146.novitrk2.com/smartlink?mongo_id=6317b1f029ab8720681ca554&mongo_grouped_id=6317a8768ad9ed27611212ba&redirect_url=www.google.com&bot=1&suspicious=1&suspicious_reason=noscript
188.240.52.20302 Found 718 B URL HTTP/1.1 146.novitrk2.com/smartlink?mongo_id=6317b1f029ab8720681ca554&mongo_grouped_id=6317a8768ad9ed27611212ba&redirect_url=www.google.com&bot=1&suspicious=1&suspicious_reason=noscript
IP 188.240.52.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 80e9930e4fe6c03ea93d229dc5846663
227ee543ddd792e5be131adb5c6199051c4d0fba
f704ebcee57a4976c0de460ca65d3c21c5a4bf0f83fd8125aa36057959a17059
GET /smartlink?mongo_id=6317b1f029ab8720681ca554&mongo_grouped_id=6317a8768ad9ed27611212ba&redirect_url=www.google.com&bot=1&suspicious=1&suspicious_reason=noscript HTTP/1.1
Host: 146.novitrk2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Tue, 06 Sep 2022 20:47:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, must-revalidate
Location: https://146.novitrk2.com/smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source=
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkxJb3c0MmFqYmJTelZlaGo3RnptdFE9PSIsInZhbHVlIjoid214aXVrMkJDREsyeEl5ZE5IYUEvMytWMnVqYnBiWnE5ZjM3VzhhOWZ3azJvNFpDOGFtZlQvRVlJSWNOYlMvNDRIbldIVUxqaFJ5ZVFMcElYM1IzQjNtdDMweXA0WS9ycWVGdzMxQ002S0ROUzFXaWplUWZqUkx5K2tQTlVvK0UiLCJtYWMiOiI1MzNkZTc3MzZlMmMyOGViZDRlM2IwNThmNDFhZmE0ODFkODE2NGFjNWUxMjhjNGE4MzlhNGFhZGRjODNjOTNmIiwidGFnIjoiIn0%3D; expires=Tue, 06-Sep-2022 22:47:59 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6Ik42aEd2YXYrUUdYMVM0TEhtdnhQbWc9PSIsInZhbHVlIjoiUjRzOXJ0ckxMdkZhaVh6ZGd1M1Q0Nmp0REF2MStaNmw0MS9DQk94WWNvakltQlNLaWpKWENKZEVEbWhvTEI5L09OdngreTNUSTNXbzZOcGFsUy8zUXNvdzFGMWNoMnpweWdWS0tHY0lxcGZXQ25DdjBFUlo3Um5PRXYvU1hhWDkiLCJtYWMiOiJjMWRlNTYzYjRiYTZiMDUzZTcxMzllNjJjYzBkZGIzMjY5ZDA0MWIzZDk4YTNlNWQyNWM2M2UzOGViNmRmZDg3IiwidGFnIjoiIn0%3D; expires=Tue, 06-Sep-2022 22:47:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 20:04:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dreZviLRWGhjfYZia7VKgzocXawcDJXl7PhM3UR0BeQNzvsywt9lEw==
Age: 2613
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4498
Expires: Tue, 06 Sep 2022 22:02:57 GMT
Date: Tue, 06 Sep 2022 20:47:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: r5dCvTTo_R-mhgtK7H9xn6GRyTh0fexjSNeC8Xng1FmiLlwUCfG5HQ==
age: 70362
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 20:47:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 06 Sep 2022 20:38:18 GMT
Expires: Tue, 06 Sep 2022 20:44:12 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jsqTzIhl5vsBVSerXBbv7IE-8NXCvHX1zjJ75cETDdUqxOztgSp8RQ==
Age: 582
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4921
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 20:48:00 GMT
Last-Modified: Tue, 06 Sep 2022 19:25:59 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /NhAX/XpYTo3Rhjvz9xh1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SlyUVd4T76J6Ro3NHl/QVMFlkZQ=
www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7140371447305732136&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84
51.68.82.147200 OK 5.2 kB URL HTTP/1.1 www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7140371447305732136&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84
IP 51.68.82.147:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3760)
Hash 29eff97055a41a824629b9cf1a9b0c5c
19a02ae0095245d50a699bc7bfc437b0883a1abd
9ae86cab0e5474c68dd46d0f7f12200b9e4fca8016baac4f55b9dc3a9801363a
GET /?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7140371447305732136&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84 HTTP/1.1
Host: www.wewillserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.news-page.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 20:48:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform
m.news-page.net/proc.php?054c71833ae2c5b5aadc35458f89eb1665573b86
99.198.108.195200 OK 1.6 kB URL HTTP/2 m.news-page.net/proc.php?054c71833ae2c5b5aadc35458f89eb1665573b86
IP 99.198.108.195:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3620), with no line terminators
Hash 57568ea7fbeee80fb00789f24e555bca
97fcbecfd8f4fca9595d958c074d4ceea16ed822
2c0ec8faf59f5affdd7e79aaff5aeda16fab370fb3643950334a05838683516a
GET /proc.php?054c71833ae2c5b5aadc35458f89eb1665573b86 HTTP/1.1
Host: m.news-page.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.news-page.net/?utm_term=7140371447305732136&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b380b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b85
Cookie: u=9766bbfbc14d82e25953ca3dde4fffba
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 20:48:00 GMT
content-type: text/html; charset=UTF-8
location: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7140371447305732136&website=4472-bfdf314f-6f01772b&placement=4472
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2
www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7140371447305732136&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=3&eyer=0.6293412759672606&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net
51.68.82.147302 Found 0 B URL HTTP/1.1 www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7140371447305732136&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=3&eyer=0.6293412759672606&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net
IP 51.68.82.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7140371447305732136&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=3&eyer=0.6293412759672606&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net HTTP/1.1
