nelion.me/njqcy0q792hb/x_Esther.zip.html
188.114.97.1200 OK 8.7 kB URL HTTP/1.1 nelion.me/njqcy0q792hb/x_Esther.zip.html
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2972)
Hash ba4da378cdc9678c7b5c59c76b8ff5dc
da6c8d071f9f3bbfb86e9871ac7c5a0611bf565c
70651e50a3935203a9526a9973f28c3d07a0073291f47625637d9750eca33e92
GET /njqcy0q792hb/x_Esther.zip.html HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 10:59:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 14 Dec 2022 10:57:47 GMT
Set-Cookie: lang=english; domain=.nelion.me; path=/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIMqwkrDX03oXTMWiQ3xinxoJnn2cAsN1wWDxw3wtKOEcvzDAPDXgZ%2B%2FAQt%2F29tatW4wjfBX9hh1BA2behXwaStvW%2Bmxq%2FBx27u1xJOU3Bp1%2FKdPga%2F8uLB5azs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779eab3f6bd2b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 4a5e9bc8b7891ac5f4552c29bcbaedb0
39735081eeb64eae477c61c1147daeb68fb37b22
c465efaf205ff2992af02c16187ca14a658cd5335b892903374f3adab32a8cd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C465EFAF205FF2992AF02C16187CA14A658CD5335B892903374F3ADAB32A8CD9"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5534
Expires: Thu, 15 Dec 2022 12:31:31 GMT
Date: Thu, 15 Dec 2022 10:59:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 381442da2a14cb93770f4c8f6e19d35b
31c48467751e2450a63004c57eea0c7872023eaf
61b0985f47033bd7020ab3b8cdcbc6c17be6ab9b6feba69e006088b78e21c0f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B0985F47033BD7020AB3B8CDCBC6C17BE6AB9B6FEBA69E006088B78E21C0F0"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9564
Expires: Thu, 15 Dec 2022 13:38:41 GMT
Date: Thu, 15 Dec 2022 10:59:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 15 Dec 2022 10:33:53 GMT
content-type: application/json
age: 1524
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 51bd0cc75ed746fd33c950eb12936b7e
4a1007ea6c6e4f5e8b4a7d1f85f7a3e329dc8f50
188d4a0d544f40048dc7476cb4f5e478f1eb49a8ef1d51699fb155d2ae258655
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "188D4A0D544F40048DC7476CB4F5E478F1EB49A8EF1D51699FB155D2AE258655"
Last-Modified: Tue, 13 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2857
Expires: Thu, 15 Dec 2022 11:46:54 GMT
Date: Thu, 15 Dec 2022 10:59:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gUu3BvZE9j8/Pw14yyu+m+STLWpSR0KGyEUs++B4EkeA42DHGJ2FdikMFe0nphSWaeqVpH5/VUbCWbF5LPz3Tw==
x-amz-request-id: 184T59AQXZ09R4SW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 15 Dec 2022 10:52:44 GMT
age: 393
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6c9f05fb499af4966a29ef3512602332
4b9a332ca18810028ea54c3b867feed1c49267e3
75342aaa31f02e9359554002a384b25bad7e12352bb89859068d07a62d4c2e2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5768
Cache-Control: max-age=164291
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 10:59:17 GMT
Etag: "639ac640-117"
Expires: Sat, 17 Dec 2022 08:37:28 GMT
Last-Modified: Thu, 15 Dec 2022 07:01:20 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6c9f05fb499af4966a29ef3512602332
4b9a332ca18810028ea54c3b867feed1c49267e3
75342aaa31f02e9359554002a384b25bad7e12352bb89859068d07a62d4c2e2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5671
Cache-Control: max-age=164194
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 10:59:17 GMT
Etag: "639ac640-117"
Expires: Sat, 17 Dec 2022 08:35:51 GMT
Last-Modified: Thu, 15 Dec 2022 07:01:20 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f2f307e69059ac0a0edfa5150cb081c3
58c3721a84942c18dee03d5ef62a8453501ef625
61693be234616060b273a9f9f9bf28a5b071cb997bbdeb983032feb8b787080c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4105
Cache-Control: max-age=170881
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 10:59:17 GMT
Etag: "639ae67d-118"
Expires: Sat, 17 Dec 2022 10:27:18 GMT
Last-Modified: Thu, 15 Dec 2022 09:18:53 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f2f307e69059ac0a0edfa5150cb081c3
58c3721a84942c18dee03d5ef62a8453501ef625
61693be234616060b273a9f9f9bf28a5b071cb997bbdeb983032feb8b787080c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=166776
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 10:59:17 GMT
Etag: "639ae67d-118"
Expires: Sat, 17 Dec 2022 09:18:53 GMT
Last-Modified: Thu, 15 Dec 2022 09:18:53 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f2f307e69059ac0a0edfa5150cb081c3
58c3721a84942c18dee03d5ef62a8453501ef625
61693be234616060b273a9f9f9bf28a5b071cb997bbdeb983032feb8b787080c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4105
Cache-Control: max-age=170881
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 10:59:17 GMT
Etag: "639ae67d-118"
Expires: Sat, 17 Dec 2022 10:27:18 GMT
Last-Modified: Thu, 15 Dec 2022 09:18:53 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f2f307e69059ac0a0edfa5150cb081c3
58c3721a84942c18dee03d5ef62a8453501ef625
61693be234616060b273a9f9f9bf28a5b071cb997bbdeb983032feb8b787080c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=166776
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 10:59:17 GMT
Etag: "639ae67d-118"
Expires: Sat, 17 Dec 2022 09:18:53 GMT
Last-Modified: Thu, 15 Dec 2022 09:18:53 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f2f307e69059ac0a0edfa5150cb081c3
