firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 05:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: A8nxhWwEIHXD3oH3vhIFC6TN2pYioowK1HaeDZhLMxSRF3zKPhIpxA==
Age: 1087
app.rewardflux.com/cp/shen/au/reward.html
143.204.55.124200 OK 107 kB URL HTTP/1.1 app.rewardflux.com/cp/shen/au/reward.html
IP 143.204.55.124:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3561)
Size 107 kB (106789 bytes)
Hash 54733259e92c3c831b825dc2fb22877e
b3879ac09bb6a18b0808fd903751c133c39cf7e2
582cecfa0e25455e4a6662dae8f03aeeb802a28335cc6e140c97025672068e17
GET /cp/shen/au/reward.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:46 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UGMOx3T1NEvHkZAXk6mLU03OqGN6mXmnfwmKnaSn9VqozTNhck83gw==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14069
Expires: Wed, 28 Sep 2022 09:28:15 GMT
Date: Wed, 28 Sep 2022 05:33:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LyS1CwxXqQ6IUw_XvMSdPgK_kr8m23P-83oFQIWaDcaDy5shR-aIFg==
age: 72573
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 05:33:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
app.rewardflux.com/cp/_assets/css/fonts.css
143.204.55.124200 OK 619 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/fonts.css
IP 143.204.55.124:0
File type ASCII text, with very long lines (661)
Hash 5fb9a7dbfb872ed15c66f37bef9e8fbf
ca8628021acb78768b4f3dc30dd959b24030bed5
1a306b7143fa4a1ce8cdf7e8aed354bc4a468874e2c7c391294e6152e1394f2d
GET /cp/_assets/css/fonts.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 08:56:04 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:15 GMT
ETag: W/"632d46fb-12c5"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yupl93XzpWbf1Emqh68B7tLJbPQ7w7WahmME6SguVhLiGL-4ZLLV_w==
Age: 74263
app.rewardflux.com/cp/_assets/css/site-console.css
143.204.55.124200 OK 484 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/site-console.css
IP 143.204.55.124:0
Hash 6f3a3804acf36e3741c562be4dd35eb8
8c3403c5c9c990e1b86191fc9be6c8703ccd1830
00caaa3bd383b48779304f28e5019951429fb3144128daf542e7df53f1cd547d
GET /cp/_assets/css/site-console.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 08:56:04 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:15 GMT
ETag: W/"632d46fb-55d"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hUcC5VMsvDzFsOuf-2R1tR2nTambGGEhCM1pFvtk_IDJx0h7Lx24Kg==
Age: 74263
app.rewardflux.com/cp/_assets/css/style.css
143.204.55.124200 OK 3.8 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/style.css
IP 143.204.55.124:0
Hash 8ad8bab9baa61cf991f3fae51a7a8f50
1cc64c931376eb992b8f165181996564a66c9ba0
f44f0f2221e96962383da404405ea1d11e99f20dab22785f29b2724ed86d2e58
GET /cp/_assets/css/style.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 18:30:41 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:15 GMT
ETag: W/"632d46fb-3f02"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dtO4MMGwjqDE3tiWLfgRH-uoHkFCxD1IWIp96jkb92_k1VvFNpUclQ==
Age: 39786
app.rewardflux.com/cp/_assets/css/form.css
143.204.55.124200 OK 1.9 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/form.css
IP 143.204.55.124:0
Hash bd8789e17fb9348917e9d7890b75f179
dc4ea96d1fd20f6cacd2d895ec88f90eb2ab60c8
2118ae07b15cad43d21db798a689fdb6b54f4ef8864bf422487b5c6903f74f71
GET /cp/_assets/css/form.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 18:30:41 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:15 GMT
ETag: W/"632d46fb-29cb"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: H8yt8bfw45qPpXXGRkn2gmhFDBo44sPLZj8r1eCVNjQqa0SpzUWHgg==
Age: 39786
app.rewardflux.com/cp/_assets/css/animate.css
143.204.55.124200 OK 985 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/animate.css
IP 143.204.55.124:0
Hash b71e30c472c05c0ef2911b4e2e78d175
b32efdc4d4527fa446fb1261fddc1b9b69204db0
6601bcb439332acac116612b21aa570fd6ce15729638501bb1a1c62cda6eea0f
GET /cp/_assets/css/animate.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 18:30:41 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:15 GMT
ETag: W/"632d46fb-1ab5"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1dszIBWSZkd6epiQXiDvIPmaPWYjDlT2mm1D2IuCOh7SpjY1Spp72A==
Age: 39786
app.rewardflux.com/cp/_assets/css/modal.css
143.204.55.124200 OK 882 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/modal.css
IP 143.204.55.124:0
Hash 2d3971299b4211890eecbc4a384d42b0
01e9251d22b64d5f465338ceb8aca8ee73aa82cd
117ec6d72ca22980951e5535c431af21c8c130270f5fbe526165668005448775
GET /cp/_assets/css/modal.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 08:56:04 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:15 GMT
ETag: W/"632d46fb-9b7"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: a-OnHUogWtkn8RBG3J14wBz2M1XqVec_bgOunLsCQGxc1IZFa5vl-A==
Age: 74263
app.rewardflux.com/cp/_assets/css/main.css
143.204.55.124200 OK 1.3 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/css/main.css
IP 143.204.55.124:0
Hash e014d7af3d13e31553dd4ec56f8a1ba7
32b1f1ed72dc93af013c7766413cd086a80776c7
8f8bb65fadd780a31f43f1efe89483e183ca8fd0a71dd39615691b6bc828dfd7
GET /cp/_assets/css/main.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 08:56:04 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:15 GMT
ETag: W/"632d46fb-1322"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eOo881Z4ZIsGluIxo4voR_94w2Rv4bldGuVEEPN64KTuH7lyVDSIsg==
Age: 74263
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
151.101.85.229200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (65306)
Hash 57a992194d8a5b4bbd4ade561fd348bb
bb66f00fe168c6df50af51abdededdfceb15c59f
be95ec6ab71f5fa87401a698cb9566490258fa9012bb0e8467920b0f74163a0a
GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 05:33:47 GMT
age: 13145383
x-served-by: cache-fra19136-FRA, cache-bma1648-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23938
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
151.101.85.229200 OK 23 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65299)
Hash 1753c16688d0d51f0b3dc7ed7d4dbc4d
6a4842b3dc99394c6584c203175570ff8737c777
a61044d56003744699349a1ffbd6f85e0c62d4ac59b50d185363dd85d755b5c9
GET /npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 05:33:47 GMT
age: 2712759
x-served-by: cache-fra19170-FRA, cache-bma1648-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23046
X-Firefox-Spdy: h2
app.rewardflux.com/cp/shen/au/css/campaign.css
143.204.55.124200 OK 466 B URL HTTP/1.1 app.rewardflux.com/cp/shen/au/css/campaign.css
IP 143.204.55.124:0
Hash c377ae74f6399f3a6ded59bcc89444cb
8666d9b76f19002b256b58e7f1f0e345d823d892
afe2787641abfe0a473c0d9d9e95ac81ea635119355149eea5a88e495c44f9ae
GET /cp/shen/au/css/campaign.css HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:18 GMT
ETag: W/"632d46fe-558"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 08tcXeQ0kROUeIpF8bqRGh5m1nEh7mL2T14sWBUTqiYFdALeY9nlnw==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c639631a8198a1b324cd150e70a2781f
d13451935cbd2dd9ff58a9c7de58d977ddb7cf9e
c3e3b3949836a25727cec0d963ef223a81cf3d854eacb7020d09718dc0df6936
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5475
Cache-Control: max-age=96031
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 05:33:47 GMT
Etag: "63329b77-1d7"
Expires: Thu, 29 Sep 2022 08:14:18 GMT
Last-Modified: Tue, 27 Sep 2022 06:43:03 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
app.rewardflux.com/cp/_assets/js/responsive.js
143.204.55.124200 OK 454 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/js/responsive.js
IP 143.204.55.124:0
Hash 7a065c83bbffdfcf73ca7e36f0388498
bf1ae261c3826981ae8f4a9dd31fdf632b44b60d
09210cfc575bc762a1f685cd7db2d5369d619d82b78b1fd6ceb2c7159c6725b4
GET /cp/_assets/js/responsive.js HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 18:30:41 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: W/"632d46fc-610"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oaMEzpSQwnoybIqZBqxKik6a6L_gTUFUcH-Mh2l_6BmzgRQ7l9Xnlw==
Age: 39786
app.rewardflux.com/cp/shen/au/js/teaser.js
143.204.55.124200 OK 1.6 kB URL HTTP/1.1 app.rewardflux.com/cp/shen/au/js/teaser.js
IP 143.204.55.124:0
Hash d3a6690594777f29a60ef9f1afcffed4
e8a31cf43df0c1d5453f3e58d2b2a84145aa1080
d5d4a01d5aa2917ca5dfdeffdfd403e7696c4655cc6cac414369a74161e6f5b7
GET /cp/shen/au/js/teaser.js HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:18 GMT
ETag: W/"632d46fe-1c49"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: I4axFShS8MoC4HKMx_TAYNc38GXMQA7VN6ScCdysm5-pG9mqcFnvQg==
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cb600c4fe611e7a9f6e1df50d934375d
afac81b549aade8b7a1ba18e63432036343fdadf
4ac0f690be6e1e0c0f070e8600e05e7c235ba70b4baf3f4e5a35d207b1db168c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4373
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 05:33:47 GMT
Last-Modified: Wed, 28 Sep 2022 04:20:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 577bf0d06bca0efb20937a1a013e6078
eddf28339961f2e618091a8b6d5c10127797a11e
8a2840d8c39d50b7cbc0839ee8049cd291841b678db71e3c1e4bae627f514b62
