fe1

HTTP Headers

GET /landers/css/vegas.min.css HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:17:57 GMT
server: nginx/1.14.2
content-type: text/css
last-modified: Tue, 31 Oct 2023 19:28:23 GMT
etag: W/"65415557-2e20"
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 11230262 11575168
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2

deiligenaboer.com/landers/js/vendor.js

34.117.126.88

200 OK

124 kB

URL GET HTTP/3
deiligenaboer.com/landers/js/vendor.js
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type

Size
124 kB (123566 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /landers/js/vendor.js HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 Nov 2023 16:05:27 GMT
server: nginx/1.14.2
content-type: application/javascript
last-modified: Tue, 31 Oct 2023 19:28:35 GMT
etag: W/"65415563-1e2ae"
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 10436639 9429817
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

deiligenaboer.com/landers/css/landing110.css

34.117.126.88

200 OK

25 kB

URL GET HTTP/2
deiligenaboer.com/landers/css/landing110.css
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
ASCII text
Size
25 kB (24629 bytes)
Hash
67b3bde43834e85ff4968ec869db71aa
2aa09ae6906c0c650343d437fc66b031f0c091da
fa24f7e1f4caa25a5cb696d5d5bc39dde09d408f266495a12a8c39f73e05892a

HTTP Headers

GET /landers/css/landing110.css HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:40:30 GMT
server: nginx/1.14.2
content-type: text/css;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: deiligenaboer.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 10436637
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2

deiligenaboer.com/landers/css/theme/pornhub.css

34.117.126.88

200 OK

15 kB

URL GET HTTP/2
deiligenaboer.com/landers/css/theme/pornhub.css
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type
ASCII text
Size
15 kB (14904 bytes)
Hash
5cc040aacb13e38492b7e20f49ad4a36
3afdef08502ab8adef4972ba67dd49980a6c9ad5
a94fd985952baae36ceca33c8b67e739f7355cf4688a4adfe31e0be31963ef74

HTTP Headers

GET /landers/css/theme/pornhub.css HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 Nov 2023 19:16:02 GMT
server: nginx/1.14.2
content-type: text/css;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: deiligenaboer.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 11355274 10810468
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2

chmstrclck.com/v1/redirect/9738?utm_campaign=ban1s&utm_medium=%7B%25utm_source%7Curl%7C%25%7D&utm_term=mb01

188.114.97.1

301 Moved Permanently

22 kB

URL User Request GET HTTP/2
chmstrclck.com/v1/redirect/9738?utm_campaign=ban1s&utm_medium=%7B%25utm_source%7Curl%7C%25%7D&utm_term=mb01
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectchmstrclck.com
Fingerprint20:29:4D:9F:BA:E0:FA:09:EE:62:E7:2D:45:04:EB:7F:9A:77:BA:70
ValidityThu, 21 Sep 2023 10:54:46 GMT - Wed, 20 Dec 2023 10:54:45 GMT

File type

Size
22 kB (22263 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /v1/redirect/9738?utm_campaign=ban1s&utm_medium=%7B%25utm_source%7Curl%7C%25%7D&utm_term=mb01 HTTP/1.1
Host: chmstrclck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Wed, 01 Nov 2023 19:40:28 GMT
content-type: text/html; charset=utf-8
location: https://a.medfoodsafety.com/loader?a=4793702&s=4780719&t=94&p=12731&s2=mb01
x-powered-by: lb-ads-display/3.1.0
x-environment: prod
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Accept
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkslXn6boT9P8QwT3phRJzMDKvru%2BV0MjlCW5Ux74MvO9DzEhRiUccm7%2F4h7I5HcnQNohNVDOGy4RcE%2F6Ovs%2Bmp0%2B2gN%2BGGgDrNwnHSXPaeLre2Y3LBfxoRZIsCknz1vJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f69c165bf5568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

a.medfoodsafety.com/loader?a=4793702&s=4780719&t=94&p=12731&s2=mb01

172.64.171.12

302 Found

22 kB

URL User Request GET HTTP/2
a.medfoodsafety.com/loader?a=4793702&s=4780719&t=94&p=12731&s2=mb01
IP
172.64.171.12:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint90:FD:DB:96:7B:D5:FA:AA:DA:06:53:8B:D3:A1:8D:E4:05:52:DE:5A
ValidityMon, 13 Feb 2023 00:00:00 GMT - Mon, 12 Feb 2024 23:59:59 GMT

File type

Size
22 kB (22263 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /loader?a=4793702&s=4780719&t=94&p=12731&s2=mb01 HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 01 Nov 2023 19:40:28 GMT
content-length: 0
location: https://mxg.maxigamma.com/4bd1e769-2bf7-41fe-abcf-928ae633f53e?adzone=4793702&site=4780719&campaign=213040&s1=2906&banner=3833076&keywords=&Epom={Epom}&country=NO&a=902&flow_id={flow_id}&atrack=432bde4bXba6cXdi0bXhc11Xgfe6ef2chh63JafihhfgfbhJbac0d0Jchcc0gfJdgh0gaiJdgicg0bJeghJiiihJbJiiiiJb0bJbe
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGJiGVZrolKdUzwdShPx%2Bh4vR4c59U8wq3weWvUlj%2FtxiV0obI5bpesidVeHe4LDAPViQnsue5bRD4BFfsCOLeMsveQk%2BwnimH6Z%2BeU2ztCbqrYruh3txzbvqDR4Fl16nmHqYDlP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f69c17ae158885-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

deiligenaboer.com/landers/js/landing110.js

34.117.126.88

200 OK

77 kB

URL GET HTTP/3
deiligenaboer.com/landers/js/landing110.js
IP
34.117.126.88:443
ASN
#15169 GOOGLE

Requested by
https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.deiligenaboer.com
Fingerprint82:18:D7:2E:56:07:8E:89:99:3D:A9:39:51:B7:28:3F:0A:2B:A8:4C
ValidityFri, 20 Oct 2023 21:58:15 GMT - Thu, 18 Jan 2024 22:51:28 GMT

File type

Size
77 kB (77027 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /landers/js/landing110.js HTTP/1.1
Host: deiligenaboer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deiligenaboer.com/landing110?sub=human&pi=902&pt1=pt5621dadc409c4fa194eb6d191c4a16a1&pe=2906
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 Nov 2023 18:41:22 GMT
server: nginx/1.14.2
content-type: application/javascript
last-modified: Tue, 31 Oct 2023 19:28:35 GMT
etag: W/"65415563-12ce3"
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 11547878 11346030
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by