58c3721a84942c18dee03d5ef62a8453501ef625
61693be234616060b273a9f9f9bf28a5b071cb997bbdeb983032feb8b787080c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4105
Cache-Control: max-age=170881
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 10:59:17 GMT
Etag: "639ae67d-118"
Expires: Sat, 17 Dec 2022 10:27:18 GMT
Last-Modified: Thu, 15 Dec 2022 09:18:53 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
nelion.me/images/feature.png
188.114.97.1200 OK 1.1 kB URL HTTP/2 nelion.me/images/feature.png
IP 188.114.97.1:0
File type PNG image data, 204 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 802a9cf8661ca85ba8ee99bb5ffd497d
ddd5eff8048d3acaade1eb6ac7fccc9268f2c0a0
2f19277acc0cf836bbe83737e62a7d934718528c35f0e46027095920413194d4
GET /images/feature.png HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: image/png
content-length: 1109
last-modified: Sun, 30 Dec 2018 13:23:12 GMT
etag: "455-57e3d32af3000"
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XiWtkd0RTTwjd3QXYNPWGg4o3VbmJsP7iAIwySa8LuaErrtarkH0rbFxctNqPJs4w8JSPYAqtVxIXLIaoMI%2BkuYJwuSysZiW8IgjN4yTfiU5tXDfBL3nQDwgESQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779eab432af01c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nelion.me/images/logo.png
188.114.97.1200 OK 12 kB URL HTTP/2 nelion.me/images/logo.png
IP 188.114.97.1:0
File type PNG image data, 510 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash ef1ec66ca1310e86e93adf873aae8745
8e315d5bbbc6ecccdfe768d25bc7c0cb53731990
4cc4429fe736cb6db7429ab31d5243c4123edfaa3f3f7e52a0265dff586eb431
GET /images/logo.png HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: image/png
content-length: 11819
last-modified: Sun, 30 Dec 2018 13:23:49 GMT
etag: "2e2b-57e3d34e3c340"
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7H6iRZfTxlY0kIZoZIWZsbpMdwI4WkJBljrJJz2%2Ftp6eIhveOJQFGqMKJMnr7RR5O90moQyzWKU3ue21LsEj5PGaVfkOjhwxjSDeostdBSeMYBsAJlsIlhoLbqg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779eab432aee1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nelion.me/images/nav_dvr.png
188.114.97.1200 OK 147 B URL HTTP/2 nelion.me/images/nav_dvr.png
IP 188.114.97.1:0
File type PNG image data, 2 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash 2c42ba5b30c965e6db4fed72bd47985c
c1f8de8d22f2fbe44b104b45f9f08a5c170cc533
b8a0ff2cf9ee6d1091e95a082b56793ffea21a90f47ad39eb2450801419cab5a
GET /images/nav_dvr.png HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: image/png
content-length: 147
last-modified: Sun, 30 Dec 2018 13:23:53 GMT
etag: "93-57e3d3520cc40"
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUvAUdRj1aXkwr5BX%2B7ghutHhA4DNGIftEp90VbiYwGheyMGHxih4q4xaXYS6U%2Feg5zETeGute1yqe20hYMeWrJFKNscIeNE%2B0KxmT1p1mtIRrXnB9%2B1Sapomtk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779eab432aed1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nelion.me/images/nop.png
188.114.97.1200 OK 663 B IP 188.114.97.1:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 696b63246820e36ff7814d9001d5639e
dbc8fee46faf6ea684c7208527335d714a7f8906
e09ca49c4bb776792a62cb30aec2ca35ea59b23d3334ee2d16bdc5d7e39b7118
GET /images/nop.png HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: image/png
content-length: 663
last-modified: Sun, 30 Dec 2018 13:23:57 GMT
etag: "297-57e3d355dd540"
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sW5vYUWe%2F6S6pQFFW1L6cBBanH1oL6Ln%2B18taouwgJ9suoYfegds2%2FxSEKY74QAgcCzeuI7g1sHjMytnU3bZdDeKUtaK0Yeps79B4W24CyNBPpQJRkrcFFL30TU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779eab432af41c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6c9f05fb499af4966a29ef3512602332
4b9a332ca18810028ea54c3b867feed1c49267e3
75342aaa31f02e9359554002a384b25bad7e12352bb89859068d07a62d4c2e2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5768
Cache-Control: max-age=164291
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 10:59:17 GMT
Etag: "639ac640-117"
Expires: Sat, 17 Dec 2022 08:37:28 GMT
Last-Modified: Thu, 15 Dec 2022 07:01:20 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
nelion.me/images/premium.png
188.114.97.1200 OK 13 kB URL HTTP/2 nelion.me/images/premium.png
IP 188.114.97.1:0
File type PNG image data, 249 x 33, 8-bit/color RGB, non-interlaced\012- data
Hash c866a2d9444c3cd3d633ce21b3397dba
99054af1fe172a6b2362d851d394b2a6fce9ff69
3ce4d0c2574e2c5c3e35d64797c2393110157253cc341cbcfb1b7d34b7ed67ee
GET /images/premium.png HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: image/png
content-length: 12852
last-modified: Sun, 30 Dec 2018 13:24:02 GMT
etag: "3234-57e3d35aa2080"
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6%2FEarjg%2Bl0ERvZOD1gsn%2Bp3hZsvdDuKSUtmcJWN1pOAokuT%2BL4F9rmFBeKhSjxf2xpKhAznakgui%2BQnjnuQo28h3t5juhz9Lf0GJkAG4%2BxgZf%2FftKnz3IsmeY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779eab432af91c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nelion.me/images/or.png
188.114.97.1200 OK 1.5 kB IP 188.114.97.1:0
File type PNG image data, 244 x 41, 8-bit/color RGB, non-interlaced\012- data
Hash 971fa4d94f378e533612d1dcd70e63e6
f06ad7d859c482fba1471f32370afacf9637539d