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 05:33:47 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "B0E5C1DFD328BD56E52801B671A84057C6CAF95F"
Expires: Wed, 28 Sep 2022 16:00:00 GMT
Last-Modified: Wed, 28 Sep 2022 04:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2659
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751a1b323ce0b51e-OSL
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/gsap.min.js
104.17.24.14200 OK 22 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/gsap.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (62252)
Hash 7795b48dff9afc7a54abdd114789a925
f47eddf891b23473693724bcdc3f2e71e67ac72c
88c37a281c166b5962acc2ac30a2a8c46ea1e5474a45ddec9e4495e253a48c58
GET /ajax/libs/gsap/3.6.1/gsap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 05:33:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 22334
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "605c4223-f455"
last-modified: Thu, 25 Mar 2021 07:56:19 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4682959
expires: Mon, 18 Sep 2023 05:33:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cd%2BbQ73b9whYFztslduV3mwWyyTILNCXWT5FPdhMsnO7sg8XHXVZ0PvI2Pr%2FjEHKzTDRz9HEKVww0x63PWFgFJt%2BFXSrJYVG0P9XRHqpeCOpAP%2FSe0UCvIt925TPqp0%2Bm%2FPOwN9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751a1b3229d81c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.rewardflux.com/cp/_assets/js/bootstrap.min.js
143.204.55.124200 OK 15 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/js/bootstrap.min.js
IP 143.204.55.124:0
File type ASCII text, with very long lines (1289)
Hash 3950e56311b67461f182761e67b84d92
adbbb5fd239c963e1eeb98296d992cb75e1e2817
a3a60806c8ab9c87bd11d69f98dd9b0552875a320a3f9699981d86f48ba154d4
GET /cp/_assets/js/bootstrap.min.js HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 08:56:04 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: W/"632d46fc-f2fc"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZqC26y67AtaP6JU003m0uWJPn2zP1XiohtYIk-gvWHuydtO3LhZQDQ==
Age: 74263
app.rewardflux.com/cp/_assets/forms/rewards/au/form.js
143.204.55.124200 OK 1.1 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/forms/rewards/au/form.js
IP 143.204.55.124:0
Hash 1b2de526a6f677537e2c1eccd52f626c
9de99b71e2d2596c00849198fc07895416e5b5fd
add46e78b8e39c2a65fe5b19d566927e9bd253181c922c0ed25fedac8d00a541
GET /cp/_assets/forms/rewards/au/form.js HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: W/"632d46fc-a93"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VoLoXRPOJle-Adb8snmmOD90iE1EZlvkj3S4Y9_cfjAbrsj36LtbFg==
app.rewardflux.com/cp/_assets/js/jquery.min.js
143.204.55.124200 OK 34 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/js/jquery.min.js
IP 143.204.55.124:0
File type ASCII text, with very long lines (1963)
Hash 0dff67a13098a3ec18163af5b0f89337
f86be2c3e78f5c033a5effb7209313596a0e17f0
5a1e7a4bfa5c8d6473509442a814e2da54a6460faa97372d47db2ec0d1277f96
GET /cp/_assets/js/jquery.min.js HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: W/"632d46fc-1b9fc"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p0F9mgJXMBCYTYAo1xS2QWS_gVbH_EYY7M-yu91ZLYDoeaXI6sK5Zw==
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cb600c4fe611e7a9f6e1df50d934375d
afac81b549aade8b7a1ba18e63432036343fdadf
4ac0f690be6e1e0c0f070e8600e05e7c235ba70b4baf3f4e5a35d207b1db168c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4373
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 05:33:47 GMT
Last-Modified: Wed, 28 Sep 2022 04:20:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9119901d0709edad67cc75a78151bce6
b5504fb45c5565af3cc08eda73f12c2ebc9b08ee
12dac717af5a6e7a3ff29b091f0df016988106fe0b69db72f463b73275225582
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12DAC717AF5A6E7A3FF29B091F0DF016988106FE0B69DB72F463B73275225582"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Wed, 28 Sep 2022 11:33:25 GMT
Date: Wed, 28 Sep 2022 05:33:47 GMT
Connection: keep-alive
content2020.qubiqlabs.com/cp/_assets/css/footer.css
34.78.252.25200 OK 1.7 kB URL HTTP/1.1 content2020.qubiqlabs.com/cp/_assets/css/footer.css
IP 34.78.252.25:0
Hash b8c24be466dd044ddc136be9e2ea477e
d05d66fee34a02d193d045ce48493b438d16a271
998ed2817e3c070e9f2d53a3cdaed41f6d12f3101ac63d6d6a561edb075bc52c
GET /cp/_assets/css/footer.css HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Content-Type: text/css
Content-Length: 1652
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 05:41:15 GMT
ETag: "632d46fb-674"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 33a4da91186f60a32b836411035d175d
86119830dc77e39c005c8d19a21c88459b9c6c8b
be10c2280652a58f4cbc59128d96bf69ce2b65c22a5fc2c1ebcd8383f1292c84
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 05:33:47 GMT
Server: ECS (amb/6B91)
Content-Length: 727
app.rewardflux.com/cp/_assets/modals/unsubscribe/en/index.html
143.204.55.124200 OK 6.4 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/unsubscribe/en/index.html
IP 143.204.55.124:0
File type HTML document text\012- exported SGML document, ASCII text
Hash f7d642dd29a5cea981502d3d9a2fb350
d031723e5b17226fe24985a588be655782341bdc
a99cc04cb200478a3594da17e15e26e3ec7054c21d5c6fe1e6bb6498274d1a4a
GET /cp/_assets/modals/unsubscribe/en/index.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 06:06:55 GMT
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CT_IN_289YK--ICWNeRRhGmGVzifiZt7srKS1KGeNZ0S2oSuOcdhHg==
Age: 84412
app.rewardflux.com/cp/_assets/modals/unsubscribe/en/header.html
143.204.55.124200 OK 30 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/unsubscribe/en/header.html
IP 143.204.55.124:0
File type ASCII text, with no line terminators
Hash 1bbdf3fc2578ff5ff8ceae9e7fcfeedd
1d130818d1f719f874a425f564a77697cdcdec44
680a7c81d2efb11a0e72f611150d24ebd6480bba82d226c7bc48b6b70de58573
GET /cp/_assets/modals/unsubscribe/en/header.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 14:55:43 GMT
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hpR-IxuAoYMmQjHGlMAq5176_tM-NO-9TgZfauI5gCnOUpjKrNCATQ==
Age: 52684
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=0711a5d108
172.64.203.28200 OK 887 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=0711a5d108
IP 172.64.203.28:0
File type ASCII text, with very long lines (2774)
Hash 24d1486ba8357d90fe7726713a983f6b
f3aeab887a5a0e7a6a7372197e8e635f1ab283a1
280ed8daaa6c1076e5f83d619dc6e4b6d08fa174d0d801d0f5e36af05397e6fb
GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=0711a5d108 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 05:33:47 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 89033043c124289b2dedc4a7c50bd2e0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C1
x-amz-cf-id: YEpBBJqQif2yhtXrtFModf-y7U3LzKy2R90SLYr8YKuOFZDaX3j_mg==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPetv9D1fHqpVAIITSFeQJ5QYUO%2BIommUPyPJtKxCSqwpo2JBgyOtCtS34EhgfnwekSuS9FPoLRW19qNIAt4mw74oPk5fW3wsJ%2B5l1lFhV4KJouN%2FXk%2BOT3OadSaHFVdHEeDshx73g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751a1b332b9de67c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.rewardflux.com/cp/_assets/modals/terms/reward-terms/au/header.html
143.204.55.124200 OK 91 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/terms/reward-terms/au/header.html
IP 143.204.55.124:0
Hash 0b01c85fef5a1fdf88007a496ce12c38
5d403a9ca03d88243e9dccbe5f5b1a41b0b8b452
3500569aeabea9e551a2f99361ce949bb7b8ec0fceae510372d71f4c80063a4c
GET /cp/_assets/modals/terms/reward-terms/au/header.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SMUvKg_4u8hmfJADRCdmcq1pI5qGqT6rjfI2O937ZrTLH0b4o9PYnQ==
app.rewardflux.com/cp/_assets/modals/privacy/au/index.html
143.204.55.124200 OK 14 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/privacy/au/index.html
IP 143.204.55.124:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (315)
Hash 5305f43f80f3f5419a260d784fef59dc
950addc65a1df336aa81fe2cf04904f6f3d4af2e
af4b59e872231e8fb9421558532fd4b523502f91c67e40c73cbdfaec0d385c69
GET /cp/_assets/modals/privacy/au/index.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Iz9yAbPmbSFOjvyPDBxo8CxKWoWKXMe38RHo-BUlzcA2OjUfuTQlNg==
app.rewardflux.com/cp/_assets/modals/privacy/au/header.html
143.204.55.124200 OK 83 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/privacy/au/header.html
IP 143.204.55.124:0
Hash 9ce832360ceb638b7159a52cbc54fbdc
4c79146fcb9c2ef5692f009b681e953daf334352
5419c781b7c95786fc44583a5ceb0300779537e27b5c2bf37982e31dc9443ffb
GET /cp/_assets/modals/privacy/au/header.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Hho0dCnvBWrWR58qU8k224yP_n4HBHJuJwVGV4UTONCfb2aJgLlvqA==
app.rewardflux.com/cp/_assets/modals/terms/reward-terms/au/index.html
143.204.55.124200 OK 25 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/terms/reward-terms/au/index.html
IP 143.204.55.124:0
File type HTML document, Unicode text, UTF-8 text
Hash 5c3e2cad9b071be6cbfdb3c3b6473e1f
2621917517d6ec0ecdea9930d4c6a72f75fe5e2a
