thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv
151.101.1.195301 Moved Permanently 64 B URL User Request GET HTTP/2 thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv
IP 151.101.1.195:443
Certificate IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT
File type ASCII text, with no line terminators
Hash bc16f91008d9df3b3a79c10f3eb9cf98
ce7b1a5ec0ba3eadadc60b0fc6488e045148080c
cdf5d905fdf7390bd4e080f3019d2d5242e0cca8d706059b8afd45775aa9a530
Analyzer Verdict Alert fortinet Phishing
GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
content-type: text/plain; charset=utf-8
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093605.112069,VS0,VE43
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 64
X-Firefox-Spdy: h2
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
151.101.1.195200 OK 2.0 kB URL User Request GET HTTP/2 thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
IP 151.101.1.195:443
Certificate IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (618)
Hash 1d442b3044365105dbd5e62bace59381
22632953998a228790e574d9b62db899aa0f7c6a
a4bd5a1bdede80daa57d2f6538b2a46ed70859257ea4f07fd470cc3f3f580b40
Analyzer Verdict Alert fortinet Phishing
GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/ HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "3d64f4c27e2e36cd1841208943b6257974151c4570025a0862f9cdbf8cfeac48-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093605.210343,VS0,VE127
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2045
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/gJxony9XCjo
142.250.74.131 471 B URL ocsp.pki.goog/s/gts1d4/gJxony9XCjo
IP 142.250.74.131:0
Hash 5119a387ae6da7509acb59818c55bcc6
df314a02e9479daa9465a3679f3a51099f45c9d8
8b52860e4e3a012d3ecfeac4cb48b3e2696ff439e4cde93fd331a06397468d78
POST /s/gts1d4/gJxony9XCjo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 09:33:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/quiz.jquery.js
151.101.1.195200 OK 269 B URL GET HTTP/3 thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/quiz.jquery.js
IP 151.101.1.195:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT
File type ASCII text, with very long lines (370)
Hash 4205e82f8b6d013d405c74cc16b3b9a2
1f271868163d1cfa7a254889d6d8ccf33aa40861
4c828a9318bb846d20751582aa76f426dca400a4951043ece8e3c027daea5b2e
Analyzer Verdict Alert fortinet Phishing
GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/quiz.jquery.js HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 269
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "7b5911115046ae160c74884e2f365a59c61d192118497d6f801e454b813694f1-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.658815,VS0,VE50
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/jquery-2.1.3.min.js
151.101.1.195200 OK 27 kB URL GET HTTP/3 thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/jquery-2.1.3.min.js
IP 151.101.1.195:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT
File type ASCII text, with very long lines (32180)
Hash 32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Analyzer Verdict Alert fortinet Phishing
GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/jquery-2.1.3.min.js HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 26669
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "ab6dfee40c45ba9c9689a69f90ac9ca9f3a9ec87b5a5d754a5e968d9159d3f84-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.658285,VS0,VE77
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/cookie.css
151.101.1.195200 OK 742 B URL GET HTTP/3 thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/cookie.css
IP 151.101.1.195:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT
Hash b6afeeee87b7fcef05acfbffc7fa4515
91469243b8d1d23d9e2ee643d938d2f167687f1e
5c6dc2ed6abe1a0094ed05ac25bd1f133dd23c25500fcebbcc5351a5802980f7
GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/cookie.css HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 742
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "7c368996daf997cc6cf25d5a66d940ba6b90d542b87b5379c2df67a7eefbadf4-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.654267,VS0,VE122
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
pickupmates.com/UNativeSDKUpdaterWorker.js