4e228e45616b471e8671dd668436e5a44b74103a27e49b2c8ddc5e9a7d034d98
GET /images/or.png HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: image/png
content-length: 1498
last-modified: Sun, 30 Dec 2018 13:23:57 GMT
etag: "5da-57e3d355dd540"
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1%2FqiM7fXCxi%2BgrcZ2IajudGsAhLpNIbbWe9%2B85DmRKGDbSHsCET3NJFYKlA9THll54S1dWL9xR5RMQ5zZbtu3UV8Vy%2FtmCqSz0umGOT%2FbS6o3fVbMjd1h8OmKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779eab432afb1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nelion.me/images/clock.png
188.114.97.1200 OK 61 kB URL HTTP/2 nelion.me/images/clock.png
IP 188.114.97.1:0
File type PNG image data, 412 x 198, 8-bit/color RGB, non-interlaced\012- data
Hash 9cd3ecab1ce03c4b6ead8c2d9ce0183f
6073450b931916b3f5f669a92bfd6aa8bdf50ff1
b09ea2d925973676fc362f14a994dd359a413e58cfcf748a306f17a648779742
GET /images/clock.png HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: image/png
content-length: 60804
last-modified: Sun, 30 Dec 2018 13:22:01 GMT
etag: "ed84-57e3d2e73d040"
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3U2jZ4iNhl8MyjsG1644kcWHYTKessOlsq79r4PwT7dUnRYoER3GlmmLZdqZhjXtqi%2B3%2B8jyEO24sSmhsGpe8VkeU9LG1m1ncEYpfY%2BtxCMcnuAQiZwNz%2Bp6S0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779eab432af61c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nelion.me/images/free.png
188.114.97.1200 OK 396 B URL HTTP/2 nelion.me/images/free.png
IP 188.114.97.1:0
File type PNG image data, 47 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash af120cac6d228b4194470f4ba2950c4b
d93d62bdaaae99511bf1e55f7706d486d87c254a
66f237c144dfac451d1db0635419a41c013951ee3d7f81c2c6e7b4a7646a3304
GET /images/free.png HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: image/png
content-length: 396
last-modified: Sun, 30 Dec 2018 13:23:16 GMT
etag: "18c-57e3d32ec3900"
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFP%2FWHumCB3eW4HjrAu2a%2BeMsLhO76t5Aqip1Ow1%2Byw%2FGNfkk4K3Vbh3lzgYgHdMHPFfwiVwgZ%2FjQAAhPLobR5MJWjAGM%2FTFkeDTWiWayq%2BLE7IB3D%2FGDMKaWm4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779eab432af11c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nelion.me/images/store.png
188.114.97.1200 OK 23 kB URL HTTP/2 nelion.me/images/store.png
IP 188.114.97.1:0
File type PNG image data, 624 x 112, 8-bit/color RGBA, non-interlaced\012- data
Hash 0da02baf0b9aec9b3d8155283e6c6f6d
349211571d360a034a36c91079d222f2258fbeaf
e8195c485b5118d3dc26d17aa02e1116a8003e6be627753b277c49d951a916cc
GET /images/store.png HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: image/png
content-length: 22568
last-modified: Sun, 30 Dec 2018 13:24:29 GMT
etag: "5828-57e3d37461d40"
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YhlyRcylPKOTOKCD%2Bqi6cfx8nV%2Bdf9VmEPjasCn4M%2FMafryygkXjB2uhPR7L5jm6jSzwaUjpDJ23BB0RpCJ3vyrAsbv4HfNzDPSnZhL3xv27ubfeGS07Yo2%2BsE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779eab432aef1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nelion.me/images/premium_user.png
188.114.97.1200 OK 668 B URL HTTP/2 nelion.me/images/premium_user.png
IP 188.114.97.1:0
File type PNG image data, 98 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 77f9207c1d012d1d43c013e875530732
1d7c63c9b9e0a92abb92c642c455d0f5c7ebfaec
af61be961d940f2b0f5f0e3eda49657ffab3d327e2074f444299dd61876f758f
GET /images/premium_user.png HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: image/png
content-length: 668
last-modified: Sun, 30 Dec 2018 13:24:03 GMT
etag: "29c-57e3d35b962c0"
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nk31sIl%2Frq0TJ%2Fln6Lv5ywWk7v2CZwTCUsKmg2SlT79Ugu972mrBIRwr0uIyZSNbS146wHQAZEpLbGft12CCB6NC8yyxU2B1DqivNhQeCPP9bdKZs2DGLhs0ggk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779eab432af31c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nelion.me/images/register.png
188.114.97.1200 OK 865 B URL HTTP/2 nelion.me/images/register.png
IP 188.114.97.1:0
File type PNG image data, 119 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash af879e26ba7b5b1377290f92797d5809
308d79ee8af9f6e55855d2aea05c2dfd666b63cf
e8ea38baeb05fe82980ec7acebfd5ad9041c0f074a0299653be92ad9e71ef08a
GET /images/register.png HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: image/png
content-length: 865
last-modified: Sun, 30 Dec 2018 13:24:06 GMT
etag: "361-57e3d35e72980"
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrsObJGrj2SYuaGg5R5oJp4CZcSS8j0DNNW%2Fc%2BFXoSN%2FB30JGDVZSwkuWmP2UOO2Nk2JhRusVzKhUD1uLDqID34Y4O1zck2oruAsrF1J%2BGDMwC1HqDV6Ri8WXcg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779eab432af21c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nelion.me/images/yep.png
188.114.97.1200 OK 649 B IP 188.114.97.1:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d44739a54a348d53c601986f909bc94
fae5dc2e7689c3a909d67f5602e13957bee5396b
69fe7957f80cb037a8ef348b71e1a52948704301ee06c4515a27f2d9426d93e0
GET /images/yep.png HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: image/png
content-length: 649
last-modified: Sun, 30 Dec 2018 13:25:02 GMT
etag: "289-57e3d393da780"