Host: www.wewillserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Tue, 06 Sep 2022 20:48:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=e02eacf20e275ed06aff7ff996f6dcf90906-202209-flb
www.wewillserv.com/favicon.ico
51.68.82.147204 No Content 0 B URL HTTP/1.1 www.wewillserv.com/favicon.ico
IP 51.68.82.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.wewillserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Server: openresty
Date: Tue, 06 Sep 2022 20:48:01 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 87364c21327ffafd16766f59d4e913f9
2933a1cadf77765a2216de1a080fccec24e3ab00
cb85111bc505310aa92e83051fb9a5428f321fad20705e00eaec803abd8e6f5c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CB85111BC505310AA92E83051FB9A5428F321FAD20705E00EAEC803ABD8E6F5C"
Last-Modified: Sun, 04 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9786
Expires: Tue, 06 Sep 2022 23:31:07 GMT
Date: Tue, 06 Sep 2022 20:48:01 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 87364c21327ffafd16766f59d4e913f9
2933a1cadf77765a2216de1a080fccec24e3ab00
cb85111bc505310aa92e83051fb9a5428f321fad20705e00eaec803abd8e6f5c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CB85111BC505310AA92E83051FB9A5428F321FAD20705E00EAEC803ABD8E6F5C"
Last-Modified: Sun, 04 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9786
Expires: Tue, 06 Sep 2022 23:31:07 GMT
Date: Tue, 06 Sep 2022 20:48:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5781
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 20:48:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5781
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 20:48:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5781
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 20:48:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:36:52 GMT
age: 58269
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a87857b93f99eab3118aae97a1c9d22
3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80
97ce11c0e0efe83d6568f173f9235160157c52b4ab4299823d508c072f113ddc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 82081
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bSBSzzRMdrVdoV3Ld8hYWq2AwO7Mswcwa8Tk_AKa44j1SlrFugNqpg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:48:06 GMT
age: 82795
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5540d72831e7e7b9fc287f92c48d9f5e
ec19429fa76d9ad47a0578734b011b530b79ebbf
bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8134
x-amzn-requestid: 5f6027e8-842f-476a-85e5-cc8b848e4567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEoVIAMFuiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7095c29a04d2f5310b1b84c4;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Gf6IGDeM-y_nDO1C3m9xeyAJdkYRe2CN87Pi986A7B1qsjq5p9VkQw==
via: 1.1 d7782b26e589b8e1397d352f4daf0d58.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 07:41:25 GMT
age: 47196
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:42 GMT
age: 82939
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c23179b2131543088771e3fa84ff231
ae50ae4aecd962b698c19f2863857b51cea7fcec
660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8OlwFzmUfQEPeP7pT-g5wRMq0I1jllBnRU0Nxk4kNkcVD_evLZYc7g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:17:51 GMT
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
content-type: image/jpeg
age: 81010
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
perserymanked.com/b12060d5-e9c9-4b85-9eb5-b41285f82634?c1=pubc6e40b4630e64d6d9bfdf8786f3eae96&c2=e4368d18_a371812s
18.158.88.249302 Found 0 B URL HTTP/2 perserymanked.com/b12060d5-e9c9-4b85-9eb5-b41285f82634?c1=pubc6e40b4630e64d6d9bfdf8786f3eae96&c2=e4368d18_a371812s
IP 18.158.88.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b12060d5-e9c9-4b85-9eb5-b41285f82634?c1=pubc6e40b4630e64d6d9bfdf8786f3eae96&c2=e4368d18_a371812s HTTP/1.1
Host: perserymanked.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nihx.mingotime.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 20:48:02 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://olivedinflats.space/redirect?tid=904283&subid=e4368d18_a371812s&puid=w6slertc5o6pksrii9plihoo
pragma: no-cache
set-cookie: b12060d5-e9c9-4b85-9eb5-b41285f82634-v4=PmMGLzk5p0WI-Mu9SjWty8ceOHAaNB7rqb4mLNGsRWI; Max-Age=86400; Expires=Wed, 07-Sep-2022 20:48:02 GMT; Domain=perserymanked.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=RxD7jljDHfXDF%2F%2BqIznsvqMAzPNPCC8zFlBc9TQdZ8OUhria6xBT8DciHB7LpYVUXkaajTngDKW8wxK42jPJ5V59yZM3ezATTuDqB96j88AqYhFb8uy%2FKWX0PcMCrEnNO0qcsBegZiscDAW5LTnklw%3D%3D; Max-Age=31536000; Expires=Wed, 06-Sep-2023 20:48:02 GMT; Domain=perserymanked.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 201b5f7da5b277a4aa40650bba5223bd
386ea309dea4d23893f3f43100a003c0755b97fb
37c987e7c2f39a1c9b9c7b49a070f2751fe40a9e04cc7ac4fcd912796657b1fd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 20:48:02 GMT
Last-Modified: Tue, 06 Sep 2022 19:23:46 GMT
Server: ECS (dcb/7F3A)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: b1l_TPeHNPVZH7ADnJnjgfhhdIhIyvhRbFNbiGhsVZftqPSEnUxrSQ==
Age: 5056
olivedinflats.space/redirect?tid=904283&subid=e4368d18_a371812s&puid=w6slertc5o6pksrii9plihoo
108.157.229.117302 Found 0 B URL HTTP/2 olivedinflats.space/redirect?tid=904283&subid=e4368d18_a371812s&puid=w6slertc5o6pksrii9plihoo