baf6925908dad74d0b1aebc61dcaa57ce054e3126edf54a9dd9a6735f17bccab
GET /cp/_assets/modals/terms/reward-terms/au/index.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7N0T0tuw-fxtmrpScfrfOY-yk05PV-Uy68obccitJKy7I86fxt9JJA==
app.rewardflux.com/cp/_assets/modals/reward-status/en/header.html
143.204.55.124200 OK 91 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/reward-status/en/header.html
IP 143.204.55.124:0
Hash 0b01c85fef5a1fdf88007a496ce12c38
5d403a9ca03d88243e9dccbe5f5b1a41b0b8b452
3500569aeabea9e551a2f99361ce949bb7b8ec0fceae510372d71f4c80063a4c
GET /cp/_assets/modals/reward-status/en/header.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 14:55:44 GMT
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -fJuSjlx_JD9MCx7wK6oDvkfB3ocfplf0nmsWxKAC5Ny1cftyM8xBQ==
Age: 52683
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=0711a5d108
172.64.203.28200 OK 13 kB URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=0711a5d108
IP 172.64.203.28:0
File type ASCII text, with very long lines (60130)
Hash 957c6efaf43bd8e5257dffda1f04dc89
07c603c435192da8b5c4b77a3486a4afbe35b805
02114b71026f69ee133826a32d82c82ca92bd51dccf4735c4dfcc898599616bb
GET /releases/v5.15.4/css/free.min.css?token=0711a5d108 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 05:33:47 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c1efe604ffd79a90be8f4d5002f8e908.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C1
x-amz-cf-id: bgLx2MgW-BFBcIM6CgyonzWq0-VtJdjLE3OqhJurtB597CdEM8hjLA==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4EMGtVxVUdaMtX7iNEzMiDo5aLrLFQT%2FbjdwlXsPsPLwYRn8SFuM1awTfn2jRs9Ofm2%2FKJ1zSj%2BnEMoB30qsMRd73B2evuNJCvkqrH66bVUAjrcb1UqQa88xaeeVaXAVdmdkIsH6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751a1b332ba2e67c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.rewardflux.com/cp/_assets/modals/reward-requirements/au/index.html
143.204.55.124200 OK 4.5 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/reward-requirements/au/index.html
IP 143.204.55.124:0
File type HTML document text\012- HTML document, ASCII text
Hash 680da74bda38dc1998f9108226bbbe37
8a357d3b154671565b2302b1f4fe50ffd1dd9e8b
d52bc131105ce1ac7e876f4662095192864f95999630e568ca589739c6c7115b
GET /cp/_assets/modals/reward-requirements/au/index.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XhEKc8DHdvbVEA2p7iW2u1C6FTSW4eY4Pb6mgviVq6mQ-riZ_EqKhQ==
app.rewardflux.com/cp/_assets/modals/gdpr/en/index.html
143.204.55.124200 OK 1.2 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/gdpr/en/index.html
IP 143.204.55.124:0
Hash 1285f5fc9939a2919dfbd8bfc0a39944
b84a80a3926fb13d198087d746c2149c78af8ba9
21cae204325b89a623319ee934dd1d6905916f63b2b31b3665413376c7fca6aa
GET /cp/_assets/modals/gdpr/en/index.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 14:55:43 GMT
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1VHyEsV1Rc1xMLkKw-eZiaqGwznQT099d6LQ_BMsDPuDeOJyE1A83g==
Age: 52684
app.rewardflux.com/cp/_assets/modals/reward-options/au/header.html
143.204.55.124200 OK 23 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/reward-options/au/header.html
IP 143.204.55.124:0
File type ASCII text, with no line terminators
Hash cde9442dfee623a6474ad8599e26f708
0fe37907156cf1c34c875c9ba14a597179208652
b1b77078662fbdbc853d957986ea079a4dcbb9987883b8c7eafc5b663278a7fc
GET /cp/_assets/modals/reward-options/au/header.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Uy6flLWpkq7K_ncYFa92Zbrn6KZFvZJAIXkAXsABVrAAMJiBS_I2EA==
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 2d8d4b55accbb317ff9d518a536be0ed
d310740057aade77ba35d4b0bf4a7d3a7d79340a
b99b22349e8b8532cf3ddb2599b6599d5e3ae8f76d19e97aa8f4de08ed55755b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 05:33:47 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fV-NMSsMBWJ6hPeahnSrOKWDjl4IuSEHTbNtU2XzEAl-nm7BErC-SQ==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 098c2519ed2c827d6e4233c5e1c2947c
48862bac03a99004cb0d8df2ddc24340cc750e49
593a7db78ad82976f38010d8de36f9fadb08a92e41a352342ff369746b20a71e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593A7DB78AD82976F38010D8DE36F9FADB08A92E41A352342FF369746B20A71E"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13854
Expires: Wed, 28 Sep 2022 09:24:41 GMT
Date: Wed, 28 Sep 2022 05:33:47 GMT
Connection: keep-alive
app.rewardflux.com/cp/_assets/modals/reward-status/en/index.html
143.204.55.124200 OK 6.4 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/reward-status/en/index.html
IP 143.204.55.124:0
File type HTML document text\012- exported SGML document, ASCII text
Hash 15e82b8d80b1fb20d574da1dd863088c
5247c660a33e507f139717f9fdb2e0c535bcf50c
dd9b1eb7be6aa23694536e68771b1b124663f7022ead1eb67f1dbfc0581977e5
GET /cp/_assets/modals/reward-status/en/index.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 14:55:44 GMT
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: epZaMO1Spycce4frLiOLMvis_sflmihDjMk0RePm0LOjz0LFYV_EGg==
Age: 52683
app.rewardflux.com/cp/_assets/modals/reward-options/au/index.html
143.204.55.124200 OK 9.5 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/modals/reward-options/au/index.html
IP 143.204.55.124:0
Hash f3c66997042c001744f56198ba57b72d
d5c0d9b98e812dbfeada94947548871ba196c102
215ab416e3938e8a1a0ce83aa86b47568a7a654d90f4a70ad35c8f36ead6923b
GET /cp/_assets/modals/reward-options/au/index.html HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oLxBKDjdDtpZ23YAprclxlwXSo3jbzx7Mu-sNkcTSi1AUCFyJy861g==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d50eacccaece69133c74d3912298cb69
588791d4d92f42db112bc2a2a3365238c9d80d3d
9f82dbc0864a12dc80382a2e16c78ec7ae00722a7821ceb478ee15d5791c0620
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9F82DBC0864A12DC80382A2E16C78EC7AE00722A7821CEB478EE15D5791C0620"
Last-Modified: Mon, 26 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21553
Expires: Wed, 28 Sep 2022 11:33:00 GMT
Date: Wed, 28 Sep 2022 05:33:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 05:29:33 GMT
Expires: Wed, 28 Sep 2022 06:16:31 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YQjBJObJSip0pietqcX4rklN3YtPwOV0zGYUmHNazpifgftbOZRJzg==
Age: 254
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 2d8d4b55accbb317ff9d518a536be0ed
d310740057aade77ba35d4b0bf4a7d3a7d79340a
b99b22349e8b8532cf3ddb2599b6599d5e3ae8f76d19e97aa8f4de08ed55755b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 05:33:47 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Wxazy9HdrCp2qEKHW8W7Gw-K3KcZ59usqBlpOf0JnTUoAu6cZBmC6Q==
cdn.formulead.com/p/626a73a389f5f12b71b50d1a/p.js?aff_offer_id=1
34.78.252.25200 OK 426 kB URL HTTP/1.1 cdn.formulead.com/p/626a73a389f5f12b71b50d1a/p.js?aff_offer_id=1
IP 34.78.252.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 426 kB (426232 bytes)
Hash 34d8a7538ec15455cfb65e4af5ebf47b
f261e8474f4ff985cffe22106ef8feefe015dbd2
980e8758c22123e14fbbb468c03103ac6e2fa1b47e6915cfa1d50f2c9a46fbc5
GET /p/626a73a389f5f12b71b50d1a/p.js?aff_offer_id=1 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
set-cookie: lid=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
plc=626a73a389f5f12b71b50d1a; Path=/; Expires=Fri, 27 Sep 2024 05:33:47 GMT; Secure; SameSite=None
qst.sid=s%3ASNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D.L%2FkAWZu9bhTdzCqxeqjJA1nQS0%2B4BNb0mh%2Fat2QQKkk; Path=/; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4847
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 05:33:47 GMT
Last-Modified: Wed, 28 Sep 2022 04:13:00 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
app.rewardflux.com/cp/_assets/images/testimonials/comment4.jpg
143.204.55.124200 OK 1.2 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/comment4.jpg
IP 143.204.55.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 913bb67af3bc63f06e7a2fa80682356a
3f39e585a7f37c53917d6a98e7817e4214675b79
0462489c1723b118eb41d03adff516882c96a32799c9156169add41bad78438b
GET /cp/_assets/images/testimonials/comment4.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1216
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 06:06:52 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-4c0"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dWwSb2zY6DsiuqSh0y2PizmIbm0vTDeNPfLfSZGK2B0ibo-VPotDTw==
Age: 84415
app.rewardflux.com/cp/_assets/images/elements/travel.png
143.204.55.124200 OK 10 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/travel.png
IP 143.204.55.124:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 301c027030830391c1ab228340975dd3
d6e3659fa428a2c35e13f46190c720b5cfbb857f
6e38e27da952d1934bcf8c8d63a6ba812916de3b8ed2ed516c64d3986c0c6cc2
GET /cp/_assets/images/elements/travel.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 10472
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 06:06:52 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-28e8"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KAFQLTm6UhMTMf1ugBZrCNxsRy04cKDMTKRKqFhr6owwzZV11Apy_g==
Age: 84415