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYr9MFZUYQCgKXxM%2BOEjnMrB7GQSP0AgKUnmtb7rGM2DiHL6%2BJQn2QShUrB32Cbm1x8VSD3wirn4aclioMP7eAxIQ%2BtcmPHFUJT684ErLJY6htBwukVR%2F9jWsog%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779eab432af51c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f2f307e69059ac0a0edfa5150cb081c3
58c3721a84942c18dee03d5ef62a8453501ef625
61693be234616060b273a9f9f9bf28a5b071cb997bbdeb983032feb8b787080c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=166776
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 10:59:17 GMT
Etag: "639ae67d-118"
Expires: Sat, 17 Dec 2022 09:18:53 GMT
Last-Modified: Thu, 15 Dec 2022 09:18:53 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
dulcormutated.com/tf6PxoNZAu9TB/53366
172.255.6.2200 OK 25 B URL HTTP/1.1 dulcormutated.com/tf6PxoNZAu9TB/53366
IP 172.255.6.2:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tf6PxoNZAu9TB/53366 HTTP/1.1
Host: dulcormutated.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nelion.me/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 10:59:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://nelion.me
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Fri, 16-Dec-2022 10:59:17 GMT; Max-Age=86400; path=/
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Fri, 16-Dec-2022 10:59:17 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
pl15560298.highperformancecpmgate.com/fc/24/d3/fc24d303a4d285868526ce96d6671cad.js
192.243.61.227200 OK 21 kB URL HTTP/1.1 pl15560298.highperformancecpmgate.com/fc/24/d3/fc24d303a4d285868526ce96d6671cad.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60136), with no line terminators
Hash b0e1f58320e30c56f1bbb1a018d912d4
44e008dde48666f4ac34110b7f7c839c5845a15b
47e2419a98ae6ec987eb5f7f73de99aa208766a63efd2ed419fbcf0f1c27b8e5
Analyzer Verdict Alert quad9 Sinkholed
GET /fc/24/d3/fc24d303a4d285868526ce96d6671cad.js HTTP/1.1
Host: pl15560298.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nelion.me/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 15 Dec 2022 10:59:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8240ef8996f189f5edd1e5d0d200c06e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 15 Dec 2022 10:08:00 GMT
age: 3078
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
nelion.me/css/style.css
188.114.97.1200 OK 24 kB IP 188.114.97.1:0
File type ASCII text, with very long lines (42751), with no line terminators
Hash 4ece660ec0f1203764a5d1070c329df6
ba9728bcdfc4d320912c9d3bbc1c83bb3a29e2e8
6e496ba460d1e946b002fdfe123a378bad7b3727a96ed0515ed4213c6cce50a2
GET /css/style.css HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=53403
etag: W/"d09b-57e3cf0f0be40-gzip"
last-modified: Sun, 30 Dec 2018 13:04:49 GMT
vary: Accept-Encoding
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wf7%2BIuqia62xhir72c5AzfT2bcBd5zdXMMPc7%2B7FvMoStrBhLcxFi7J4rDlyhvROlWYpV%2B72TkGU9ust9%2FXVjIQE3lbXQPRcuqoGetVvr9XGFTBe2IrXiLFgkfE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779eab436b291c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
104.18.10.207200 OK 6.3 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (23192)
Hash e7a7ccd147d034f254c673fa4177875c
5f8509f2ec0c7cf73c91c41c921bd1d30dbe7d75
2cc1f37d6898a9b08bf66ed1cdcb3b99bab87803249b1d074495c699f69c130c
GET /bootstrap/3.3.7/css/bootstrap-theme.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nelion.me
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ab6b02efeaf178e0247b9504051472fb"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 11/18/2022 06:17:52
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 864
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 938904543ca6ed7a0ad4806fcec3bd33
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 779eab42c9bdb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash cb93ed33e0c9c51b81a70f159034498d
3fdfa0a2d2e93fe27d372364f796cb1c29f0b1ce
5c44676e84668823f8483e7a259cd397ee1e7edb433f345de43879c86db74686
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 10:59:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Dec 2022 00:04:33 GMT
Expires: Thu, 22 Dec 2022 00:04:32 GMT
Etag: "3fdfa0a2d2e93fe27d372364f796cb1c29f0b1ce"
Cache-Control: max-age=564913,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 779eab45d9feb529-OSL
seduceobscure.com/pixel/purst?dl=0&th=0&sc=0&rs=1054&rd=1054&fd=691&bv=22.10.v.9&tmpl=70
192.243.61.227200 OK 0 B URL HTTP/1.1 seduceobscure.com/pixel/purst?dl=0&th=0&sc=0&rs=1054&rd=1054&fd=691&bv=22.10.v.9&tmpl=70
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1054&rd=1054&fd=691&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: seduceobscure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nelion.me/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 15 Dec 2022 10:59:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 4e4417a564b9bbf2be3fb9c1414eb855
15c6dc5ddd4081d33f952c932abe4fc3888cff6f
76c883367d4e528d9c6083aa01dd78c224f95dd90e3f06082962993e5739ad00
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99303
Date: Thu, 15 Dec 2022 10:59:18 GMT
Etag: "6399d017-1d7"
Expires: Fri, 16 Dec 2022 14:34:21 GMT
Last-Modified: Wed, 14 Dec 2022 13:31:03 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MWdO9Xexi3M_nB5JVTcgingWqYxN5aZll4dB0u_BQT0xD147tywcWg==
Age: 3798