IP 108.157.229.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?tid=904283&subid=e4368d18_a371812s&puid=w6slertc5o6pksrii9plihoo HTTP/1.1
Host: olivedinflats.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nihx.mingotime.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/plain
content-length: 0
location: https://ak.hetartwg.com/4/5235019/?var=904283&ymid=347772623350996400
date: Tue, 06 Sep 2022 20:48:02 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=1b567ffa-50b5-45ff-8809-ebacd9d7cdd2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b7956d91cf1fe016b86fc209319f03ca.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: f0dP6EC0hn3EllFwR8fxx9IEKNUXacBsZoKrJjR9re3FEDSp8GuObQ==
X-Firefox-Spdy: h2
ak.hetartwg.com/4/5235019/?var=904283&ymid=347772623350996400
23.36.77.32200 OK 659 B URL HTTP/2 ak.hetartwg.com/4/5235019/?var=904283&ymid=347772623350996400
IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 155b75264a4430c4ceb22bc899b01255
d57b8fc703597910aa6561ab63651a7727716d92
c5f0f9b846772bcbd47e73a0ad6bcfd1ddb8076d989e5b707a53058b4a9ca47f
Analyzer Verdict Alert quad9 Sinkholed
GET /4/5235019/?var=904283&ymid=347772623350996400 HTTP/1.1
Host: ak.hetartwg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nihx.mingotime.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: cfaaf3e9fddde14b3eca6b88dd8eab46
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://digitaltechnology.co>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-credentials: true
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-origin: *, *
access-control-allow-methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
content-encoding: gzip
expires: Tue, 06 Sep 2022 20:48:02 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 06 Sep 2022 20:48:02 GMT
content-length: 659
vary: Accept-Encoding
set-cookie: OAID=cdc7fcc4c5d3476f86736146cd23d82c; expires=Wed, 06 Sep 2023 20:48:02 GMT; path=/; secure; SameSite=None
oaidts=1662497282; expires=Wed, 06 Sep 2023 20:48:02 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
X-Firefox-Spdy: h2
ak.hetartwg.com/favicon.ico
23.36.77.32204 No Content 0 B URL HTTP/2 ak.hetartwg.com/favicon.ico
IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ak.hetartwg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=cdc7fcc4c5d3476f86736146cd23d82c; oaidts=1662497282
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
expires: Tue, 06 Sep 2022 20:48:03 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 06 Sep 2022 20:48:03 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 912f9a32166cf6d4e458969545df501d
6cecdd7246361b80f2464910ba31ee1f4381ee7d
58d632863a6aab3b308ad380f47595e74120f4495f48e83e89647e4f42533fa3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 20:48:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 06:25:21 GMT
Expires: Mon, 12 Sep 2022 06:25:20 GMT
Etag: "6cecdd7246361b80f2464910ba31ee1f4381ee7d"
Cache-Control: max-age=466036,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746a1032ff85b524-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 6788e692b258d7fb0c99ee69d95f162e
f8e3c86f61eaabbcbf184fb8480342c8455c3f2f
049717e0371eec99b8f3a98c379d55d35288086d34d9726b62a7fdc2f8bb09ee
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 20:48:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 19:17:40 GMT
Expires: Sun, 11 Sep 2022 19:17:39 GMT
Etag: "f8e3c86f61eaabbcbf184fb8480342c8455c3f2f"
Cache-Control: max-age=425975,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746a10330dc20b49-OSL
my.rtmark.net/img.gif?f=merge&userId=cdc7fcc4c5d3476f86736146cd23d82c
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=cdc7fcc4c5d3476f86736146cd23d82c
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=cdc7fcc4c5d3476f86736146cd23d82c HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 20:48:03 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=cdc7fcc4c5d3476f86736146cd23d82c; expires=Wed, 06 Sep 2023 20:48:03 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
digitaltechnology.co/campaign/no/?cid=8&ref=anpa_no&click_id=591119047488443195&source=5235019&rdk=rk1
188.165.202.101200 OK 248 B URL HTTP/1.1 digitaltechnology.co/campaign/no/?cid=8&ref=anpa_no&click_id=591119047488443195&source=5235019&rdk=rk1
IP 188.165.202.101:0
File type HTML document text\012- exported SGML document, ASCII text
Hash 55cba62669692a1422ad7df74392a45a
931484ee22e5b1dbe2b4cd457a17ef1695ced0cf
d7c8182117f5e54912f10173ab28d1faf93f741158dd6bd318b4bc21e60be25b
GET /campaign/no/?cid=8&ref=anpa_no&click_id=591119047488443195&source=5235019&rdk=rk1 HTTP/1.1
Host: digitaltechnology.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 20:48:03 GMT
Server: Apache/2.4.37 (centos)
X-Powered-By: PHP/7.2.24
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: : 1;mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Feature-Policy: self
Set-Cookie: LSW_WEB01=LSW_WEB01; path=/
prod.digitaltechnology.co/consent/request?productId=1176&responseUrl=https%3A%2F%2Fnorway.docubay.com%2F%3Fmsisdn%3D47xxxxxxx&trafficSource=ADV&trxid=381a8a4d698175f92e482a70945b8bd1
151.80.42.60302 0 B URL HTTP/1.1 prod.digitaltechnology.co/consent/request?productId=1176&responseUrl=https%3A%2F%2Fnorway.docubay.com%2F%3Fmsisdn%3D47xxxxxxx&trafficSource=ADV&trxid=381a8a4d698175f92e482a70945b8bd1
IP 151.80.42.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /consent/request?productId=1176&responseUrl=https%3A%2F%2Fnorway.docubay.com%2F%3Fmsisdn%3D47xxxxxxx&trafficSource=ADV&trxid=381a8a4d698175f92e482a70945b8bd1 HTTP/1.1