app.rewardflux.com/cp/_assets/images/icons/lineal_color/survey.png
143.204.55.124200 OK 10 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/icons/lineal_color/survey.png
IP 143.204.55.124:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 0d13e743d44cdbb969f2dbf84a5bacdf
e4a2a3fb79e6ce963201dd9f84fdb3171ef51723
c6f952b3270e17c81070e3df208cd4b4b75178183d2c0de920482ee032ebca76
GET /cp/_assets/images/icons/lineal_color/survey.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 10433
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 03:14:06 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-28c1"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 46hIBF9F72PBu4fNVmNGgC4rKt33KPU9KyJkUY2wJKfyBapxwjOkog==
Age: 8381
content2020.qubiqlabs.com/fonts/Poppins/poppins-v19-latin-regular.woff2
34.78.252.25200 OK 8.2 kB URL HTTP/1.1 content2020.qubiqlabs.com/fonts/Poppins/poppins-v19-latin-regular.woff2
IP 34.78.252.25:0
Hash 00464d22c93abd2ce44fadc8d7c0e751
1122e016a5c3c179a444c5b9657cf41e66078c5a
cb73921750d23d0c89f0f6fee31855bb5349f404c49b7d3b8d940c94db6fec19
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Poppins/poppins-v19-latin-regular.woff2 HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Content-Type: application/octet-stream
Content-Length: 7884
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 05:41:28 GMT
ETag: "632d4708-1ecc"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
uk.earnyourswag.com/media/y3ipgjsc/checked.svg
51.104.28.72200 OK 1.2 kB URL HTTP/1.1 uk.earnyourswag.com/media/y3ipgjsc/checked.svg
IP 51.104.28.72:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4190ac1189db82bcbe4eddaa6a7908d7
be00ad6f13a8dcb16d7c3447c293b663e0c986dd
2cf7d25f0e20d80e39ccc8f2d2d4fc80e534583aaa741924921e86511648c27d
GET /media/y3ipgjsc/checked.svg HTTP/1.1
Host: uk.earnyourswag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 1153
Content-Type: image/svg+xml
Date: Wed, 28 Sep 2022 05:33:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1d8b07798e26081"
Last-Modified: Mon, 15 Aug 2022 07:21:12 GMT
Set-Cookie: ARRAffinity=ce191300a22334fcd7df4840ad2810e48c88730820dfca407a77954990f78ec4;Path=/;HttpOnly;Secure;Domain=uk.earnyourswag.com
ARRAffinitySameSite=ce191300a22334fcd7df4840ad2810e48c88730820dfca407a77954990f78ec4;Path=/;HttpOnly;SameSite=None;Secure;Domain=uk.earnyourswag.com
X-Powered-By: ASP.NET
app.rewardflux.com/cp/shen/au/images/background.jpg
143.204.55.124200 OK 81 kB URL HTTP/1.1 app.rewardflux.com/cp/shen/au/images/background.jpg
IP 143.204.55.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2075x1467, components 3\012- data
Hash 4bc4c6160a0849369368414d9d0e798e
53b6dec4da48309c54a570c279ff7dc7d19a8286
a0fa840943358dfb5fa801fad6d7966ce59b367b050524ad18eb09199092ae01
GET /cp/shen/au/images/background.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/css/campaign.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 80934
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:18 GMT
ETag: "632d46fe-13c26"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IZzEJii7TWFk7Aht2DUHNtqLHJ-B4eHcFmoU04x2yx3x0n-GRuEaeQ==
app.rewardflux.com/cp/_assets/images/logo/logo_rw.png
143.204.55.124200 OK 35 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/logo/logo_rw.png
IP 143.204.55.124:0
File type PNG image data, 3528 x 624, 8-bit colormap, non-interlaced\012- data
Hash a36a6a04a16c8d92d26d310dffc4a6ca
d6607dcedb1caa750b5ce78fd4e9482a8213d07b
cb83dc4e3793c614b99c499fd8422e636e0e6eeb9edd5a9d3ce7de88bff039a3
GET /cp/_assets/images/logo/logo_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 34804
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 06:06:51 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-87f4"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LxTpfTdjtrMddimcFCjtDW8oslzME6NeMQPfH00loONHt11HYkGlQg==
Age: 84416
app.rewardflux.com/cp/_assets/images/elements/gambling.png
143.204.55.124200 OK 12 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/gambling.png
IP 143.204.55.124:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 808dde3e5014377e239c3f1fdea38a16
6cf7e3a976fd2215478b506e8a453605fb3a1e8c
a6fa96d7faddb32096447d7352683f7d0cd644a206bc311086846b3cb2bef530
GET /cp/_assets/images/elements/gambling.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11663
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 06:06:52 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-2d8f"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bpgpS-g3fRxX_KrJbDeOGhaIVwi1ngTkD-sRbgNMfhJj8Um7Po-yJw==
Age: 84415
app.rewardflux.com/cp/_assets/images/elements/money.png
143.204.55.124200 OK 9.5 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/money.png
IP 143.204.55.124:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 527c87a27c4c03a874d2fe492978389e
2049852057e59cf7ba59ef7a2fc9ed79be9ebaa6
47dd4681a3f5da86180136c4c2ed65d7f51b8f071c7744d6375d79dc2cd24120
GET /cp/_assets/images/elements/money.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 9486
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 03:14:06 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-250e"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yUTaYay1N_OxfbLh-CKQxb2oD2Eks5jztUxRRH_ljff32EzRuglRlg==
Age: 8381
app.rewardflux.com/cp/_assets/images/elements/booking.png
143.204.55.124200 OK 8.5 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/booking.png
IP 143.204.55.124:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 77c56f73e677a570c51d1aef0fd5e8ac
2da32e66ba0717b34f996f81bbbd151a56010c9f
6314fc372724e6775fea09be629eb50ada5fc12c6191176fdeed191607f6b478
GET /cp/_assets/images/elements/booking.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 8526
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 06:06:52 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-214e"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -7VKY6mPrzQxkTyNwC1oOG2ADTH1Xicdm5oYDzr8FnzROFAtwuLvbg==
Age: 84416
app.rewardflux.com/cp/shen/au/images/prize_rw.png
143.204.55.124200 OK 68 kB URL HTTP/1.1 app.rewardflux.com/cp/shen/au/images/prize_rw.png
IP 143.204.55.124:0
File type PNG image data, 701 x 510, 8-bit colormap, non-interlaced\012- data
Hash 9b9826c741ebc7dfdcfc8cf6fb3b571b
296f311d38bb41b2165cb08e3a2e81d4e1983091
f0d8b0cbe229eb5f648450326364f49470898475e37e79a156af4713393393e9
GET /cp/shen/au/images/prize_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 68500
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:18 GMT
ETag: "632d46fe-10b94"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: i2Tlm7ALHHpiMXrehkUoIaM5oBC-5qxTQP2Omnjv3_BHlS1gqz7Ryg==
app.rewardflux.com/cp/_assets/images/icons/lineal_color/binoculars.png
143.204.55.124200 OK 15 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/icons/lineal_color/binoculars.png
IP 143.204.55.124:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 2f0f6e336314181d95e18db1e74d7c43
58b7bb35f340743da51225b7bd1f42afe890624d
b17013523f4094527c7533d6db4e28070b909bff5c180225b1a2dbf0d3dfcaae
GET /cp/_assets/images/icons/lineal_color/binoculars.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 14809
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 03:14:06 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-39d9"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _q0ZmnUDe_aLcskK9MI7knzGy-rbbuckLYw88jJOU7_1cS4PX0sh_A==
Age: 8382
app.rewardflux.com/cp/_assets/images/icons/lineal_color/present.png
143.204.55.124200 OK 6.4 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/icons/lineal_color/present.png
IP 143.204.55.124:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 397fe1961f39b65d3fe1f895bb84d016
531e4aac17e08fd5ba63124b1a08a1e99a11edb4
edd84f1a9dc6e540264b50343eef31b174d50e7869c3e8b8a537404a70b2fae7
GET /cp/_assets/images/icons/lineal_color/present.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6431
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 06:06:52 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-191f"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: U2S1hvuUjijKcWOLRrhU_TcsTTXnPqfVdL65QjAIPICZk0AIxRXKfQ==
Age: 84416
app.rewardflux.com/cp/_assets/images/elements/slots.png
143.204.55.124200 OK 6.9 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/slots.png
IP 143.204.55.124:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 2892c2c441888b2377e5c488ffb4b848
b977bb9a7b08bf9f864dead8457294fdc0aa3e85
df95454012a58e737fe58086b53c21bfc637b2ca799c51c1b2fcc85d3506f102
GET /cp/_assets/images/elements/slots.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6919
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 06:06:52 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-1b07"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kA1AUc_c645xhG0A_OrwQND-GZgP4tq_wGlwfRpjWiVUMg1w3zTmgg==
Age: 84416
app.rewardflux.com/cp/_assets/images/testimonials/guy4.jpg
143.204.55.124200 OK 1.5 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/guy4.jpg