addresseepaper.com/sfp.js
199.59.243.222200 OK 942 B URL HTTP/1.1 addresseepaper.com/sfp.js
IP 199.59.243.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1316), with no line terminators
Hash 49d8935f2eba6072b95d161beb5ad4c1
333b0fa2524769f34d553c6c68b432d9ad6fbc8b
9c6b81f14e07ca1275378698d1796cf27e98575a8493040503e8ee1659efebea
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nelion.me/
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 15 Dec 2022 10:59:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=d1119fa1-443d-b2a3-c180-667db7426fcc; expires=Thu, 15-Dec-2022 11:14:18 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_rKi9zYAWGhtFoKXrL3EfUzXkSWgNNP35BQjv0KEAvAryEz2k6Pq9V3hU4CvMnsfLXcoS6JZbr6UnzXNEfHmyuQ==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 210b7a2584ae55362c4b582e325f37f7
5f1982f961f1c5db96bbb66af075bab3cb535963
cb3767debad90cb8a34ce287de194cdb2a4f7146e7b51560fd2e0eb11fbfbc2f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6398
Cache-Control: max-age=86056
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 10:59:18 GMT
Etag: "63999230-1d7"
Expires: Fri, 16 Dec 2022 10:53:34 GMT
Last-Modified: Wed, 14 Dec 2022 09:06:56 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
nelion.me/js/jquery-1.9.1.min.js
188.114.97.1200 OK 34 kB URL HTTP/2 nelion.me/js/jquery-1.9.1.min.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (32089)
Hash a6105afaeb42c2b916ebfc7d467a596c
e3944e142b7d04a3ad4c40613ec1ea8032094baa
5997bbb815892c19ccbfe23730fe6568e14a12fc455b26361d03aeb9ce0e1055
GET /js/jquery-1.9.1.min.js HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: application/javascript
last-modified: Sat, 29 Dec 2018 12:09:25 GMT
etag: W/"169d5-57e280cf92740-gzip"
vary: Accept-Encoding
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOsZwk6DIfGI%2FHMbygxnWhEnhxzGbfkvK94UMMBPBVlI4DOSkF9DHV60vuPLHKVLUViT0JOgI7FJS8HhfriqJCR9o4iJPnbey4SMELozA9Yckh2DAWiaxkAlrdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779eab436b251c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 30 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 815ef37110ac6b63648f05ba53184bee
bebecd11757b35c25edcbb317a4c54c5c8d23697
36bf07548480e148703dd77a427ddd38209b3a2c5f805ca04e563d5d3bef1a1f
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nelion.me/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 10:59:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Sun, 15 Jan 2023 10:59:18 GMT
ETag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 925456
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779eab480d5bb4f1-OSL
alt-svc: h2=":443"; ma=60
c.adsco.re/
104.17.166.186200 OK 27 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 476958d21c89d299093d706f57c7fcca
00ab735508c308fcbb010ac8636bb181121ce1a9
b4a75ef600e243ad56b72f639de859a993be41c3d7331615780f39715179757a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:18 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sun, 15 Jan 2023 10:59:18 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 925472
vary: Accept-Encoding
server: cloudflare
cf-ray: 779eab471aeab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://nelion.me
Connection: keep-alive
Referer: http://nelion.me/
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 10:59:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: http://nelion.me
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
banquetunarmedgrater.com/advertisers.js
173.233.137.44200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nelion.me/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 15 Dec 2022 10:59:18 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 25d824f6060230eca464fe1719f5511b
Strict-Transport-Security: max-age=0; includeSubdomains
www.google-analytics.com/ga.js
142.250.74.110200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nelion.me/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Thu, 15 Dec 2022 09:06:06 GMT
Expires: Thu, 15 Dec 2022 11:06:06 GMT
Cache-Control: public, max-age=7200
Age: 6792
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
www.displayvertising.com/mustache.min.js
185.76.9.23200 OK 9.7 kB URL HTTP/2 www.displayvertising.com/mustache.min.js
IP 185.76.9.23:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash f0a269012be5a008d19dcddcb5ce7ed6
ac3c2658346bf0366bcc4c02d4dfc1297d663aa5
8bf63e7bcf6ab7df57a9eb883df177257e790b54e07270a42d7cf2c882475760
GET /mustache.min.js HTTP/1.1
Host: www.displayvertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nelion.me
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Sat, 17 Dec 2022 17:08:04 GMT
access-control-allow-origin: *
link: <https://displayvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1671296885
server: CDN77-Turbo
x-77-nzt: AblMCRSmAkX/EEEGAA
x-77-nzt-ray: af585630381b50a605fe9a63d932f133
x-cache: HIT
x-age: 409872