Host: prod.digitaltechnology.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitaltechnology.co/campaign/no/?cid=8&ref=anpa_no&click_id=591119047488443195&source=5235019&rdk=rk1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 302
Location: http://checkout.sla-alacrity.com/purchase?correlator=D3yeA52hVA2o&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http%3A%2F%2Fprod.digitaltechnology.co%2Fv1%2Fredirect%2Fno%2Ftelnor%3Ftransaction_id%3DD3yeA52hVA2o
Content-Language: en-US
Content-Length: 0
Date: Tue, 06 Sep 2022 20:48:03 GMT
Connection: close
Server: TEST
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: : 1;mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Feature-Policy: self
Set-Cookie: JSESSIONID=D2D776373D1F66853236D19F86F6BE11; Path=/; HttpOnly
LSW_WEB01=LSW_WEB01; path=/
checkout.sla-alacrity.com/purchase?correlator=D3yeA52hVA2o&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http%3A%2F%2Fprod.digitaltechnology.co%2Fv1%2Fredirect%2Fno%2Ftelnor%3Ftransaction_id%3DD3yeA52hVA2o
52.212.47.178302 Found 448 B URL HTTP/1.1 checkout.sla-alacrity.com/purchase?correlator=D3yeA52hVA2o&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http%3A%2F%2Fprod.digitaltechnology.co%2Fv1%2Fredirect%2Fno%2Ftelnor%3Ftransaction_id%3DD3yeA52hVA2o
IP 52.212.47.178:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (448), with no line terminators
Hash 3e73e1de3031cf283f311109d9907d09
5de3db913f9e692ba065df883ab15b364f5443f4
fab430119cecb36ba86bc00f7728f6fcaba41e92c7aa52e9d3baa37cfdb25b79
GET /purchase?correlator=D3yeA52hVA2o&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http%3A%2F%2Fprod.digitaltechnology.co%2Fv1%2Fredirect%2Fno%2Ftelnor%3Ftransaction_id%3DD3yeA52hVA2o HTTP/1.1
Host: checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 06 Sep 2022 20:48:03 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.21.4
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Location: https://checkout.sla-alacrity.com/purchase?correlator=D3yeA52hVA2o&merchant=partner%3Aa0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&redirect_url=http%3A%2F%2Fprod.digitaltechnology.co%2Fv1%2Fredirect%2Fno%2Ftelnor%3Ftransaction_id%3DD3yeA52hVA2o&service=campaign%3Ad078d24ebb8575b50f1090890b2c0c446bb36c30&sla_reference_id=hvOeElSlRqPTtNhPBoNpBIz09gNvyi0HzzQR4vwb7UKcWkKl
Cache-Control: no-cache
X-Request-Id: fac78e85-7f21-455c-b2d9-7ad3fa80a0f5
X-Runtime: 0.015000
X-Trace: 2B9F51910DA04E011ABE4B9D1C4AA1745480E3F095CE5900D28FD00B2200
Vary: Origin
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 4cc0c1e7e478f03e2d4747bfa7ad0a06
c25473f9e6e42533f1b968947dc253d8e1e94f81
551e3470f298a4cc02ecdc459ca85ff6c908f64337194dbd50bdc61acb72d082
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 06 Sep 2022 20:48:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 06 Sep 2022 20:11:23 GMT
Expires: Wed, 07 Sep 2022 20:11:23 GMT
ETag: "c25473f9e6e42533f1b968947dc253d8e1e94f81"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
checkout.sla-alacrity.com/assets/application-228ed6f621ac73231af4457667c9cb17e8c7b6a6db25fe974d7dc1f42e9cc017.css
54.194.67.123200 OK 28 kB URL HTTP/2 checkout.sla-alacrity.com/assets/application-228ed6f621ac73231af4457667c9cb17e8c7b6a6db25fe974d7dc1f42e9cc017.css
IP 54.194.67.123:0
File type ASCII text, with very long lines (34290)
Hash 743bf372f6dba76767d1264bcf629a46
219c7c853c0a06de0775f66a6345aa2280f54465
77029fb1a0810ff27d9a6cc2bcaedcfc98100437a17d27cabd8efa556fa49416
GET /assets/application-228ed6f621ac73231af4457667c9cb17e8c7b6a6db25fe974d7dc1f42e9cc017.css HTTP/1.1
Host: checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://checkout.sla-alacrity.com/sms_pin/msisdn?sid=mkjA4sXmz9Zyk5ooHV5WrB2QsYJlKSmnr3ZyBC8K6Qpjf3VM
Cookie: _session_id=260930aa787f1cceb83e3c3020ff7f44
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 20:48:04 GMT
content-type: text/css
content-length: 27754
server: nginx/1.21.4
last-modified: Tue, 16 Nov 2021 03:30:21 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
checkout.sla-alacrity.com/assets/custom-e73a9457a4fdc0f440359f44625cc634fb7ca48e7a2cc57461fb0fda9b438b01.css
54.194.67.123200 OK 1.1 kB URL HTTP/2 checkout.sla-alacrity.com/assets/custom-e73a9457a4fdc0f440359f44625cc634fb7ca48e7a2cc57461fb0fda9b438b01.css
IP 54.194.67.123:0
File type assembler source, Unicode text, UTF-8 text
Hash 32164a0b4ecbcc8a01d06198a7bb7b2f
a660f9c7f3b74dadb73a7c2f83d324a9c6fa1c15
3f2bbcdb1737b9d05a4d6e4b8bd2fe28c0dc8e865058081aface36fb40ed0c22
GET /assets/custom-e73a9457a4fdc0f440359f44625cc634fb7ca48e7a2cc57461fb0fda9b438b01.css HTTP/1.1
Host: checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://checkout.sla-alacrity.com/sms_pin/msisdn?sid=mkjA4sXmz9Zyk5ooHV5WrB2QsYJlKSmnr3ZyBC8K6Qpjf3VM
Cookie: _session_id=260930aa787f1cceb83e3c3020ff7f44
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 20:48:04 GMT
content-type: text/css
content-length: 1067
server: nginx/1.21.4
last-modified: Mon, 23 May 2022 06:12:06 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
checkout.sla-alacrity.com/assets/application-d702227713005627521eec80b238e4d6cdd52044168665b7ce71a15224364028.js
54.194.67.123200 OK 53 kB URL HTTP/2 checkout.sla-alacrity.com/assets/application-d702227713005627521eec80b238e4d6cdd52044168665b7ce71a15224364028.js
IP 54.194.67.123:0
File type ASCII text, with very long lines (32768)
Hash 015a0ed74a0acf607d1f4c4fafd7f826
52615e895c4cfc127e16c412e5ba13e5b3353ecd