IP 143.204.55.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 1d784b793786d1355bae03728b4a2408
651e21f9efb765c6dde2e427806715a77f57bad8
8cd58f8e201de30bda5f2d19e8cebbb81512c47c0cbca0b23847fd0494ee3951
GET /cp/_assets/images/testimonials/guy4.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1543
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 06:06:52 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-607"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pvu2Q0muuKu-0RhEFjgo_hqaM3OAKdgXvgkEa04i2CuEaesPQGvXkA==
Age: 84416
app.rewardflux.com/cp/_assets/images/elements/open-box.png
143.204.55.124200 OK 7.4 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/elements/open-box.png
IP 143.204.55.124:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash a340027de036b2365bea4b3911daae95
c636049702ac129ac00e9d559a8749015c886b7f
1815bc09bdce9c26d12ffb8be16db619092719960b04aac289685d5dbb3eeef4
GET /cp/_assets/images/elements/open-box.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 7410
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 03:14:06 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-1cf2"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WSl1vWnSGoDAChAyT36z5pBADX1_NPYZYbqCxw09faiV7LAgoWlZJA==
Age: 8382
app.rewardflux.com/cp/_assets/images/testimonials/comment8.jpg
143.204.55.124200 OK 1.2 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/comment8.jpg
IP 143.204.55.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 4bc4bb8a43aea3578af4a4cffc1ea983
276c96f4d6d1bdf03381d33c92323ca71e795aae
490adcb33271e416d05908764cad72e1f8b6571d0d8b77998633e675c975e344
GET /cp/_assets/images/testimonials/comment8.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1160
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 06:06:52 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-488"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ah4_m6b7jYfsUWBYyQewIcgDqJmhhE4IhcXg-r5W941qkZKbecglDQ==
Age: 84416
app.rewardflux.com/ssi/elements/base/check.png
143.204.55.124200 OK 348 B URL HTTP/1.1 app.rewardflux.com/ssi/elements/base/check.png
IP 143.204.55.124:0
File type PNG image data, 35 x 35, 8-bit colormap, non-interlaced\012- data
Hash 1aecb247e31cfe8ecdf4c1a30fd32799
8ca486751ab6c31c1acaa7868ee26f7d5dd98f83
9f15d5a161e11ec46c3474002d4ae27144633b19413b3ad8608ce11eefb810ad
GET /ssi/elements/base/check.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 348
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 06:06:52 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:56 GMT
ETag: "632d4724-15c"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zAdByn2T7c601VT3DTS8dwWHK0e0r-NT0lIEi8ZReAQXQ4Sc-Kpgdg==
Age: 84416
app.rewardflux.com/cp/shen/au/images/header_image.png
143.204.55.124200 OK 20 kB URL HTTP/1.1 app.rewardflux.com/cp/shen/au/images/header_image.png
IP 143.204.55.124:0
File type PNG image data, 300 x 200, 8-bit colormap, non-interlaced\012- data
Hash 650b82f8a22f097cd9b8c674fb104555
ce83471550ff3d8a8644e4ec659c861260f97668
f97fa9cfc359c536e4c11e8bc1c08e530e60dbedf8c04c4e3616bac886315857
GET /cp/shen/au/images/header_image.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 20012
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:48 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:18 GMT
ETag: "632d46fe-4e2c"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FtYQKKeNvSuOagV93SRQvz8WtXLtur6dzKXJYgn5wu2o8NdR8emk_g==
app.rewardflux.com/cp/_assets/images/testimonials/comment1.jpg
143.204.55.124200 OK 1.3 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/comment1.jpg
IP 143.204.55.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 093fed1d47a10f89959d1f6cd17b52b8
ba69754a4820b3ae6e4474ee79f5dac3418d37b4
2ccfbb9753d2fe5aff12dff442d2afb8016c28643390fc9b8d2d3f4061cad388
GET /cp/_assets/images/testimonials/comment1.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1300
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:48 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-514"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Z8eO4DltQaf53O4GQ3Bm4oAx_qsPWrlw5-6cr3C8EGIMXKz5Lk4XzQ==
app.rewardflux.com/cp/shen/au/images/header_rw.png
143.204.55.124200 OK 7.9 kB URL HTTP/1.1 app.rewardflux.com/cp/shen/au/images/header_rw.png
IP 143.204.55.124:0
File type PNG image data, 1068 x 143, 8-bit colormap, non-interlaced\012- data
Hash 54961b9aaa2aa1255c9c62370bc9e8ff
00792ece27b54665b0b18f1b94677dbb0e19e90b
4509f4a69b832a579094d9e3878f3a77471c2f5d5027ca03ac6f67207e7a7057
GET /cp/shen/au/images/header_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 7850
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:48 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:18 GMT
ETag: "632d46fe-1eaa"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9_9iBjrSoK2vytxjv2OenFMEiY_gWqqyRHvdMgE0nFBPvVqtFENTDg==
app.rewardflux.com/cp/_assets/images/road_loader/checked.svg
143.204.55.124200 OK 512 B URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/road_loader/checked.svg
IP 143.204.55.124:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 5207f8e02658822f0610471768eef257
5f18addee2db1f9c6371066ca5896ad94e46884b
ff61914b39d0f76d58c6e39e093d56c08cf988e30f79d9811d29661f632a0cf7
GET /cp/_assets/images/road_loader/checked.svg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Wed, 28 Sep 2022 03:40:56 GMT
ETag: W/"632d46fc-456"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sWAxp2ig26iOUzFhV3Y30WiijHfZ2draCirbsJt6rBDdOmG-tNtmbg==
Age: 6772
app.rewardflux.com/cp/_assets/images/testimonials/comment7.jpg
143.204.55.124200 OK 1.3 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/testimonials/comment7.jpg
IP 143.204.55.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 79adad5e2afb433b71b3e85407c3ded4
9955b24502b2060826904d1bbca563c4f8956e7d
571d268926cbe49bcc347e5685307169bd263895209b777f083e16e5523b5de3
GET /cp/_assets/images/testimonials/comment7.jpg HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1337
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 06:06:52 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-539"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5Pv4-6fyfLsEpwBgI1ENesFHDr4k7FDgj_Y0bCzm891IFUvmZ16lJw==
Age: 84416
app.rewardflux.com/cp/shen/au/images/header-wap_rw.png
143.204.55.124200 OK 6.6 kB URL HTTP/1.1 app.rewardflux.com/cp/shen/au/images/header-wap_rw.png
IP 143.204.55.124:0
File type PNG image data, 760 x 113, 8-bit colormap, non-interlaced\012- data
Hash a57a0e0df3f540817f9944fbc8751c26
9603f98e92edab8f3c65e10bd06c85be43b2e8cb
e4c18da9071d2459e299b3cd03bfe46d033da32065739ff6f344e00b8ea91650
GET /cp/shen/au/images/header-wap_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6628
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:48 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:18 GMT
ETag: "632d46fe-19e4"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QZVK3Sqr2WJHslP6s9VIzcnt0tsX8cGNyoFSe8Tm--soNmhrQDKesw==
app.rewardflux.com/cp/shen/au/images/prizemob_rw.png
143.204.55.124200 OK 32 kB URL HTTP/1.1 app.rewardflux.com/cp/shen/au/images/prizemob_rw.png
IP 143.204.55.124:0
File type PNG image data, 550 x 201, 8-bit colormap, non-interlaced\012- data
Hash b659a5bb84e4f49807b0bfb8b575aaeb
a66363fca2a96904596745d7fa52b64bda3c7d2a
dfc3c8cd256f5a4a40237f7888d2d3be897ca2af159c5eefe38773f4027db882
GET /cp/shen/au/images/prizemob_rw.png HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 32086
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:48 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:18 GMT
ETag: "632d46fe-7d56"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qUsf_ZHDxV7X1oXhVatmteIr14Eruyr9-E9RoQXssZelsWVQm_7t1Q==
app.rewardflux.com/cp/_assets/images/favicon/favicon.ico
143.204.55.124200 OK 15 kB URL HTTP/1.1 app.rewardflux.com/cp/_assets/images/favicon/favicon.ico
IP 143.204.55.124:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 360c6446288d4278c0c6598f14e33211
187e40e5ab056456f0b49b52b425e70c8f0a86a3
fbbe3016634bf0bb643c407a9a4e3b676362e9e0a1eb25dd3e8e3d898fbb6c1e
GET /cp/_assets/images/favicon/favicon.ico HTTP/1.1
Host: app.rewardflux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://app.rewardflux.com/cp/shen/au/reward.html
HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 15406
Connection: keep-alive
Server: nginx/1.19.0
Date: Tue, 27 Sep 2022 06:07:03 GMT
Last-Modified: Fri, 23 Sep 2022 05:41:16 GMT
ETag: "632d46fc-3c2e"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3Mboa4GwED0xqQ5cVJF28fG1RFgGVFw4sTGCFmLIMuhr5xJceBZnpQ==
Age: 84405
push.services.mozilla.com/
52.27.12.161101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.27.12.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lcwpNyhGE8fKhKKOBX05qg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UBKr5lRDZ2gPU0VfLevdVG5FRMM=
d25m05rhmo2ok7.cloudfront.net/microsite_picture/843d5f48-ee99-476c-a3ac-6111d3ab7235/secure1.png