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=310999580&utmhn=nelion.me&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x886&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download&utmhid=856870413&utmr=-&utmp=%2Fnjqcy0q792hb%2Fx_Esther.zip.html&utmht=1671101955975&utmac=UA-131778945-1&utmcc=__utma%3D182809273.1835883639.1671101956.1671101956.1671101956.1%3B%2B__utmz%3D182809273.1671101956.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1324476192&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.110200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=310999580&utmhn=nelion.me&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x886&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download&utmhid=856870413&utmr=-&utmp=%2Fnjqcy0q792hb%2Fx_Esther.zip.html&utmht=1671101955975&utmac=UA-131778945-1&utmcc=__utma%3D182809273.1835883639.1671101956.1671101956.1671101956.1%3B%2B__utmz%3D182809273.1671101956.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1324476192&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=310999580&utmhn=nelion.me&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x886&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download&utmhid=856870413&utmr=-&utmp=%2Fnjqcy0q792hb%2Fx_Esther.zip.html&utmht=1671101955975&utmac=UA-131778945-1&utmcc=__utma%3D182809273.1835883639.1671101956.1671101956.1671101956.1%3B%2B__utmz%3D182809273.1671101956.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1324476192&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nelion.me/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Thu, 15 Dec 2022 10:59:18 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 10:59:18 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779eab49aaf4b4fa-OSL
alt-svc: h2=":443"; ma=60
nelion.me/njqcy0q792hb/favicon.gif
188.114.97.1200 OK 8.0 kB URL HTTP/1.1 nelion.me/njqcy0q792hb/favicon.gif
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2972)
Hash 5e6a76f353409ddee2ae8e4ad5a2ec9b
b609f7992685907ad594c00cd384c60089091c2e
2a8b3c8f3fe7c0989ed431c8e850fa59c1349cbb8433db8142d6f21cb56e5e67
GET /njqcy0q792hb/favicon.gif HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nelion.me/njqcy0q792hb/x_Esther.zip.html
Cookie: lang=english
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 10:59:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 14 Dec 2022 10:57:49 GMT
Cache-Control: max-age=72000
CF-Cache-Status: MISS
Last-Modified: Thu, 15 Dec 2022 10:59:18 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUPeQBtU8LIHuUZs5sQ54VYxhPyVWMQMw5pIuNwenIi1xF0UUr6wF2oeGV%2F5kUuh%2FPErlfYuVWnW01qy8syy5QPmUySXn7zqAKXCSfC9RWdB8mEEI328oajo%2FaM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779eab48bfc9b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash f496919a0c285eb13120863bc4d76354
4595bb54f31402f5ee56a0a03d2d31b4dbd1f487
8247d8d0c9f6492f5a2e7f4ff6a88b4f68ae2aaf022636d9c9ca2ba555e249a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8247D8D0C9F6492F5A2E7F4FF6A88B4F68AE2AAF022636D9C9CA2BA555E249A1"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5645
Expires: Thu, 15 Dec 2022 12:33:23 GMT
Date: Thu, 15 Dec 2022 10:59:18 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash cb93ed33e0c9c51b81a70f159034498d
3fdfa0a2d2e93fe27d372364f796cb1c29f0b1ce
5c44676e84668823f8483e7a259cd397ee1e7edb433f345de43879c86db74686
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 10:59:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Dec 2022 00:04:33 GMT
Expires: Thu, 22 Dec 2022 00:04:32 GMT
Etag: "3fdfa0a2d2e93fe27d372364f796cb1c29f0b1ce"
Cache-Control: max-age=564913,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 779eab474be7b529-OSL
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221671094636433%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221671094636433%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Hash f278dcdb0d45218ff656fb775bfff27a
3a6f378f046e5613e71428bb749a5cdd21d95747
83d08c2f236f253ba9802313d78b3de250da1140e402051fb9a906a0679bb15f
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221671094636433%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Thu, 15 Dec 2022 10:02:19 GMT
age: 3419
last-modified: Thu, 15 Dec 2022 08:57:16 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
atbxtqtqgiqh.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 atbxtqtqgiqh.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: atbxtqtqgiqh.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://nelion.me
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 10:59:18 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adsco.re/p
162.252.214.5200 OK 170 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash b3edc5e3a84006c1b02683af01122496
330914e331ba289b74bc9c184e2fd12552e770f4
9115c2570feac21d63dbfe8498d1a69504146415561d47ff4317f02c46ea9a16
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 1852
Origin: http://nelion.me
Connection: keep-alive
Referer: http://nelion.me/
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 10:59:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://nelion.me
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 59e7ce7315fa33f4ff67378a8d0d72d9
b3436aff7dc851b3b0f94e5b90e903ec5a43cb11
cd0f6c50e14c5e82c078de560a8d9a283d279dbeff9729fa8bd6fca35766dd4e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD0F6C50E14C5E82C078DE560A8D9A283D279DBEFF9729FA8BD6FCA35766DD4E"
Last-Modified: Thu, 15 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7755
Expires: Thu, 15 Dec 2022 13:08:34 GMT