7b98757e0be8f5c7ea11041062b7fbda73dd52d86c3c590890352d2d2d2b454c
GET /assets/application-d702227713005627521eec80b238e4d6cdd52044168665b7ce71a15224364028.js HTTP/1.1
Host: checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://checkout.sla-alacrity.com/sms_pin/msisdn?sid=mkjA4sXmz9Zyk5ooHV5WrB2QsYJlKSmnr3ZyBC8K6Qpjf3VM
Cookie: _session_id=260930aa787f1cceb83e3c3020ff7f44
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 20:48:04 GMT
content-type: application/javascript
content-length: 52846
server: nginx/1.21.4
last-modified: Wed, 20 Jul 2022 05:35:50 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
image.sla-alacrity.com/production/uploads/image/url/strex/Strex-partner-logo-300x188.jpg
54.194.67.123200 OK 26 kB URL HTTP/2 image.sla-alacrity.com/production/uploads/image/url/strex/Strex-partner-logo-300x188.jpg
IP 54.194.67.123:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6], baseline, precision 8, 187x78, components 3\012- data
Hash dbd3059b2d94839d7d3e23b9fa4c391a
96cfe68afe8b9837b924061628e026ba45fecded
e261afd2c0dfb561cbaf988aef982441db2dc07883ec74ba39d80419885247c5
GET /production/uploads/image/url/strex/Strex-partner-logo-300x188.jpg HTTP/1.1
Host: image.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://checkout.sla-alacrity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 20:48:04 GMT
content-type: image/jpeg
content-length: 25708
server: nginx/1.21.4
x-amz-id-2: SLjkn/5LsRjTm0i8XWxHj2I4VMlGg6Z685ZPYe/f8vIaxShr8zzw+falsy2/By5XE8CfrM/kVvo=
x-amz-request-id: 5HGW266RH1D27GYS
last-modified: Fri, 14 Feb 2020 08:12:20 GMT
etag: "dbd3059b2d94839d7d3e23b9fa4c391a"
accept-ranges: bytes
X-Firefox-Spdy: h2
fd.sla-alacrity.com/d513e9e03227.js
54.76.70.49200 OK 8.2 kB URL HTTP/2 fd.sla-alacrity.com/d513e9e03227.js
IP 54.76.70.49:0
File type ASCII text, with very long lines (8244), with no line terminators
Hash 4303a7a3a3f3da86e4ea1eb14e8711c9
c2119971f08572cba6c122f502c4dac00a23748d
b2b8f464b620cdad9531042847daee4b4eda94bd8dfb66b91cc8876654f51b77
GET /d513e9e03227.js HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://checkout.sla-alacrity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 20:48:04 GMT
content-type: application/javascript
content-length: 8244
server: nginx/1.21.4
last-modified: Mon, 15 Aug 2022 06:47:10 GMT
vary: Origin
X-Firefox-Spdy: h2
image.sla-alacrity.com/production/uploads/image/url/517/2a122784ea9334cbaca32da0cfd63315.png
54.194.67.123200 OK 328 kB URL HTTP/2 image.sla-alacrity.com/production/uploads/image/url/517/2a122784ea9334cbaca32da0cfd63315.png
IP 54.194.67.123:0
File type PNG image data, 700 x 1130, 8-bit colormap, non-interlaced\012- data
Size 328 kB (328282 bytes)
Hash 9b375cbf6279298f17213c11247752ef
71a94cb6100805828d7700c71439867a989bcba9
e887d75eb114a4bd36b391b9a5e51a999a61d58490bed249fdac7e851ef7045f
GET /production/uploads/image/url/517/2a122784ea9334cbaca32da0cfd63315.png HTTP/1.1
Host: image.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://checkout.sla-alacrity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 20:48:04 GMT
content-type: image/png
content-length: 328282
server: nginx/1.21.4
x-amz-id-2: y9/TDuLO6m39XvSQcfIrHSDlOhRJ6iGR5SPVVB6RYWEwQetz0F6W7SjN4SXqF1I5Q9igiZ5lXuI=
x-amz-request-id: 5HGH1E32J4KD1F47
last-modified: Sun, 02 Jan 2022 06:10:06 GMT
etag: "9b375cbf6279298f17213c11247752ef"
accept-ranges: bytes
X-Firefox-Spdy: h2
checkout.sla-alacrity.com/assets/favicon.ico
54.194.67.123200 OK 103 kB URL HTTP/2 checkout.sla-alacrity.com/assets/favicon.ico
IP 54.194.67.123:0
File type MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size 103 kB (102586 bytes)
Hash 4a7678ba16953970dda00ab4f2972ba1
87e7e94cc67af8e528783058354c772a176fffa9
cc4ae15c1be65601a931a1983f25044757e4118afbebfca9a4615f4b2ce0a09f
GET /assets/favicon.ico HTTP/1.1
Host: checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://checkout.sla-alacrity.com/sms_pin/msisdn?sid=mkjA4sXmz9Zyk5ooHV5WrB2QsYJlKSmnr3ZyBC8K6Qpjf3VM
Cookie: _session_id=260930aa787f1cceb83e3c3020ff7f44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 20:48:04 GMT
content-type: image/x-icon
content-length: 102586
server: nginx/1.21.4
cache-control: public, must-revalidate
etag: "cc4ae15c1be65601a931a1983f25044757e4118afbebfca9a4615f4b2ce0a09f"
vary: Accept-Encoding, Origin
x-request-id: d11fbb45-9089-42e6-add2-6e72652c4cde
x-runtime: 0.002201
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0efc32eccbf76ac0d89f324d09a7fd1f
f8589eb3907582137d8b9373af745d80eddbf1bb
ee0f5e56c97e50e1c20801ad0a5379982feef16a11137f784f404d14e9c65824
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6482
x-amzn-requestid: 5e5b342b-0224-4916-8656-237b4c90ae66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-5FaYIAMFzjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-412f897b451130af70026eab;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8UExY-3ojiqMEfyXXKG6kJcB5CRiNnfgG5JQS3gWnd4t4bbKNzbsYA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:43 GMT
age: 82945
etag: "f8589eb3907582137d8b9373af745d80eddbf1bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
m.news-page.net/?utm_medium=98774ae3068a24906aeee5af1282751e21ca5683&utm_campaign=mainstream_np&1=3&2={subid}&cid=900873099&np=1
99.198.108.195200 OK 0 B URL HTTP/2 m.news-page.net/?utm_medium=98774ae3068a24906aeee5af1282751e21ca5683&utm_campaign=mainstream_np&1=3&2={subid}&cid=900873099&np=1
IP 99.198.108.195:0