143.204.42.73200 OK 3.2 kB URL HTTP/2 d25m05rhmo2ok7.cloudfront.net/microsite_picture/843d5f48-ee99-476c-a3ac-6111d3ab7235/secure1.png
IP 143.204.42.73:0
File type PNG image data, 140 x 60, 8-bit colormap, non-interlaced\012- data
Hash 7154d5a363fcfa8553caabf2998c98f2
d6880dce09104e5a5316f6663d7a72852d7b2a2f
6fa1996e350236b3b2427804baff4672e991bb1ee942cd749b62f43134c81369
GET /microsite_picture/843d5f48-ee99-476c-a3ac-6111d3ab7235/secure1.png HTTP/1.1
Host: d25m05rhmo2ok7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 3217
date: Wed, 28 Sep 2022 05:33:49 GMT
x-amz-replication-status: COMPLETED
last-modified: Fri, 24 Aug 2018 07:47:53 GMT
etag: "7154d5a363fcfa8553caabf2998c98f2"
x-amz-version-id: y8wr51Nn.xPOMxliMD7.WPL_irWBZeZA
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XMaf3e6RG9dylSoHy9wOQNd0v8bXNnZYzWjrsy6oaUdtqojuDvpuMw==
X-Firefox-Spdy: h2
cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D&aff_offer_id=1&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fshen%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fshen%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fshen%2Fau%2Freward.html&stp=1&feed_type=initial
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D&aff_offer_id=1&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fshen%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fshen%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fshen%2Fau%2Freward.html&stp=1&feed_type=initial
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D&aff_offer_id=1&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fshen%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fshen%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fshen%2Fau%2Freward.html&stp=1&feed_type=initial HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-iivmxswc,x-request-id,x-session-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:48 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
d25m05rhmo2ok7.cloudfront.net/microsite_picture/b2ec14f6-5b50-4da0-ba50-8655fed5211a/secure3.png
143.204.42.73200 OK 3.0 kB URL HTTP/2 d25m05rhmo2ok7.cloudfront.net/microsite_picture/b2ec14f6-5b50-4da0-ba50-8655fed5211a/secure3.png
IP 143.204.42.73:0
File type PNG image data, 140 x 60, 8-bit colormap, non-interlaced\012- data
Hash 49ce47d7b75cd4c9ebf33a96ad588834
d331bf5584e6f00961942b7ce693093bfae7ea48
7c33a402486be20064bb9b175a03957ecbc0e7ad71ebb3b9887c22222412a1ff
GET /microsite_picture/b2ec14f6-5b50-4da0-ba50-8655fed5211a/secure3.png HTTP/1.1
Host: d25m05rhmo2ok7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2961
date: Wed, 28 Sep 2022 05:33:49 GMT
x-amz-replication-status: COMPLETED
last-modified: Fri, 24 Aug 2018 07:47:54 GMT
etag: "49ce47d7b75cd4c9ebf33a96ad588834"
x-amz-version-id: nEi6ItVcFl1vrhE0svFWvt_pZtgq2mnn
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sdmTuiSkJdjEdhSr45BNJ4euDDXuWtCzDy3xd1OVuXdzkaqWE96aOg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 05:33:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d25m05rhmo2ok7.cloudfront.net/microsite_picture/9f4bd660-852c-494c-afba-1dadfe10f1fe/secure2.png
143.204.42.73200 OK 2.9 kB URL HTTP/2 d25m05rhmo2ok7.cloudfront.net/microsite_picture/9f4bd660-852c-494c-afba-1dadfe10f1fe/secure2.png
IP 143.204.42.73:0
File type PNG image data, 140 x 60, 8-bit colormap, non-interlaced\012- data
Hash 7730bc66025ca4d800d235089631ff10
b09ea5503764c03fecb0022af532e4ffa6d33be1
e9846a5c43ea69813d973e44146575a5ef3a76616f7c22c5c163b7bcf82bfea9
GET /microsite_picture/9f4bd660-852c-494c-afba-1dadfe10f1fe/secure2.png HTTP/1.1
Host: d25m05rhmo2ok7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2916
date: Wed, 28 Sep 2022 05:33:49 GMT
x-amz-replication-status: COMPLETED
last-modified: Fri, 24 Aug 2018 07:47:54 GMT
etag: "7730bc66025ca4d800d235089631ff10"
x-amz-version-id: p92_7RAnaYT0eeH5mIk71qybMVBNbFvu
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QaSwN6BCFosldbIkkM1mWM9bLXTUHcBgwMWYf-TYfBXB2SaIHSeLjA==
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
142.250.74.164200 OK 586 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash bafc18d30c743925dbcca01193099c3b
d0cb99688d03295c921d0c8029ffa00b722fb76c
78a7eac670353fceb777791ec2bb853d281a09b8dc52a905686dc08927db945a
GET /recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu- HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 28 Sep 2022 05:33:48 GMT
date: Wed, 28 Sep 2022 05:33:48 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 05:33:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D&aff_offer_id=1&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fshen%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fshen%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fshen%2Fau%2Freward.html&stp=1&feed_type=initial
34.78.252.25200 OK 5.7 kB URL HTTP/1.1 cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D&aff_offer_id=1&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fshen%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fshen%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fshen%2Fau%2Freward.html&stp=1&feed_type=initial
IP 34.78.252.25:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (25525), with no line terminators
Hash d3060268699d9e961f3c47bd02394b6d
a830f3d15f8f0d4812e1538478afa00439b1dfb1
c51a80aa32a8335197986cc277707d1fac1f6b9c01bf1c0e09e73f9da189c6a9
GET /p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D&aff_offer_id=1&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fshen%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fshen%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fshen%2Fau%2Freward.html&stp=1&feed_type=initial HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D.L/kAWZu9bhTdzCqxeqjJA1nQS0+4BNb0mh/at2QQKkk
X-Request-Id: f39b87f4669344e5c3486390
X-iivmxswc: 39f7abf5ff450bce79720d96c2842f8330f7dbbb948aafc57cd9a08cb5addb53
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=626a73a389f5f12b71b50d1a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:48 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: stp=1; Path=/; Expires=Fri, 27 Sep 2024 05:33:48 GMT; Secure; SameSite=None
ck_tsp=2022-09-28T05%3A33%3A48.506Z; Path=/; Expires=Fri, 27 Sep 2024 05:33:48 GMT; Secure; SameSite=None
sip=91.90.42.154; Path=/; Expires=Fri, 27 Sep 2024 05:33:48 GMT; Secure; SameSite=None
ETag: W/"6485-MmT5005TIdPYvsJqN/9fP5fYa9M"
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12371
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:33:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12371
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:33:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12371
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:33:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12371
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:33:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12371
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:33:49 GMT
Connection: keep-alive
cdn.formulead.com/css/main.min.css
34.78.252.25200 OK 7.5 kB URL HTTP/1.1 cdn.formulead.com/css/main.min.css
IP 34.78.252.25:0
Hash ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
GET /css/main.min.css HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:47 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Accept-Ranges: bytes
Cache-Control: public, max-age=2678400
Last-Modified: Thu, 22 Sep 2022 14:21:52 GMT
ETag: W/"b20df-18365938c00"
Vary: Accept-Encoding
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 07f06c54e3b1431203308e4134e7efcb
e26e7e4f7c67d680f0c2d0fa84dcb77ffbef6a49
2814f21c6a21623c189163672867272eb24f754d3d22a8285349e5dd9f6b49f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10031
x-amzn-requestid: 0ac9a228-b6ce-4695-b269-f6a5ba959576
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4HTsoAMF8dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-1d1cacef2608d5820b2bc1b1;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: HKSCXbOStqMfD92WWwpkNF1l9euR9RkHTo2boSKqhPAunGl2u_YGlg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:48 GMT
age: 28021
etag: "e26e7e4f7c67d680f0c2d0fa84dcb77ffbef6a49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 9f410158-cd1a-45a9-9e86-4005b25577e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4Hw7oAMFpAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-70683c681f22a3b6103fcb4a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l9IinQYCcQV_iymSArIEnOWgbmLlmVqz94402zcsmga5Bp3Sty7QRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:49 GMT
age: 28380
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59163c799f3d48e74abdd285ee615119
883e61d46ef6c09013724aa7b8f560272ee08574
e1bafc575ff4274b210bee481a8e73c065de5bc14ddf46c269ef91eda0df8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8621
x-amzn-requestid: 5a828651-41c2-4aa0-931d-6522098a8438
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASUWEYvIAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffdb5-5ace75523a98a9237fabca8f;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:05:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _r1yeWUGcjSAzmlPcqiZrNgOGrGb29Dxgrz3AOm9oU0-wgHy7axiKw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:40:36 GMT