Date: Thu, 15 Dec 2022 10:59:19 GMT
Connection: keep-alive
displayvertising.com/rTpiN.asp?_=BAYAY5r-BgFjmv4HgAGBAsAAILS-_F-fPi2CzB8jw0YxNFEvA5M_d5s55LLRQXR0sUlrwQBHMEUCIDqULFrOhUnocOrQuDy4l-gpnLIgAorakmXVvD9hQYmuAiEAlVCEAPOWNHHVHqQcusvMA8XxwKLXbeu8krz_GBgr6s0&v=4&sidfLImy=4134215&minBid=&MKXGzuom=0:1,0&bdRTXyjD=&yeuNsiaw=&s=1280,1024,1,1280,1024,0
216.59.56.9200 OK 44 B URL HTTP/1.1 displayvertising.com/rTpiN.asp?_=BAYAY5r-BgFjmv4HgAGBAsAAILS-_F-fPi2CzB8jw0YxNFEvA5M_d5s55LLRQXR0sUlrwQBHMEUCIDqULFrOhUnocOrQuDy4l-gpnLIgAorakmXVvD9hQYmuAiEAlVCEAPOWNHHVHqQcusvMA8XxwKLXbeu8krz_GBgr6s0&v=4&sidfLImy=4134215&minBid=&MKXGzuom=0:1,0&bdRTXyjD=&yeuNsiaw=&s=1280,1024,1,1280,1024,0
IP 216.59.56.9:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /rTpiN.asp?_=BAYAY5r-BgFjmv4HgAGBAsAAILS-_F-fPi2CzB8jw0YxNFEvA5M_d5s55LLRQXR0sUlrwQBHMEUCIDqULFrOhUnocOrQuDy4l-gpnLIgAorakmXVvD9hQYmuAiEAlVCEAPOWNHHVHqQcusvMA8XxwKLXbeu8krz_GBgr6s0&v=4&sidfLImy=4134215&minBid=&MKXGzuom=0:1,0&bdRTXyjD=&yeuNsiaw=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: displayvertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nelion.me/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Thu, 15 Dec 2022 10:59:19 GMT
atbxtqtqgiqh.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 atbxtqtqgiqh.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: atbxtqtqgiqh.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://nelion.me
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 10:59:19 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10804
Expires: Thu, 15 Dec 2022 13:59:23 GMT
Date: Thu, 15 Dec 2022 10:59:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10804
Expires: Thu, 15 Dec 2022 13:59:23 GMT
Date: Thu, 15 Dec 2022 10:59:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10804
Expires: Thu, 15 Dec 2022 13:59:23 GMT
Date: Thu, 15 Dec 2022 10:59:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d2294cdacdc84b8b19874ba56035a6d
53009a81b15e464d5529d36b1e04b841b2ae034e
67d59aa026b43ed3f698f3853b986fc7c07e4e6e5f7b3551e59238f79978480a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7616
x-amzn-requestid: 71bbe208-11e3-4280-bf09-bff8bd18fcb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c82fXGmPoAMF3Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63950462-12393ca432808b7f0b2771dc;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:12:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G1MopDnv-WOAbIBMe0v-V9xXeJIVDReKWSMG33dQt1q5GpK41RU0PQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 11:18:24 GMT
age: 85255
etag: "53009a81b15e464d5529d36b1e04b841b2ae034e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86aaca525eba678cdae6480594a8249a
87171c4499e8d82e8ec325e9133c180c0773c1dc
03fb5c8f20a85f301f9bf3096aefb36bbadfdd54d4bdd5227d45fced4ad004d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc8ebfc6-61e6-40a2-9330-dccc75c41225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9864
x-amzn-requestid: cef32774-5aee-477b-a929-60d34e8d093c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHwMtGO1oAMFjHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639960b7-79414714540e99977b32b6c7;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 05:35:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FXgZkJXSICEd8RRuW8v9nnGV9KxXcCCRsbfKn50j3B8fMW8oZX2YOQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 17:06:34 GMT
age: 64365
etag: "87171c4499e8d82e8ec325e9133c180c0773c1dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F874ce85e-7786-4e92-aea7-1c22181143e6.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F874ce85e-7786-4e92-aea7-1c22181143e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 389fe7dd5f3f80351a97fe4106be49b5
a91f474e6d320797c2ea32ecaf7a341f5f77fe82
11957edbfb3dc06abbe8ee6aa9dac0a25f84ba909a6404030c9f081343384513
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F874ce85e-7786-4e92-aea7-1c22181143e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9108
x-amzn-requestid: 2134a88c-a745-4061-ac63-16989306d7da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dH_FlF6MoAMFQsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63997889-18ba85822302c07e672f17e3;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 07:17:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cqlGj6xu4etxgHqsCba0T3DmafdJe71e4CRzfte5w2HSr-CQqweufQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 07:55:29 GMT
age: 11030
etag: "a91f474e6d320797c2ea32ecaf7a341f5f77fe82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa84ff272-725d-4ea2-9b73-d56ddbd06979.jpeg
34.120.237.76200 OK 3.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa84ff272-725d-4ea2-9b73-d56ddbd06979.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e72301b10bca35b0a570adb01aea806
ff5817aecda71a982779d5b12ba19e3264e964a3
3de1caddc5e0214a69e34ecb64be729a70462f8ea1852f2b9b97901bdc0fd3cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa84ff272-725d-4ea2-9b73-d56ddbd06979.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3187