GET /?utm_medium=98774ae3068a24906aeee5af1282751e21ca5683&utm_campaign=mainstream_np&1=3&2={subid}&cid=900873099&np=1 HTTP/1.1
Host: m.news-page.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 20:48:00 GMT
content-type: text/html; charset=UTF-8
location: https://m.news-page.net/?utm_term=7140371447305732136&ver=4viyaptcjo
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=9766bbfbc14d82e25953ca3dde4fffba; expires=Wed, 06-Sep-2023 20:48:00 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.addlnk.com/redirect.css
104.21.20.70200 OK 0 B URL HTTP/2 cdn.addlnk.com/redirect.css
IP 104.21.20.70:0
GET /redirect.css HTTP/1.1
Host: cdn.addlnk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nihx.mingotime.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 20:48:01 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1680
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
x-amz-id-2: BUW6rlWHZvzQnvJHp4gBkVRIGc8DfdhWdOpgruWqMqu7ownlHIapox/IYSueiBqz+QseNtzP+2A=
x-amz-request-id: KYXF7EGSHW20KRRM
cf-cache-status: HIT
age: 4480
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GxzVF%2BiEt9%2F0t0wR1Z1FzbfQkDLsIgUOCDBZG1wbeSpDlVIiye1%2F6tPujv7s4VEt5w2yyqkglALhSOdCKxyB3bGLnk8OWmHYBhUaDMxjaFQB4XZIYmyU9Oxh9ay7ICKug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a102b3e0f0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
checkout.sla-alacrity.com/purchase?correlator=D3yeA52hVA2o&merchant=partner%3Aa0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&redirect_url=http%3A%2F%2Fprod.digitaltechnology.co%2Fv1%2Fredirect%2Fno%2Ftelnor%3Ftransaction_id%3DD3yeA52hVA2o&service=campaign%3Ad078d24ebb8575b50f1090890b2c0c446bb36c30&sla_reference_id=hvOeElSlRqPTtNhPBoNpBIz09gNvyi0HzzQR4vwb7UKcWkKl
54.194.67.123302 Found 0 B URL HTTP/2 checkout.sla-alacrity.com/purchase?correlator=D3yeA52hVA2o&merchant=partner%3Aa0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&redirect_url=http%3A%2F%2Fprod.digitaltechnology.co%2Fv1%2Fredirect%2Fno%2Ftelnor%3Ftransaction_id%3DD3yeA52hVA2o&service=campaign%3Ad078d24ebb8575b50f1090890b2c0c446bb36c30&sla_reference_id=hvOeElSlRqPTtNhPBoNpBIz09gNvyi0HzzQR4vwb7UKcWkKl
IP 54.194.67.123:0
GET /purchase?correlator=D3yeA52hVA2o&merchant=partner%3Aa0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&redirect_url=http%3A%2F%2Fprod.digitaltechnology.co%2Fv1%2Fredirect%2Fno%2Ftelnor%3Ftransaction_id%3DD3yeA52hVA2o&service=campaign%3Ad078d24ebb8575b50f1090890b2c0c446bb36c30&sla_reference_id=hvOeElSlRqPTtNhPBoNpBIz09gNvyi0HzzQR4vwb7UKcWkKl HTTP/1.1
Host: checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 06 Sep 2022 20:48:04 GMT
content-type: text/html; charset=utf-8
location: https://checkout.sla-alacrity.com/sms_pin/msisdn?sid=mkjA4sXmz9Zyk5ooHV5WrB2QsYJlKSmnr3ZyBC8K6Qpjf3VM
server: nginx/1.21.4
x-frame-options: ALLOWALL
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
access-control-allow-origin: *
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
access-control-request-method: *
access-control-allow-headers: *
cache-control: no-cache
x-request-id: f3c0cd39-c8d0-4b6a-aa13-21d1d2734215
x-runtime: 0.061003
x-trace: 2B196E2B1DBEF93B88719BBD04BD126E171C6C47329BBE6E21FF2CA09100
vary: Origin
X-Firefox-Spdy: h2
checkout.sla-alacrity.com/close
54.194.67.123200 OK 0 B URL HTTP/2 checkout.sla-alacrity.com/close
IP 54.194.67.123:0
POST /close HTTP/1.1
Host: checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-CSRF-Token: eKgfto5z8L0Lr48ezgBMX421Pzr3lALPb0kASiMGPAof4GyvIlIY8XEwCiaTF92nWY14tymNSsfEx/8VRNdi0Q==
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 43
Origin: https://checkout.sla-alacrity.com
Connection: keep-alive
Referer: https://checkout.sla-alacrity.com/sms_pin/msisdn?sid=mkjA4sXmz9Zyk5ooHV5WrB2QsYJlKSmnr3ZyBC8K6Qpjf3VM
Cookie: _session_id=260930aa787f1cceb83e3c3020ff7f44
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 20:48:08 GMT
content-type: text/html
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: ALLOWALL
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-request-method: *
access-control-allow-headers: *
cache-control: no-cache
x-request-id: 3b63e833-fcb0-47a6-840b-74a221ac5bc9
x-runtime: 0.009253
x-trace: 2BCA45E4BEAA33AD47F5166B3488A70F268EF8EF3852212D6C2A7D434201
vary: Origin
content-encoding: gzip
X-Firefox-Spdy: h2
146.novitrk2.com/smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source=
188.240.52.20200 OK 0 B URL HTTP/2 146.novitrk2.com/smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source=
IP 188.240.52.20:0
GET /smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source= HTTP/1.1
Host: 146.novitrk2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx/1.19.10
date: Tue, 06 Sep 2022 20:47:59 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6ImhHWWdlT3ZNQjJpbkg3TUp3d0psbUE9PSIsInZhbHVlIjoiZ0FZUnBXZzBSbWNHUFJnSFJhVkE5R1IzdndFTFB4bnF6RDE5aUhvbkd6a0s2akhWU1F3Q0FrbGp0dFhNcEp2Y2xxcE9zTE9jb0VKU3VvZ1FhTktSaW9RNTBYSjFLVDI5dkdxZTBrOFZMK3YyTTFuRzVrY21aQWx6T1ViZ2pLTU4iLCJtYWMiOiJkYjU5N2FlOTMxZmVmZGE5YWFkZDczYWVjOWQzMmUzZTY4ZTQzZmYxZmYwZmEyNTA3ZDNkZGM4NmVhMGJkNGNhIiwidGFnIjoiIn0%3D; expires=Tue, 06-Sep-2022 22:47:59 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6ImpJU251V0d5MnN4QWlVNk1OZmxOTmc9PSIsInZhbHVlIjoiV3pRQ2NVSnJzSVdwZkdtNlZpTFlVRVp0cmIxbWs4STVEWCtPeHdPeU1TR3V4SmRueDFPMDNZTHJ2cUtYWmxyc0FRRzlTanVjMkhIV0Uwd3dpZzgwbmtZU1NINGduL0M4ak53VHhJMWt3S2MrLzdGdkQrT3VBSzFmRVViNWZWcTAiLCJtYWMiOiJkMGFlMjA0MGY3NTcwZjRjOGVjOTdjNzQyYjVhYWRmMThlM2U5MTI0NmU0MDVlNjM5ZmNlNzY0ZjgzMzFlNWVlIiwidGFnIjoiIn0%3D; expires=Tue, 06-Sep-2022 22:47:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