age: 78793
etag: "883e61d46ef6c09013724aa7b8f560272ee08574"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43d7c0db2af42ad4d0095324b2691f6c
1a1139cff14aff6755b9e43ff4ef8c9ece1102c1
42073c84e0c215109b54ab55a53cce9e6cce44f4619f5988fa4e2776ff70b362
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9780
x-amzn-requestid: 9938422e-12cd-4aab-9e58-c26b8fee53b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UOH3DoAMFZRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-37105d923f19437025abec71;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Halsx09hxT_sMRc2jy-fJA0tE85F6Bgz9P9Trx02Z9aMfIZVLkLW4g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:11:14 GMT
age: 26555
etag: "1a1139cff14aff6755b9e43ff4ef8c9ece1102c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d039db0b842a4cbbaefdaab98bc6722b
78b1a603c4f7f2d6fbad15d7a4cd1397554339e9
65a3c7b0515cfd2a723f3bc3147cb98f3dd75ce1ecfce915c7c8e9ba5ae0bf2d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14018
x-amzn-requestid: fb0f02e7-1ce0-4861-9446-13d60df06f24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xSEhCIAMFWkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-79f482493d204a1208fad00f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZAov4fpWAjIBhHfeYEwu39wJTG58HnW7ebekpIoNSgA7PLIs5b7sSg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:09:19 GMT
age: 26670
etag: "78b1a603c4f7f2d6fbad15d7a4cd1397554339e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.formulead.com/v/reverse-dns-lookup
34.78.252.25200 OK 88 B URL HTTP/1.1 cdn.formulead.com/v/reverse-dns-lookup
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9e040edd17bb2e1b8595c5bca9c3781a
cb57e3f304d455c0b252e6a05bc0e55814c8c553
56c21491b74b93d01b73e9f45bde0ad2c392e0b4afbe710b7c324c7c090178e0
GET /v/reverse-dns-lookup HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=626a73a389f5f12b71b50d1a; stp=1; ck_tsp=2022-09-28T05%3A33%3A48.506Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:49 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 88
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"58-y1fj8wTUVcCyUuagW8DlWBTIxVM"
set-cookie: qst.sid=s%3Apb1ftoSBdG9GGcNmY-bmRsZpC9kyGfoT.UJku7lGkgJ5R73XsMeeGJqeVnJiNZ57HrlOUdpNykXU; Path=/; HttpOnly
Vary: Accept-Encoding
cdn.formulead.com/v/fingerprint-cache?vl_fp=293c4ae45796181754e835201e3b50fc&vl_fp_cljs=803716228
34.78.252.25200 OK 110 B URL HTTP/1.1 cdn.formulead.com/v/fingerprint-cache?vl_fp=293c4ae45796181754e835201e3b50fc&vl_fp_cljs=803716228
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bad7f8dd7c7e0222df76f8164f37d7f0
e6f37c1e21f83b5e26660d2beee029c5fdfdf447
c167a02d8d16558f88713a894be5587558e1876b822e73e1a9eef21815bd233f
GET /v/fingerprint-cache?vl_fp=293c4ae45796181754e835201e3b50fc&vl_fp_cljs=803716228 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=626a73a389f5f12b71b50d1a; stp=1; ck_tsp=2022-09-28T05%3A33%3A48.506Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:49 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 110
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"6e-5vN8HiH4O14mZg0r7uApxf399Ec"
set-cookie: qst.sid=s%3ADHCpvHQtwmWdUy-zs_i0yjlLXm4DTqBF.FKizvYNX2IEShxAISR4pl8m4TsiQLW34gkK3Ex9rPGU; Path=/; HttpOnly
Vary: Accept-Encoding
content2020.qubiqlabs.com/fonts/myriad-pro/MyriadPro-Regular.woff
34.78.252.25200 OK 52 kB URL HTTP/1.1 content2020.qubiqlabs.com/fonts/myriad-pro/MyriadPro-Regular.woff
IP 34.78.252.25:0
File type Web Open Font Format, CFF, length 51572, version 0.0\012- data
Hash 6a324f29ef3efabd2176f8b697ad71ed
dd696f0c713eb491c6e16bec9fda63f3f23999ba
6d64c461708b8f11e06451c96779d22fc2b8de582214c77493ecc57c32ede06e
Analyzer Verdict Alert fortinet Phishing
GET /fonts/myriad-pro/MyriadPro-Regular.woff HTTP/1.1
Host: content2020.qubiqlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:49 GMT
Content-Type: application/font-woff
Content-Length: 51572
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 05:41:28 GMT
ETag: "632d4708-c974"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 05:33:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D&aff_offer_id=1&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fshen%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fshen%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fshen%2Fau%2Freward.html&stp=1&feed_type=full
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D&aff_offer_id=1&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fshen%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fshen%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fshen%2Fau%2Freward.html&stp=1&feed_type=full
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D&aff_offer_id=1&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fshen%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fshen%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fshen%2Fau%2Freward.html&stp=1&feed_type=full HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-iivmxswc,x-request-id,x-session-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:49 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (826)
Size 158 kB (158248 bytes)
Hash db1b5789e9915e9c82f5df92e5982980
2e193e502995501c85f45fd89d9f83707a7f9573
db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 198474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 05:33:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.formulead.com/t/errors
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/t/errors
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/errors HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:49 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/t/errors
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/t/errors
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/errors HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D.L/kAWZu9bhTdzCqxeqjJA1nQS0+4BNb0mh/at2QQKkk
Content-Type: application/json
Content-Length: 148
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:49 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 12:31:58 GMT
expires: Sun, 24 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 320511
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 00:48:31 GMT
expires: Sat, 23 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 449118
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/z0grl55ygx
172.64.169.3200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/z0grl55ygx
IP 172.64.169.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /register/event_log/z0grl55ygx HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 05:33:49 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: http://app.rewardflux.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaC8aL3Aop8NTqPW8EpdoLYON03G3YRcOa0WEevGLs%2BmoSaWx%2BeBDFTJIVg8lbFbOOvP7%2FMIQ8MHbFYxvmZK%2Fab0BN319J5CsaRYVQRFcThbx9k4VzA6%2Fy%2FtNtAKXLomy2qGfSld6DkmjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751a1b40b8597314-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/z0grl55ygx
172.64.169.3200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/z0grl55ygx
IP 172.64.169.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/z0grl55ygx HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://app.rewardflux.com/
Content-type: application/json
Origin: http://app.rewardflux.com
Content-Length: 103
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 05:33:49 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: http://app.rewardflux.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnCBnhhgkBWtiqFVvKLQ0rJp6tMEJ1qCBu0k7%2F7%2BETfIxzSeQmTCbeGjnSgAV4yBBjFvgVgw0v0FnOFKZWbKUA9H4GBnAitHQapaxGFkMnC3FTU1FliVSsYVppzWS6rmdK%2BS%2F6qUzj6TFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751a1b41d90c7314-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.formulead.com/v/recaptcha3?token=03AIIukzhQ6gbJo1_VHjZQ_EUVPs9vockDH0xmFLhEKvq9zNFH-C91ypSJ5mZbCOxeq0WA2rB_3AmuaNKIOpHOuNnusQISK7Xk9ghGi1-965NIccv6KESThQi_eYJFahvGeQxhX-FFnSVLwi3M2DXXD8EhKqW8JUzXC9fyKsprOFBM_Ojf3Qg5rfQkr4RB7GwnzP29wtHO-5clhzt1Uo0jfmx0D2Pz8O5Wad6mJ1ne3itTIyPO_UWkoH98y0Dw6zQwpO0o6qdmEZa6vkcQutXJAzvAQDmp8-kaDYQjBTeiJRGm1vNC0LX8BrcVYOKwpCccqBvSz2VtM70_DFKWpCDlULyx433EJ0Lwy1CiTOKvlyW780xWlnJxRK1Ykf1VltG8lEbraeDH2uq_-CESyzeDfcJeOi_lqMK8ky9fnGLBzehM6lSuvJrb5emjJGNcFEAHD3CJ-ENJcpkhD8DgjxhfqmUF0IvuDPsXljZn3tPEjBvnG3u5KEa7HqAXLThtREZWf7rU8IQpeLnc&step=1
34.78.252.25200 OK 165 B URL HTTP/1.1 cdn.formulead.com/v/recaptcha3?token=03AIIukzhQ6gbJo1_VHjZQ_EUVPs9vockDH0xmFLhEKvq9zNFH-C91ypSJ5mZbCOxeq0WA2rB_3AmuaNKIOpHOuNnusQISK7Xk9ghGi1-965NIccv6KESThQi_eYJFahvGeQxhX-FFnSVLwi3M2DXXD8EhKqW8JUzXC9fyKsprOFBM_Ojf3Qg5rfQkr4RB7GwnzP29wtHO-5clhzt1Uo0jfmx0D2Pz8O5Wad6mJ1ne3itTIyPO_UWkoH98y0Dw6zQwpO0o6qdmEZa6vkcQutXJAzvAQDmp8-kaDYQjBTeiJRGm1vNC0LX8BrcVYOKwpCccqBvSz2VtM70_DFKWpCDlULyx433EJ0Lwy1CiTOKvlyW780xWlnJxRK1Ykf1VltG8lEbraeDH2uq_-CESyzeDfcJeOi_lqMK8ky9fnGLBzehM6lSuvJrb5emjJGNcFEAHD3CJ-ENJcpkhD8DgjxhfqmUF0IvuDPsXljZn3tPEjBvnG3u5KEa7HqAXLThtREZWf7rU8IQpeLnc&step=1
