259.novitrk3.com/smartlink?mongo_id=631f91b78e4a45019f08c3bb&mongo_grouped_id=631f91815921a1489535de75&redirect_url=www.google.com&bot=1&suspicious=1&suspicious_reason=noscript
188.240.52.20302 Found 718 B URL HTTP/1.1 259.novitrk3.com/smartlink?mongo_id=631f91b78e4a45019f08c3bb&mongo_grouped_id=631f91815921a1489535de75&redirect_url=www.google.com&bot=1&suspicious=1&suspicious_reason=noscript
IP 188.240.52.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 929528be68a622ef6a6846176c34a91b
4bf399c457abff3111b7f8d5db85ad9cdb156d89
e458c99f5d672303beaf63247f0b10cc62066cfa3125f8b5b0d80d6bdbc9e3ee
GET /smartlink?mongo_id=631f91b78e4a45019f08c3bb&mongo_grouped_id=631f91815921a1489535de75&redirect_url=www.google.com&bot=1&suspicious=1&suspicious_reason=noscript HTTP/1.1
Host: 259.novitrk3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlFob21URXB5M3JrM1VWYzRPZC9xdFE9PSIsInZhbHVlIjoiNVZuVnV5Z1NXb1VPWUlWNmJpTVZIL09BNmJWcEc4alM0UXN6dVB5bGJiMnQxakJsaitPZ245dnNLclFaWTBBU3RTZVZmaithck9LZ1MyVVFTSnNId3d2SWNVb0dWWURpdTRMNzhuMVh6VUdrWlpVMzhoQjlFbUtpcWxXb1B2KzkiLCJtYWMiOiI5NzQ4YmYwMmUzZjI3YjliZWU0NzRiYTBmZDRmYzg1YWQ0NmYyOTY1NDBiZWI3MmUyNTUxMTkzZWFkMDhkYmE4IiwidGFnIjoiIn0%3D; novidash_session=eyJpdiI6ImVxTEpSNkVheTZaWlhWUGg0blc1cWc9PSIsInZhbHVlIjoiYVNwRk03emVuOUw3Z0hmbDRrZ084RlFyTkFPRkQ5S2VaVjdWblhPdUtoL2h6RzE1MThVbWNPV08zVzdrNnVyMGpDQlV4clNDbnpWblRPTkkvQ3ArOVNDRDBPdCs2SUU5RWlaNENmMGRYRE5VQVk4ZjZpQi91NXNNN1FnUlFkUFMiLCJtYWMiOiIyZjg3YWJmMjUzNzE3YTJjZDhiMmQ1MGIxZjgzMzhhOGIyYTU0OTgxOWYxNTcwY2Q5NDAwMzEwZTQ3NTMxODg0IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Mon, 12 Sep 2022 20:08:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, must-revalidate
Location: https://259.novitrk3.com/smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source=
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImQ0aVdmZEdaQ3g0UGJkQzZ4YXJaZVE9PSIsInZhbHVlIjoiS1Z6U3czTWJCT3BNWU5iZ1MvNkNsSTh3ZzduS0xFQWJkM3FEUHBRdit1WHpuZXVWYWUzZjViTW5xNGwxMEFabXJPdGtLQzY2aWUxWGZhRnljdDNsT2I0cThIQ0h2Tlc4MzZ5TENjTmJnOUpTKzZaUFh4QlZWTm80cUpQWDVJbTIiLCJtYWMiOiJjZDhiOTNhMDVhMjIzMTBkMTA0Nzc0ZTZhNzQ3ZWZkMDUzNjExMDJlZGVmNDYwODkzMWQwNzQyOWU4OTM3MDU2IiwidGFnIjoiIn0%3D; expires=Mon, 12-Sep-2022 22:08:41 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IkVqRlBkRWFBeGFHaXAzMFNFVFdhMVE9PSIsInZhbHVlIjoiTko1QXJTUEZuM3ZwWFZSdEZ6NEJpbW1mdGpncnNwS3Vnb3VvenlBb3JyNzlLdEt0d2pvTm0weUI4U25ZZUtrSnQyTmJjN0NqNWF0dTd4S2h0c25uNVpvRnV0bkNyNWdnZ0EyT3pMRXhxb28zMWVaU2tqdlNreEw2OGZ5cDhVeHAiLCJtYWMiOiIwZDE2NGU2ZjhlYzJjNjEyYmJmYjgxZjc5YWU4NTBmYjQ3NWVhZTQ1ZjQ1MTk0Y2MyZTNiYjIzYWQwNDBiMDhjIiwidGFnIjoiIn0%3D; expires=Mon, 12-Sep-2022 22:08:41 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3844
Expires: Mon, 12 Sep 2022 21:12:45 GMT
Date: Mon, 12 Sep 2022 20:08:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 20:08:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ycmYRatQ34MKo-qaROxs3W9_thcwbGz_70kIcfNdEM1ZNtVJWxiMOA==
Age: 22
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PSwhomODmXUFtck7ZQVIBhSyhp6e3wb2914sHsBebWY6Y28oQ3fFQg==
age: 46289
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 20:08:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 19:56:07 GMT
Expires: Mon, 12 Sep 2022 20:36:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oP5E7eoBpWw6lgGKpXCrgY56d3qG_2atpuPwSDt8AS3tu5XtLnQ6Ow==
Age: 755
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3812
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:08:42 GMT
Last-Modified: Mon, 12 Sep 2022 19:05:10 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.27.12.161101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.27.12.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LrSxlQiMT/Ge0OQZASpt2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Bg3QA28QyGAGMDDYpIHio6+6ylY=
www.tiltimagic.com/?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7142587830819094575&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84
51.68.85.158200 OK 5.2 kB URL HTTP/1.1 www.tiltimagic.com/?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7142587830819094575&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84
IP 51.68.85.158:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3760)
Hash 94ad610773820bdc992aeede3f764ebe
a9216622d91f4a6cb70acb32e200efbf748f387e
44a12ec1e663650383ad4565c2a871e006714a4b75205fa4ef473af5c8979477