151.101.65.195200 OK 62 B URL GET HTTP/2 pickupmates.com/UNativeSDKUpdaterWorker.js
IP 151.101.65.195:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerGoogle Trust Services LLC
Subjecteleicaoaovivo.com.br
FingerprintAB:3F:13:8C:CB:D9:EF:F5:F8:21:90:BB:2C:C3:11:F6:78:F1:EB:27
ValiditySun, 14 May 2023 14:27:27 GMT - Sat, 12 Aug 2023 15:25:32 GMT
Hash 0c7909043bfae2b5b9546631b3aaea79
1e97e771f276fe81ba10ead478390056b47e4037
1ce071c9effc970aa56d59810f9b04372a9ac4c0bb273fd416f743b0c3e49689
GET /UNativeSDKUpdaterWorker.js HTTP/1.1
Host: pickupmates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=3600
content-type: text/javascript; charset=utf-8
etag: "98584797339fc7b930aed7f5fc19a38730c4312dc558a3ef458942d9df3c2e87"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1674-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.733016,VS0,VE103
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 62
X-Firefox-Spdy: h2
pickupmates.com/UNativeSDKWorker.js
151.101.65.195200 OK 62 B URL GET HTTP/2 pickupmates.com/UNativeSDKWorker.js
IP 151.101.65.195:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerGoogle Trust Services LLC
Subjecteleicaoaovivo.com.br
FingerprintAB:3F:13:8C:CB:D9:EF:F5:F8:21:90:BB:2C:C3:11:F6:78:F1:EB:27
ValiditySun, 14 May 2023 14:27:27 GMT - Sat, 12 Aug 2023 15:25:32 GMT
Hash 0c7909043bfae2b5b9546631b3aaea79
1e97e771f276fe81ba10ead478390056b47e4037
1ce071c9effc970aa56d59810f9b04372a9ac4c0bb273fd416f743b0c3e49689
GET /UNativeSDKWorker.js HTTP/1.1
Host: pickupmates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=3600
content-type: text/javascript; charset=utf-8
etag: "98584797339fc7b930aed7f5fc19a38730c4312dc558a3ef458942d9df3c2e87"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1674-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.737433,VS0,VE100
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 62
X-Firefox-Spdy: h2
thenewfling.com/prelanderSDK.min.js
151.101.1.195200 OK 159 B URL GET HTTP/3 thenewfling.com/prelanderSDK.min.js
IP 151.101.1.195:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT
File type ASCII text, with no line terminators
Hash d906c8490feee06c13c35b61fbabfde8
2eb25b8c38db7e9105c560f5801d982f7682d747
6d623cabd30ff4adb8e9b8e1780f1089822c386384e3888b4e3d713a9372b317
Analyzer Verdict Alert fortinet Phishing
GET /prelanderSDK.min.js HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 159
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "28f8bb9bb5209eb23dd08adec02cc1ef239ce6bf0eb2126a34aa5cfbf484ca48-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.651968,VS0,VE213
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/logo.png
151.101.1.195200 OK 2.5 kB URL GET HTTP/3 thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/logo.png
IP 151.101.1.195:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT
File type PNG image data, 99 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash e71e0d341eaf9e127a15f7d0c1de1e84
ca2f550b53e9c1d1b5ebba886ba01f53089c5bf8
6a5d67e248e7d446af534b0402a93621875ab55ad11fa0ff1de1bff11d3abd7a
GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/logo.png HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 2481
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "97ab77bf187ba714d25e6f3aeb664abb6d9aa4f8a8048d422f6be8dc6bdb4b69-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.657867,VS0,VE214
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/tos.css
151.101.1.195200 OK 261 B URL GET HTTP/3 thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/tos.css
IP 151.101.1.195:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT
Hash 8d38fdbd57b12082e9b99722427d6d2d
a2985688bc995daf59db4d69be9ca67a26df8c7e
cfd18bfd446468ed7c76814ce9bc5aa26169ac4390bf37d67720ddae7f1156de
GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/tos.css HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 261
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "3237a7dc7ec73f50f08941de1211303227e4142b692e23ee7db41a24aa893545-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.654831,VS0,VE231
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/skeleton.css
151.101.1.195200 OK 2.5 kB URL GET HTTP/3 thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/skeleton.css
IP 151.101.1.195:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT