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d83daf417551f79b196723f8c41ea66c
85756d2bbddf9ee1546246daa4f7db19ab568c51
ff9ea335bf238af610138b24b0b685ca916dc667771ae73c2528d376291e681a
GET /v/recaptcha3?token=03AIIukzhQ6gbJo1_VHjZQ_EUVPs9vockDH0xmFLhEKvq9zNFH-C91ypSJ5mZbCOxeq0WA2rB_3AmuaNKIOpHOuNnusQISK7Xk9ghGi1-965NIccv6KESThQi_eYJFahvGeQxhX-FFnSVLwi3M2DXXD8EhKqW8JUzXC9fyKsprOFBM_Ojf3Qg5rfQkr4RB7GwnzP29wtHO-5clhzt1Uo0jfmx0D2Pz8O5Wad6mJ1ne3itTIyPO_UWkoH98y0Dw6zQwpO0o6qdmEZa6vkcQutXJAzvAQDmp8-kaDYQjBTeiJRGm1vNC0LX8BrcVYOKwpCccqBvSz2VtM70_DFKWpCDlULyx433EJ0Lwy1CiTOKvlyW780xWlnJxRK1Ykf1VltG8lEbraeDH2uq_-CESyzeDfcJeOi_lqMK8ky9fnGLBzehM6lSuvJrb5emjJGNcFEAHD3CJ-ENJcpkhD8DgjxhfqmUF0IvuDPsXljZn3tPEjBvnG3u5KEa7HqAXLThtREZWf7rU8IQpeLnc&step=1 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=626a73a389f5f12b71b50d1a; stp=1; ck_tsp=2022-09-28T05%3A33%3A48.506Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:50 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 165
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"a5-hXVtK73fnuFUYkbapPfbGatWjFE"
set-cookie: qst.sid=s%3ADP_MnUbJP568JT6sPqH2KtMPRKTYtBao.Y3OumlsgA2N8S1dTozBKMxH7kQPz28OlMsAZ6noZWvw; Path=/; HttpOnly
Vary: Accept-Encoding
cdn.formulead.com/t/page
34.78.252.25200 OK 2 B IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/page HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:50 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D&aff_offer_id=1&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fshen%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fshen%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fshen%2Fau%2Freward.html&stp=1&feed_type=full
34.78.252.25200 OK 27 kB URL HTTP/1.1 cdn.formulead.com/p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D&aff_offer_id=1&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fshen%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fshen%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fshen%2Fau%2Freward.html&stp=1&feed_type=full
IP 34.78.252.25:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (65266), with no line terminators
Hash b50124efc7648661005caab4495b4f7a
6ed2d642e0b4d1d4223c9f430983845cdc859e0d
3e61fca99f89135b0af38647e9ef8cb044811d2ee44ba29f08463279fe7391ce
GET /p/626a73a389f5f12b71b50d1a/feed?sc_domain=app.rewardflux.com&cl_ip=91.90.42.154&qb_placement_id=626a73a389f5f12b71b50d1a&qb_offer_id=631ba319c04dabe56fc7d6cb&qb_flow_id=631ba319c04dabe56fc7d6cb&qb_vendor_id=576309b368f48b0100f7082f&qb_country=AU&ql_session_id=SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D&aff_offer_id=1&sc_url=http%3A%2F%2Fapp.rewardflux.com%2Fcp%2Fshen%2Fau%2Freward.html&sc_campaign_page=reward.html&sc_campaign_path=%2Fcp%2Fshen%2Fau%2F&sc_campaign_domain=http%3A%2F%2Fapp.rewardflux.com&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fcp%2Fshen%2Fau%2Freward.html&stp=1&feed_type=full HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D.L/kAWZu9bhTdzCqxeqjJA1nQS0+4BNb0mh/at2QQKkk
X-Request-Id: f39b87f4669344e5c3486390
X-iivmxswc: 39f7abf5ff450bce79720d96c2842f8330f7dbbb948aafc57cd9a08cb5addb53
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Cookie: plc=626a73a389f5f12b71b50d1a; stp=1; ck_tsp=2022-09-28T05%3A33%3A48.506Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:51 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: stp=1; Path=/; Expires=Fri, 27 Sep 2024 05:33:49 GMT; Secure; SameSite=None
ck_tsp=2022-09-28T05%3A33%3A49.382Z; Path=/; Expires=Fri, 27 Sep 2024 05:33:49 GMT; Secure; SameSite=None
sip=91.90.42.154; Path=/; Expires=Fri, 27 Sep 2024 05:33:49 GMT; Secure; SameSite=None
ETag: W/"31b64-LouFBPmUxui6OUdgZw4EOCqEQRw"
Vary: Accept-Encoding
Content-Encoding: gzip
cdn.formulead.com/t/page
34.78.252.25200 OK 16 B IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/page HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:SNvcvdqoXjPeVUgbrAyzcUfQ6Lk549_D.L/kAWZu9bhTdzCqxeqjJA1nQS0+4BNb0mh/at2QQKkk
Content-Type: application/json
Content-Length: 116
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 28 Sep 2022 05:33:53 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://app.rewardflux.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
st.formulead.com/assets/js/bioep.min.js
54.230.111.123200 OK 0 B URL HTTP/2 st.formulead.com/assets/js/bioep.min.js
IP 54.230.111.123:0
GET /assets/js/bioep.min.js HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Wed, 28 Sep 2022 04:26:38 GMT
etag: W/"6329dbed-14c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KH_c8DsjX64xourM9ihRm49GdkmsQF5QSbyhW2GFhUtJkNmjsczrEw==
age: 8765
X-Firefox-Spdy: h2
st.formulead.com/assets/img/spinner/puff.svg
54.230.111.123200 OK 0 B URL HTTP/2 st.formulead.com/assets/img/spinner/puff.svg
IP 54.230.111.123:0
GET /assets/img/spinner/puff.svg HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Wed, 28 Sep 2022 05:33:47 GMT
etag: W/"6329dbed-5b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x01EtEoeJYRup61hntGoLlUj1MNw7QNOHGB5ir6jXa_tqPu_D6aX9Q==
age: 5309
X-Firefox-Spdy: h2
trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=app.rewardflux.com
172.64.168.3200 OK 0 B URL HTTP/2 trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=app.rewardflux.com
IP 172.64.168.3:0
GET /scripts/push/script/z75dnkdk4q?url=app.rewardflux.com HTTP/1.1
Host: trk-consulatu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 05:33:49 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lID2mfWcPLDSvsztUZJH49BsvtcJ2DJoZPm7c3DuPoADeZpY5A7WplFNCJkPF0Lex98WHpUmFOQ%2FEYLsN6GoHErX4B%2BZ8d5vCZ5XHdiizm1zM5McnLV6aoTkUVth5XtqawiDtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751a1b3f892571da-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/1744f3f671.js
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/1744f3f671.js
IP 172.64.133.15:0
GET /1744f3f671.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 05:33:47 GMT
content-type: text/javascript
x-amz-id-2: 6d0LmXxusvBARq0h0Bd7VLhSMKaxkrHswapPAG4xpRO+fQB1qR8avqc+aqCjXgia10+1chHLyXc=
x-amz-request-id: BTBC9FT0JTWAGVFY
last-modified: Wed, 30 Jun 2021 17:02:42 GMT
etag: W/"8be700ece8699a7c3f7a870ee2840cdf"
cache-control: max-age=1800
cf-cache-status: HIT
age: 1062
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSL63rBIpamdnc2feTJ09fwYXXC0tcS1cE9STEdE60uaWDW3jULNyeEOXXb%2FfYEmRGnnCk79aYauQDU44QRhv%2F3La5YrDUEt3f6lyWHnHINCOE%2BiM1SutcMjyJYGCg2Qs9JfuQMl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751a1b31feba75c6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kit.fontawesome.com/0711a5d108.js
104.18.23.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/0711a5d108.js
IP 104.18.23.52:0
GET /0711a5d108.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://app.rewardflux.com
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 05:33:47 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxjvWNxV_o56j2asU6JC
cf-cache-status: MISS
server: cloudflare
cf-ray: 751a1b322db7b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
st.formulead.com/assets/js/dl_modified.js
54.230.111.123200 OK 0 B URL HTTP/2 st.formulead.com/assets/js/dl_modified.js
IP 54.230.111.123:0
GET /assets/js/dl_modified.js HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 27 Sep 2022 08:24:04 GMT
etag: W/"6329dbed-132f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M_Ng8H9Zij7n-_QbN1_BMgCz_rrHnnCljMY-PPpv3pNKifEHciAYiA==
age: 76185
X-Firefox-Spdy: h2
st.formulead.com/assets/js/helpers.js
54.230.111.123200 OK 0 B URL HTTP/2 st.formulead.com/assets/js/helpers.js
IP 54.230.111.123:0
GET /assets/js/helpers.js HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://app.rewardflux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Wed, 28 Sep 2022 04:26:38 GMT
etag: W/"6329dbed-fefc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D7w1TQpcKxNUzEsSEne7avw3n0uK91VGFLgv8ChP5bHhPoGfugEpkQ==
age: 11607
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=0711a5d108
172.64.203.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=0711a5d108
IP 172.64.203.28:0
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=0711a5d108 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://app.rewardflux.com/
Origin: http://app.rewardflux.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 05:33:47 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7dc4dc0842848b027020e8c90aa3042c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C1
x-amz-cf-id: wPyZtVqiOb4JWa9ZsA5l9QBDt_C9qVzkG8Jg3o46X9tb3dfQXRxKOQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xeilC7gyen%2BP7yaVOuhjnWG4epLMPumZ3fYYYTW%2Fojkti%2BDbh%2BEZP19ypYY9Xq5p6qOEkfiLyNPwhQiXsGzU%2FyNBkZ%2FyRDPR51uNHr8ZI1igBHyxBhd6krLmIQoqLmZ3gEWWtsIj8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751a1b332b9fe67c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2