x-amzn-requestid: 01e45059-3240-4c5b-bd89-4cce8387e6f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUX0FUgoAMFYqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6765-1db6a3fd5433985e5f0687a7;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:49:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TclkFJlGT1ZDytZk9bIzUsJyzOTUp66anwZNtKnJIwbRHgxkoatdWQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 06:55:34 GMT
age: 14625
etag: "ff5817aecda71a982779d5b12ba19e3264e964a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f56798-4039-4a1a-9490-f61d1b1e77da.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f56798-4039-4a1a-9490-f61d1b1e77da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 672ae812012d060ba75fbb8cb9d6038c
2ab1016451432b6cd1d6b9756c6cc6a926ffa7ce
cd9c002af775a6ba6ff8902a67e19c2ed2663d23bf8a1c3fe763598a60ba8d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f56798-4039-4a1a-9490-f61d1b1e77da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5259
x-amzn-requestid: 21c0e355-e696-4785-a162-5f96e02836f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c3fV1HHKIAMFsjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6392df58-608335604793d9f46939a81a;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 07:10:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YF20vWN7faRilx8H98vMPeAimGKAPA-32GulYRed4h-vQAzwkYNgbA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 22:14:27 GMT
age: 45892
etag: "2ab1016451432b6cd1d6b9756c6cc6a926ffa7ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cff467d-ce7f-4454-8f95-b9c6348a2347.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cff467d-ce7f-4454-8f95-b9c6348a2347.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 651b0f2569cf044585ce4f571cfd89fb
4c5e9db56536dd4145d63200d0fd74e2aa243fbf
c561267909b1e19768a2c11d78bab18faaa0de11d822e56324d7642daf798bf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cff467d-ce7f-4454-8f95-b9c6348a2347.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5820
x-amzn-requestid: aea526e4-f177-483a-bf63-4dbc3e526bf6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHHBHE8HIAMFn0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63991ed3-2fdc5eed7f4c006224bd29c5;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 00:54:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: usEmccGMldP3GGjxbRfQ_TuRDdRzDqo8C31tNcjXVpz3ke03xykUfg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 13:45:56 GMT
etag: "4c5e9db56536dd4145d63200d0fd74e2aa243fbf"
content-type: image/jpeg
age: 76403
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP 104.18.10.207:0
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 16551442
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 779eab42c92fb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nelion.me/js/jquery.paging.js
188.114.97.1200 OK 0 B URL HTTP/2 nelion.me/js/jquery.paging.js
IP 188.114.97.1:0
GET /js/jquery.paging.js HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=19365
etag: W/"4ba5-57e280d91bdc0-gzip"
last-modified: Sat, 29 Dec 2018 12:09:35 GMT
vary: Accept-Encoding
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=it7%2B14dTVWXnNX3wD4zTyvfLDHD0NGSdl2mA3H5TotZX7w1XGQWC5BOBLVtxiC3UxozETBzt7uNvP0BPg4CzILCV%2BbZBIrwR4LyaH7iiHTTvT9A9BInVoU1iw1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779eab432aec1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nelion.me/js/jquery.cookie.js
188.114.97.1200 OK 0 B URL HTTP/2 nelion.me/js/jquery.cookie.js
IP 188.114.97.1:0
GET /js/jquery.cookie.js HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3121
etag: W/"c31-57e280d91bdc0-gzip"
last-modified: Sat, 29 Dec 2018 12:09:35 GMT
vary: Accept-Encoding
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lH74InKhrM9ZxRLFKKwK3Ez%2FtYhAy%2BnWUp2TKRNbO6f%2Ba%2FHtyo%2BJErmQlYd4bfICjArrUbDqwSaavV60qsNlUvspODRP175MCRWgvceSCnZLwWg3k4uKNM3wcNU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779eab436b271c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nelion.me/js/paging.js
188.114.97.1200 OK 0 B IP 188.114.97.1:0
GET /js/paging.js HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1849
etag: W/"739-57e280db04240-gzip"
last-modified: Sat, 29 Dec 2018 12:09:37 GMT
vary: Accept-Encoding
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKk84uQoxf1KN9c%2FBUOD5US%2BJ%2FZbVydD9JVgRLQ4bKf6RgTO7SbheGKoxsWz6dFZjlwHfaGMadoWxghF%2F5uD6RxrraQe3XkKaV%2Bytx2iyp0o4i8NQ4V0i9%2BMx%2BQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779eab436b281c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nelion.me/css/bootstrap.css
188.114.97.1200 OK 0 B URL HTTP/2 nelion.me/css/bootstrap.css
IP 188.114.97.1:0
GET /css/bootstrap.css HTTP/1.1
Host: nelion.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nelion.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 10:59:17 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=144219
etag: W/"2335b-57e2803237400-gzip"
last-modified: Sat, 29 Dec 2018 12:06:40 GMT
vary: Accept-Encoding
cache-control: max-age=72000
cf-cache-status: HIT
age: 5944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqRt%2BAzYXfw70zaL463OVwW7MJ10G6y9R%2BkOQLX2cVY8bNKO0laMc2l0ppkLAgGipqWcxXhjESCm7d9p8X56yOT8owp0beRgheyjUKOKKd91zI6tw%2FmLSH8CySA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779eab436b261c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2