File type ASCII text, with very long lines (1644)
Hash e4d8616380ba53778d675900a487e19f
a8198760de49c3cf2895b7be227c7848f6aab68a
8c1de21fe94f1777565f06200b0a297165ef76e5f23a69d524263cb2da733764
GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/skeleton.css HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 2510
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "fa6cafb81af35a9aae752fc783be3693e6a21e931e6df0fd7cb97f8ca5a8682b-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.653054,VS0,VE249
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ocsp.pki.goog/s/gts1d4/o8O33kxIzXk
142.250.74.131 472 B URL ocsp.pki.goog/s/gts1d4/o8O33kxIzXk
IP 142.250.74.131:0
Hash b69c1211cd915e4b1ddd5fe1e0153f08
92effeef43ef44c8553de280425d88764db8b807
199f565ac407af4e2f1f0c46539694782ce7b66c7634b50edf988a5d821f38a5
POST /s/gts1d4/o8O33kxIzXk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 09:33:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 4f771b9e05938d93366a814a2714cc32
33b5a01f35241d5085c476d06542865904652ad4
2db84be074e99462d8d9dd248b445da5bb78332b6087a247abfe88dd9b9f8cdf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 09:33:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TMR4NP
142.250.74.168200 OK 58 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TMR4NP
IP 142.250.74.168:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type ASCII text, with very long lines (14686)
Hash d35287f2e948a69497395b7b5ebfde44
4e60d8af3d7bf969bd3082933cc0eda52ffb3cfe
190055570b9012d030ed571cc80a40f553832e70b5bd77963cce4e08c6d50dca
GET /gtm.js?id=GTM-TMR4NP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 May 2023 09:33:26 GMT
expires: Fri, 26 May 2023 09:33:26 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 May 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 58094
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/02.gif
151.101.1.195200 OK 41 kB URL GET HTTP/3 thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/02.gif
IP 151.101.1.195:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT
File type GIF image data, version 89a, 200 x 300\012- data
Hash d2b6a17792b4b70d72f79148a03ecbb6
6b05aeb8897e563c21cb077a1ca0a6918dfde1ba
01358dc7722866cc65e88099761b9542b9ce28f46e1348117dee341c2cd5ef9c
GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/02.gif HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/skeleton.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 40729
cache-control: max-age=3600
content-encoding: br
content-type: image/gif
etag: "9f183c4784b8e6c8f60f4a48fac530d38b419dae88cecbace6c2aec8e0b509de-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:26 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.052123,VS0,VE102
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 4f771b9e05938d93366a814a2714cc32
33b5a01f35241d5085c476d06542865904652ad4
2db84be074e99462d8d9dd248b445da5bb78332b6087a247abfe88dd9b9f8cdf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 09:33:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/bg.jpg
151.101.1.195200 OK 80 kB URL GET HTTP/3 thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/bg.jpg
IP 151.101.1.195:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2004x1252, components 3\012- data
Hash 5c636f38346483eb3490a7dd150e9619
45ad806c67795ae56f72ad70b6407cbe13667eac
b60fc52636018917e614bdb012cd002e196109a051cc971cdc16e5857439fda7
GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/bg.jpg HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/skeleton.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 79524
cache-control: max-age=3600
content-encoding: br
content-type: image/jpeg
etag: "a8af376aee65cbdc80b9814dc9e82cb89ebe93646a2882fdfd050ddde9721a1b-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:26 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.045965,VS0,VE297
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/01.gif
151.101.1.195200 OK 89 kB URL GET HTTP/3 thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/01.gif
IP 151.101.1.195:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT
File type GIF image data, version 89a, 200 x 300\012- data
Hash acdb1a6c76850f957fed7fdd8f0f7d19
db536cb81494ab3e0de70e2f91282f3f3c9f5e67