146.novitrk2.com/smartlink-css/6317b1ffa81cfa52f471a7eb
188.240.52.20200 OK 0 B URL HTTP/2 146.novitrk2.com/smartlink-css/6317b1ffa81cfa52f471a7eb
IP 188.240.52.20:0
GET /smartlink-css/6317b1ffa81cfa52f471a7eb HTTP/1.1
Host: 146.novitrk2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://146.novitrk2.com/smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source=
Cookie: XSRF-TOKEN=eyJpdiI6ImhHWWdlT3ZNQjJpbkg3TUp3d0psbUE9PSIsInZhbHVlIjoiZ0FZUnBXZzBSbWNHUFJnSFJhVkE5R1IzdndFTFB4bnF6RDE5aUhvbkd6a0s2akhWU1F3Q0FrbGp0dFhNcEp2Y2xxcE9zTE9jb0VKU3VvZ1FhTktSaW9RNTBYSjFLVDI5dkdxZTBrOFZMK3YyTTFuRzVrY21aQWx6T1ViZ2pLTU4iLCJtYWMiOiJkYjU5N2FlOTMxZmVmZGE5YWFkZDczYWVjOWQzMmUzZTY4ZTQzZmYxZmYwZmEyNTA3ZDNkZGM4NmVhMGJkNGNhIiwidGFnIjoiIn0%3D; novidash_session=eyJpdiI6ImpJU251V0d5MnN4QWlVNk1OZmxOTmc9PSIsInZhbHVlIjoiV3pRQ2NVSnJzSVdwZkdtNlZpTFlVRVp0cmIxbWs4STVEWCtPeHdPeU1TR3V4SmRueDFPMDNZTHJ2cUtYWmxyc0FRRzlTanVjMkhIV0Uwd3dpZzgwbmtZU1NINGduL0M4ak53VHhJMWt3S2MrLzdGdkQrT3VBSzFmRVViNWZWcTAiLCJtYWMiOiJkMGFlMjA0MGY3NTcwZjRjOGVjOTdjNzQyYjVhYWRmMThlM2U5MTI0NmU0MDVlNjM5ZmNlNzY0ZjgzMzFlNWVlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.10
date: Tue, 06 Sep 2022 20:47:59 GMT
content-type: text/css; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IkJOTHlnSHpKMmhna2YvQXB0dUJOMEE9PSIsInZhbHVlIjoiT1dtRzhjRUJVR2N3Z2lmMmVaNzEyMkhDeFgyK3V3L2pPd3pJbFR0eE0vVzR3MzVzeEI4UXVmeFl4aE55bVhBaHdUcDdOanhnWitKanhjdzIyQ1NXZDQzRjV1VW9yU1BwSTNncGpIUFBYNllpaVd3NytZQlhQaW9CcStqT0FEN2EiLCJtYWMiOiI5ZTQ2OWQ4ZDI1Y2IyYjYyNTg1NjVlMWM3YWVjN2RjMmMzOWQ2OWEwZDJiODBhZTFjYTY0YjE4NjZlNjAxNGE4IiwidGFnIjoiIn0%3D; expires=Tue, 06-Sep-2022 22:47:59 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IitDOFdOM0JOSTUxTUI3cUVJV0RQUmc9PSIsInZhbHVlIjoiTmFwcWFSRTRoVlU0VHFmOGRwaWVSRExZVWVaRHJyWUcxWTZnOXR4cW9FMll3by81S2FkbHFxcUZ2Sy9vSHVYZWtRQ0hyQXlIWWpLNDNBdzRlT1dseXQyL0JQQzdmMkhOVnFyV0JjcWs3eUdBS281QThmRWQrQjAwS0x4ZFMxSTciLCJtYWMiOiI2ZDU5MzE0YjJmNWY4MTFkOWNhY2E3ZDIxZjdhZjJmNTI4OTNmYmE5ZTYyOGFjZTRhYzg1NDJkYWQzY2VlYzE0IiwidGFnIjoiIn0%3D; expires=Tue, 06-Sep-2022 22:47:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
146.novitrk2.com/smartlink?mongo_id=6317b1ffa81cfa52f471a7eb&mongo_grouped_id=6317b1ffa81cfa52f471a7ec&redirect_url=https%3A%2F%2Fm.news-page.net%2F%3Futm_medium%3D98774ae3068a24906aeee5af1282751e21ca5683%26utm_campaign%3Dmainstream_np%261%3D3%262%3D%7Bsubid%7D%26cid%3D900873099%26np%3D1&fingerprint=eyJ3ZWJkcml2ZXIiOjAsImhlYWRsZXNzIjowLCJjaHJvbWUiOjAsIm9uTGluZSI6MSwiY29va2llRW5hYmxlZCI6MSwicGx1Z2lucyI6MCwibWltZVR5cGVzIjowLCJzY3JlZW5XaWR0aCI6MTI4MCwic2NyZWVuSGVpZ2h0IjoxMDI0LCJvdXRlcldpZHRoIjoxMjgwLCJvdXRlckhlaWdodCI6MTAyNCwiY29sb3JEZXB0aCI6MjQsImRldmljZU1lbW9yeSI6MCwiaGFyZHdhcmVDb25jdXJyZW5jeSI6MTYsInN0YW5kYWxvbmUiOjAsInRpbWV6b25lIjoiVVRDIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxhbmd1YWdlcyI6WyJlbi1VUyIsImVuIl0sInBsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidG91Y2giOjAsImlmcmFtZSI6MCwiZXZhbCI6MzcsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwib3ZlcnJpZGUiOjEsImR1cmF0aW9uIjo0NH0=&js=1
188.240.52.20302 Found 0 B URL HTTP/2 146.novitrk2.com/smartlink?mongo_id=6317b1ffa81cfa52f471a7eb&mongo_grouped_id=6317b1ffa81cfa52f471a7ec&redirect_url=https%3A%2F%2Fm.news-page.net%2F%3Futm_medium%3D98774ae3068a24906aeee5af1282751e21ca5683%26utm_campaign%3Dmainstream_np%261%3D3%262%3D%7Bsubid%7D%26cid%3D900873099%26np%3D1&fingerprint=eyJ3ZWJkcml2ZXIiOjAsImhlYWRsZXNzIjowLCJjaHJvbWUiOjAsIm9uTGluZSI6MSwiY29va2llRW5hYmxlZCI6MSwicGx1Z2lucyI6MCwibWltZVR5cGVzIjowLCJzY3JlZW5XaWR0aCI6MTI4MCwic2NyZWVuSGVpZ2h0IjoxMDI0LCJvdXRlcldpZHRoIjoxMjgwLCJvdXRlckhlaWdodCI6MTAyNCwiY29sb3JEZXB0aCI6MjQsImRldmljZU1lbW9yeSI6MCwiaGFyZHdhcmVDb25jdXJyZW5jeSI6MTYsInN0YW5kYWxvbmUiOjAsInRpbWV6b25lIjoiVVRDIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxhbmd1YWdlcyI6WyJlbi1VUyIsImVuIl0sInBsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidG91Y2giOjAsImlmcmFtZSI6MCwiZXZhbCI6MzcsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwib3ZlcnJpZGUiOjEsImR1cmF0aW9uIjo0NH0=&js=1
IP 188.240.52.20:0
GET /smartlink?mongo_id=6317b1ffa81cfa52f471a7eb&mongo_grouped_id=6317b1ffa81cfa52f471a7ec&redirect_url=https%3A%2F%2Fm.news-page.net%2F%3Futm_medium%3D98774ae3068a24906aeee5af1282751e21ca5683%26utm_campaign%3Dmainstream_np%261%3D3%262%3D%7Bsubid%7D%26cid%3D900873099%26np%3D1&fingerprint=eyJ3ZWJkcml2ZXIiOjAsImhlYWRsZXNzIjowLCJjaHJvbWUiOjAsIm9uTGluZSI6MSwiY29va2llRW5hYmxlZCI6MSwicGx1Z2lucyI6MCwibWltZVR5cGVzIjowLCJzY3JlZW5XaWR0aCI6MTI4MCwic2NyZWVuSGVpZ2h0IjoxMDI0LCJvdXRlcldpZHRoIjoxMjgwLCJvdXRlckhlaWdodCI6MTAyNCwiY29sb3JEZXB0aCI6MjQsImRldmljZU1lbW9yeSI6MCwiaGFyZHdhcmVDb25jdXJyZW5jeSI6MTYsInN0YW5kYWxvbmUiOjAsInRpbWV6b25lIjoiVVRDIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxhbmd1YWdlcyI6WyJlbi1VUyIsImVuIl0sInBsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidG91Y2giOjAsImlmcmFtZSI6MCwiZXZhbCI6MzcsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwib3ZlcnJpZGUiOjEsImR1cmF0aW9uIjo0NH0=&js=1 HTTP/1.1
Host: 146.novitrk2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJOTHlnSHpKMmhna2YvQXB0dUJOMEE9PSIsInZhbHVlIjoiT1dtRzhjRUJVR2N3Z2lmMmVaNzEyMkhDeFgyK3V3L2pPd3pJbFR0eE0vVzR3MzVzeEI4UXVmeFl4aE55bVhBaHdUcDdOanhnWitKanhjdzIyQ1NXZDQzRjV1VW9yU1BwSTNncGpIUFBYNllpaVd3NytZQlhQaW9CcStqT0FEN2EiLCJtYWMiOiI5ZTQ2OWQ4ZDI1Y2IyYjYyNTg1NjVlMWM3YWVjN2RjMmMzOWQ2OWEwZDJiODBhZTFjYTY0YjE4NjZlNjAxNGE4IiwidGFnIjoiIn0%3D; novidash_session=eyJpdiI6IitDOFdOM0JOSTUxTUI3cUVJV0RQUmc9PSIsInZhbHVlIjoiTmFwcWFSRTRoVlU0VHFmOGRwaWVSRExZVWVaRHJyWUcxWTZnOXR4cW9FMll3by81S2FkbHFxcUZ2Sy9vSHVYZWtRQ0hyQXlIWWpLNDNBdzRlT1dseXQyL0JQQzdmMkhOVnFyV0JjcWs3eUdBS281QThmRWQrQjAwS0x4ZFMxSTciLCJtYWMiOiI2ZDU5MzE0YjJmNWY4MTFkOWNhY2E3ZDIxZjdhZjJmNTI4OTNmYmE5ZTYyOGFjZTRhYzg1NDJkYWQzY2VlYzE0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.19.10