fc461b65e548b4e96652a96aae85faa55a951c4a3355d3cacb7af3c6616c2b61
GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/01.gif HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/skeleton.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 89160
cache-control: max-age=3600
content-encoding: br
content-type: image/gif
etag: "3a104a46fd214e3092364a7c742212b6dc9522a6b553c8be444574707b3479f4-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:26 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.051748,VS0,VE278
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ocsp.sectigo.com/
104.18.14.101 472 B IP 104.18.14.101:0
Hash 6a0059029d0a6786de5d43f8da5f1090
20db24462d3cd844179444f0af822c94f819bbd8
07cd5640c9eb8ffd998e6b5c9932d1fa27d4ec48004fe77608f0441f05f1b61f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 May 2023 09:33:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 26 May 2023 07:46:43 GMT
Expires: Fri, 02 Jun 2023 07:46:42 GMT
Etag: "20db24462d3cd844179444f0af822c94f819bbd8"
Cache-Control: max-age=598554,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cd5043fa953b50f-OSL
tfosrv.com/retargeting.js?id=981>mcb=83948494
216.18.168.29200 OK 22 kB URL GET HTTP/1.1 tfosrv.com/retargeting.js?id=981>mcb=83948494
IP 216.18.168.29:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerSectigo Limited
Subject*.tfosrv.com
Fingerprint02:80:28:FF:F2:1F:50:3B:EB:C2:80:1C:FC:89:57:41:02:60:19:04
ValidityMon, 07 Nov 2022 00:00:00 GMT - Sat, 18 Nov 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (59972), with no line terminators
Hash 2c6da79b4fde76de73775959102316ff
85d49c9039e9472283d6538affdc6ba4e3c53aa6
d9f4e141f06b5e635d055b7c516309a85ce6f971f58c4e8143f9507b8e4b2d13
GET /retargeting.js?id=981>mcb=83948494 HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Fri, 26 May 2023 09:33:26 GMT
content-type: text/javascript
transfer-encoding: chunked
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
api-un.unative.com/p/w/33db8e77-19c7-4958-9af2-1a888a2a64fd
162.55.0.219200 18 B URL OPTIONS HTTP/1.1 api-un.unative.com/p/w/33db8e77-19c7-4958-9af2-1a888a2a64fd
IP 162.55.0.219:443
ASN #24940 Hetzner Online GmbH
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerLet's Encrypt
Subjectunative.com
Fingerprint5C:45:95:F3:E4:7F:3E:45:81:1C:87:CE:0C:E6:E7:1B:C0:B3:8A:35
ValiditySat, 06 May 2023 08:11:27 GMT - Fri, 04 Aug 2023 08:11:26 GMT
File type ASCII text, with no line terminators
Hash cc7fd95a87ea3721ce1853bf3c4dd75e
7f687f7881adf0fc407378d375a61b8f198c0912
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
OPTIONS /p/w/33db8e77-19c7-4958-9af2-1a888a2a64fd HTTP/1.1
Host: api-un.unative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,sdk-version
Referer: https://thenewfling.com/
Origin: https://thenewfling.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
allow: HEAD,GET,OPTIONS
x-responded-by: cors-support-provider
access-control-expose-headers: set-cookie
access-control-allow-origin: *
access-control-request-headers: content-type,sdk-version,origin,accept,content-type,x-requested-with
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 86400
access-control-allow-headers: content-type,sdk-version,origin,accept,content-type,x-requested-with
content-type: text/plain;charset=UTF-8
content-length: 18
date: Fri, 26 May 2023 09:33:25 GMT
tr-un.unative.com/track/visit/incognito/33db8e77-19c7-4958-9af2-1a888a2a64fd
162.55.0.220200 18 B URL GET HTTP/1.1 tr-un.unative.com/track/visit/incognito/33db8e77-19c7-4958-9af2-1a888a2a64fd
IP 162.55.0.220:443
ASN #24940 Hetzner Online GmbH
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerLet's Encrypt
Subjectunative.com
Fingerprint5C:45:95:F3:E4:7F:3E:45:81:1C:87:CE:0C:E6:E7:1B:C0:B3:8A:35
ValiditySat, 06 May 2023 08:11:27 GMT - Fri, 04 Aug 2023 08:11:26 GMT
File type ASCII text, with no line terminators
Hash cc7fd95a87ea3721ce1853bf3c4dd75e
7f687f7881adf0fc407378d375a61b8f198c0912
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
OPTIONS /track/visit/incognito/33db8e77-19c7-4958-9af2-1a888a2a64fd HTTP/1.1
Host: tr-un.unative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,sdk-version
Referer: https://thenewfling.com/
Origin: https://thenewfling.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
allow: HEAD,GET,OPTIONS