date: Tue, 06 Sep 2022 20:47:59 GMT
content-type: text/html; charset=UTF-8
location: https://m.news-page.net/?utm_medium=98774ae3068a24906aeee5af1282751e21ca5683&utm_campaign=mainstream_np&1=3&2={subid}&cid=900873099&np=1
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IkQvY2JaOXh2TUdoWjVxOWN3YlhidlE9PSIsInZhbHVlIjoiMjh4SkVId0Y1Y3VqSW10dDhLSWlUT2RrV09MUkdmcGRsR0doMVNPUVFoZk1HZzhvbENXNEUxa0RmWE1WejRIOFErL2xsd1FJMyt0VzFITmx0N2hvODlNVWhSblRUV3p6OGF5VUd5WGlSckU1S1Q2bUhtV3JEVkYyQWdlV3luOFEiLCJtYWMiOiJkYTQ5MzdkZTVlMDAwYzIyYmI0MDY5N2VjYTRhNzVmN2I0YzJjMWVlNTQxNDFiYmM0YmVmYjEzM2ZmMGEyZGY4IiwidGFnIjoiIn0%3D; expires=Tue, 06-Sep-2022 22:47:59 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6ImtQU3VieFRPbUZSUGl3UVNEN0lHMWc9PSIsInZhbHVlIjoiTmhXbWtvV1pQVzR6SzFSUUdUL25sZmw3RndCU2ZmZ0pqMDBNZ3lmeW9IR2FMZ1FqalNrcW5KblhsRkc2djJHMUZjcGFSNkgrWStBenZGcndVWkthVWNKMXljZTBMUEhwczUrbkhYbWdEUlAwVlRwZVFMM0I3MnNkdU5NMTZwaFciLCJtYWMiOiI0ZmM5OGE3OTNhY2Y5MmY5OWYyMjQxNzk0OGQ1Mzg5YTcyODhlNWQ1ZGVmMmQ0NWY4MDJmZGQyZTgxMWUyMzM5IiwidGFnIjoiIn0%3D; expires=Tue, 06-Sep-2022 22:47:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
m.news-page.net/?utm_term=7140371447305732136&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b380b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b85
99.198.108.195200 OK 0 B URL HTTP/2 m.news-page.net/?utm_term=7140371447305732136&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b380b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b85
IP 99.198.108.195:0
GET /?utm_term=7140371447305732136&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b380b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b85 HTTP/1.1
Host: m.news-page.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.news-page.net/?utm_medium=98774ae3068a24906aeee5af1282751e21ca5683&utm_campaign=mainstream_np&1=3&2={subid}&cid=900873099&np=1
Cookie: u=9766bbfbc14d82e25953ca3dde4fffba
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 20:48:00 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2
t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=e02eacf20e275ed06aff7ff996f6dcf90906-202209-flb
172.67.132.217200 OK 0 B URL HTTP/2 t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=e02eacf20e275ed06aff7ff996f6dcf90906-202209-flb
IP 172.67.132.217:0
GET /directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=e02eacf20e275ed06aff7ff996f6dcf90906-202209-flb HTTP/1.1
Host: t.bl-easycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 20:48:01 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
set-cookie: checkkeks=1; expires=Wed, 06-Sep-2023 20:48:01 GMT; Max-Age=31536000; path=/; domain=.bl-easycdn.com
eTag=4136eab3c521580343de715cc420cae7; expires=Wed, 07-Sep-2022 20:48:01 GMT; Max-Age=86400; path=/; domain=.bl-easycdn.com
eTag=4136eab3c521580343de715cc420cae7; expires=Wed, 07-Sep-2022 20:48:01 GMT; Max-Age=86400; path=/; domain=.slimspots.com
ck_uniques=1662583680%3A24589-115227; expires=Wed, 06-Sep-2023 20:48:01 GMT; Max-Age=31536000; path=/; domain=.bl-easycdn.com
ck_uniques=1662583680%3A24589-115227; expires=Wed, 06-Sep-2023 20:48:01 GMT; Max-Age=31536000; path=/; domain=.slimspots.com
ck_uniquesPa=1662583680%3A89322; expires=Wed, 06-Sep-2023 20:48:01 GMT; Max-Age=31536000; path=/; domain=.bl-easycdn.com
ck_uniquesPa=1662583680%3A89322; expires=Wed, 06-Sep-2023 20:48:01 GMT; Max-Age=31536000; path=/; domain=.slimspots.com
ck_sys_uniques_3=1; expires=Wed, 07-Sep-2022 20:48:01 GMT; Max-Age=86400; path=/; domain=.bl-easycdn.com
ck_sys_uniques_3=1; expires=Wed, 07-Sep-2022 20:48:01 GMT; Max-Age=86400; path=/; domain=.slimspots.com
u_current_ads_view=89322----; expires=Wed, 07-Sep-2022 20:48:01 GMT; Max-Age=86400; path=/; domain=.bl-easycdn.com
u_current_ads_view=89322----; expires=Wed, 07-Sep-2022 20:48:01 GMT; Max-Age=86400; path=/; domain=.slimspots.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeAyFIHKEqMx32fhMrGFNhxeN6E8kfmnz48hnRVg1MWLYtkxqX2Y0%2BQqQv%2BCizSwE9DLQPhUv05PXJixkTw4ABT8IstN8aRfj%2F6EjE1VdrfqFxPaEpMGET70cg8hdpQ%2FaZqe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a1027cd12b4f9-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
checkout.sla-alacrity.com/sms_pin/msisdn?sid=mkjA4sXmz9Zyk5ooHV5WrB2QsYJlKSmnr3ZyBC8K6Qpjf3VM
54.194.67.123200 OK 0 B URL HTTP/2 checkout.sla-alacrity.com/sms_pin/msisdn?sid=mkjA4sXmz9Zyk5ooHV5WrB2QsYJlKSmnr3ZyBC8K6Qpjf3VM
IP 54.194.67.123:0
GET /sms_pin/msisdn?sid=mkjA4sXmz9Zyk5ooHV5WrB2QsYJlKSmnr3ZyBC8K6Qpjf3VM HTTP/1.1
Host: checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 20:48:04 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.4
x-frame-options: ALLOWALL
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
access-control-request-method: *
access-control-allow-headers: *
etag: W/"0f8692bf6700c310d62f7e7b4a3a2150"
cache-control: max-age=0, private, must-revalidate
set-cookie: _session_id=260930aa787f1cceb83e3c3020ff7f44; path=/; HttpOnly
x-request-id: 04b74724-5155-447b-a16e-373ef0e4dcb0
x-runtime: 0.042223
x-trace: 2B73BDBA69FEA21DB9167F1C293CD1F45C86A320CA645B193F3D19381A00
vary: Origin
content-encoding: gzip
X-Firefox-Spdy: h2