x-responded-by: cors-support-provider
access-control-expose-headers: set-cookie
access-control-allow-origin: *
access-control-request-headers: content-type,sdk-version,origin,accept,content-type,x-requested-with
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 86400
access-control-allow-headers: content-type,sdk-version,origin,accept,content-type,x-requested-with
content-type: text/plain;charset=UTF-8
content-length: 18
date: Fri, 26 May 2023 09:33:25 GMT
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 9c20b6eea6243fabb752085d6be934fc
28578c12d46431e162d7f2c8663da00887f06c2a
c4e8ce753fcb00e5c1b647cd7381dae5c63fe7a373f6719156bbb4bc1fd96050
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Fri, 26 May 2023 09:33:26 GMT
Last-Modified: Fri, 26 May 2023 07:51:31 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7AdaGrpj_1yW-hkRXZYNv2PkZHMI8yxBmXUBh6Dt75L4NMeEq9wKjg==
Age: 6115
api-un.unative.com/p/w/33db8e77-19c7-4958-9af2-1a888a2a64fd
162.55.0.219200 195 B URL OPTIONS HTTP/1.1 api-un.unative.com/p/w/33db8e77-19c7-4958-9af2-1a888a2a64fd
IP 162.55.0.219:443
ASN #24940 Hetzner Online GmbH
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerLet's Encrypt
Subjectunative.com
Fingerprint5C:45:95:F3:E4:7F:3E:45:81:1C:87:CE:0C:E6:E7:1B:C0:B3:8A:35
ValiditySat, 06 May 2023 08:11:27 GMT - Fri, 04 Aug 2023 08:11:26 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash f41a8eae0760099fe19c7b303f011f8f
0274ea39d09d84685e33b7d27a785779ae7b5a3e
b0195e7e061ecb9023569e2227df2ee320e3b9037d230d042c7a706e59495c59
GET /p/w/33db8e77-19c7-4958-9af2-1a888a2a64fd HTTP/1.1
Host: api-un.unative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thenewfling.com/
content-type: application/json;charset=UTF-8
sdk-version: unative/web/150706
Origin: https://thenewfling.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
x-responded-by: cors-support-provider
access-control-expose-headers: set-cookie
access-control-allow-origin: *
access-control-request-headers: origin,accept,content-type,x-requested-with
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 86400
content-type: application/json;charset=UTF-8
content-length: 195
date: Fri, 26 May 2023 09:33:25 GMT
tr-un.unative.com/track/visit/incognito/33db8e77-19c7-4958-9af2-1a888a2a64fd
162.55.0.220200 0 B URL GET HTTP/1.1 tr-un.unative.com/track/visit/incognito/33db8e77-19c7-4958-9af2-1a888a2a64fd
IP 162.55.0.220:443
ASN #24940 Hetzner Online GmbH
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerLet's Encrypt
Subjectunative.com
Fingerprint5C:45:95:F3:E4:7F:3E:45:81:1C:87:CE:0C:E6:E7:1B:C0:B3:8A:35
ValiditySat, 06 May 2023 08:11:27 GMT - Fri, 04 Aug 2023 08:11:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track/visit/incognito/33db8e77-19c7-4958-9af2-1a888a2a64fd HTTP/1.1
Host: tr-un.unative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thenewfling.com/
content-type: application/json;charset=UTF-8
sdk-version: unative/web/150706
Origin: https://thenewfling.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
x-responded-by: cors-support-provider
access-control-expose-headers: set-cookie
access-control-allow-origin: *
access-control-request-headers: origin,accept,content-type,x-requested-with
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 86400
content-length: 0
date: Fri, 26 May 2023 09:33:25 GMT
ocsp.godaddy.com/
192.124.249.22 1.8 kB IP 192.124.249.22:0
Hash 3ad880cf40d9cce3ec780806bff57ffd
f6a6ccda70cfc6bda2f948d422fd13101f0be0aa
0216c328aed44842dd846cdde5169f59333d13e3f4f578db98afac5a5bedfd0c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 26 May 2023 09:33:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 26 May 2023 01:07:26 GMT
Expires: Sat, 27 May 2023 01:07:26 GMT
ETag: "f6a6ccda70cfc6bda2f948d422fd13101f0be0aa"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/favicon.ico
151.101.1.195200 OK 637 B URL GET HTTP/3 thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/favicon.ico
IP 151.101.1.195:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT
File type PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data
Hash f3307a052515a60d66746e23a6643577
a5b634673547884f8a1278594943d4551b53407c
40aae88ad63cb43fdc765222aed3654035d03ea3f4ee37e24a5e9bc2d308a960
GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/favicon.ico HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 637
cache-control: max-age=3600
content-encoding: br
content-type: image/x-icon
etag: "f51b8bc05c1b4c9acf831a82ef85f352141a06f3e60863f027007be9f138c8e5-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:26 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093607.822414,VS0,VE84
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
sdk.unative.com/UNativeSDK.js
185.76.9.16200 OK 17 kB URL GET HTTP/2 sdk.unative.com/UNativeSDK.js
IP 185.76.9.16:443
ASN #60068 Datacamp Limited
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerLet's Encrypt
Subject1058678020.rsc.cdn77.org
Fingerprint3B:5B:FB:88:88:D1:AD:6C:3C:F7:51:90:54:F1:20:72:1A:95:2A:3F
ValidityFri, 07 Apr 2023 21:00:39 GMT - Thu, 06 Jul 2023 21:00:38 GMT
File type ASCII text, with very long lines (17396), with no line terminators
Hash 647c17795b88ec6b0432e10ebebbce67
ae012902de61b37343ed3288b65e07a4f94edb31
12f3ffc2bef3ae11d82ec74d1c21eaf9d7ee389d320b85d8fb00b666a6eefa2c
GET /UNativeSDK.js HTTP/1.1
Host: sdk.unative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 May 2023 09:33:25 GMT
content-type: application/x-javascript
last-modified: Thu, 27 Apr 2023 15:05:30 GMT
etag: W/"43f4-5fa52affcd6e3"
vary: Accept-Encoding, Accept-Encoding
server: CDN77-Turbo
x-77-nzt: AblMCQ33yi//InQKAA
x-77-nzt-ray: c0a4cc288a72b0b9e57c70642f9bb131
x-accel-expires: @1685445315
x-accel-date: 1684408515
x-cache: HIT
x-age: 685090
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ads.traffichunt.com/adv_ret/?adv_pixel_id=861&nid=3>mcb=1479518658
50.17.64.27200 OK 0 B URL GET HTTP/2 ads.traffichunt.com/adv_ret/?adv_pixel_id=861&nid=3>mcb=1479518658
IP 50.17.64.27:443
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerAmazon
Subjecttraffichunt.com
Fingerprint38:A6:CE:AD:A1:64:3D:1A:5F:30:26:ED:6B:E1:5A:EC:ED:2E:11:66
ValidityWed, 01 Mar 2023 00:00:00 GMT - Sat, 26 Aug 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adv_ret/?adv_pixel_id=861&nid=3>mcb=1479518658 HTTP/1.1
Host: ads.traffichunt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 May 2023 09:33:26 GMT
server: nginx
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
set-cookie: new_adx_profile_guid=7ab39552-6685-407a-a96e-13f15de77b8f;Max-Age=7776000;Path=/;SameSite=None; Secure
new_3.adx_rt_0=861;Max-Age=7776000;Path=/;SameSite=None; Secure
new_3.adx_daily_rt_0=861;Max-Age=51993;Path=/;SameSite=None; Secure
new_3.adx_rt_0=861;Max-Age=7776000;Path=/;SameSite=None; Secure
3.adx_daily_rt_0=861; Max-Age=51993; Expires=Fri, 26 May 2023 23:59:59 GMT; Path=/
adx_profile_guid=7ab39552-6685-407a-a96e-13f15de77b8f; Max-Age=7776000; Expires=Thu, 24 Aug 2023 09:33:26 GMT; Path=/
3.adx_rt_0=861; Max-Age=7776000; Expires=Thu, 24 Aug 2023 09:33:26 GMT; Path=/
X-Firefox-Spdy: h2
nextgencounter.com/index.min.js?pk=d22e6e1bbef67e016bac3e7555dfcf6d>mcb=1261619758
0.0.0.0 0 B URL GET nextgencounter.com/index.min.js?pk=d22e6e1bbef67e016bac3e7555dfcf6d>mcb=1261619758
IP 0.0.0.0:0
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index.min.js?pk=d22e6e1bbef67e016bac3e7555dfcf6d>mcb=1261619758 HTTP/1.1
Host: nextgencounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
sdk.unative.com/UNativePageSDKES6.js?v=150706
185.76.9.16200 OK 183 kB URL GET HTTP/2 sdk.unative.com/UNativePageSDKES6.js?v=150706
IP 185.76.9.16:443
ASN #60068 Datacamp Limited
Requested by https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate IssuerLet's Encrypt
Subject1058678020.rsc.cdn77.org
Fingerprint3B:5B:FB:88:88:D1:AD:6C:3C:F7:51:90:54:F1:20:72:1A:95:2A:3F
ValidityFri, 07 Apr 2023 21:00:39 GMT - Thu, 06 Jul 2023 21:00:38 GMT
Size 183 kB (182707 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UNativePageSDKES6.js?v=150706 HTTP/1.1
Host: sdk.unative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 May 2023 09:33:26 GMT
content-type: application/x-javascript
last-modified: Thu, 27 Apr 2023 15:05:30 GMT
etag: W/"2c9b3-5fa52affcd6e3"
vary: Accept-Encoding, Accept-Encoding
server: CDN77-Turbo
x-77-nzt: AblMCQ3rfSz/oG8KAA
x-77-nzt-ray: c0a4cc288a72b0b9e67c7064ec4b5e05
x-accel-expires: @1685446470
x-accel-date: 1684409670
x-cache: HIT
x-age: 683936
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2