GET /?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7142587830819094575&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84 HTTP/1.1
Host: www.tiltimagic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.news-page.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 20:08:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform
www.tiltimagic.com/?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7142587830819094575&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=4d5e293d99a2d2305502130e1ed80fd5&eyer=0.9266659753043954&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net
51.68.85.158302 Found 0 B URL HTTP/1.1 www.tiltimagic.com/?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7142587830819094575&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=4d5e293d99a2d2305502130e1ed80fd5&eyer=0.9266659753043954&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net
IP 51.68.85.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7142587830819094575&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=4d5e293d99a2d2305502130e1ed80fd5&eyer=0.9266659753043954&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net HTTP/1.1
Host: www.tiltimagic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Mon, 12 Sep 2022 20:08:43 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://www.tiltimagic.com/?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7142587830819094575&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=3&eyer=0.9266659753043954&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net
www.tiltimagic.com/?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7142587830819094575&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=3&eyer=0.9266659753043954&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net
51.68.85.158302 Found 0 B URL HTTP/1.1 www.tiltimagic.com/?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7142587830819094575&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=3&eyer=0.9266659753043954&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net
IP 51.68.85.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7142587830819094575&website=4472-bfdf314f-6f01772b&placement=4472&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=3&eyer=0.9266659753043954&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net HTTP/1.1
Host: www.tiltimagic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Mon, 12 Sep 2022 20:08:43 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://mobclick.xyz/go/4995/1?subid2=rest&subid1=13000dbdaba6d666b0f2fd0e1d910b03971180912-202209-flb*5467515-f6d9b*M7142587830819094575*sl_5467515-f6d9b*ee9e1741e9f19896ef875c2f90968c4d6c97a1c2*4472-bfdf314f-6f01772b*4472
www.tiltimagic.com/favicon.ico
51.68.85.158204 No Content 0 B URL HTTP/1.1 www.tiltimagic.com/favicon.ico
IP 51.68.85.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.tiltimagic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Server: openresty
Date: Mon, 12 Sep 2022 20:08:43 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cd4d8cc2a3ab3f80a0ed48ed8711aade
91760cbedebac6ce27a951880ff92c378a09dd47
2830c380d7204a14fb66f9e74ccf7c84193858a7d94ea637e223cef8ef2b5216
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2830C380D7204A14FB66F9E74CCF7C84193858A7D94EA637E223CEF8EF2B5216"
Last-Modified: Sat, 10 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20852
Expires: Tue, 13 Sep 2022 01:56:15 GMT
Date: Mon, 12 Sep 2022 20:08:43 GMT
Connection: keep-alive
mobclick.xyz/go/4995/1?subid2=rest&subid1=13000dbdaba6d666b0f2fd0e1d910b03971180912-202209-flb*5467515-f6d9b*M7142587830819094575*sl_5467515-f6d9b*ee9e1741e9f19896ef875c2f90968c4d6c97a1c2*4472-bfdf314f-6f01772b*4472
185.209.21.129200 OK 309 B URL HTTP/1.1 mobclick.xyz/go/4995/1?subid2=rest&subid1=13000dbdaba6d666b0f2fd0e1d910b03971180912-202209-flb*5467515-f6d9b*M7142587830819094575*sl_5467515-f6d9b*ee9e1741e9f19896ef875c2f90968c4d6c97a1c2*4472-bfdf314f-6f01772b*4472
IP 185.209.21.129:0
File type HTML document text\012- HTML document, ASCII text
Hash 213831bc626db7da2470cbd8b20f2bb9
32ab22dde6750626ff3aec51174841aadb0a4adc
f1cc4e552290731e8534c9b9a546d03ebf0eb2c5f0bcbf9ecb1e053ff7b7c8f4
GET /go/4995/1?subid2=rest&subid1=13000dbdaba6d666b0f2fd0e1d910b03971180912-202209-flb*5467515-f6d9b*M7142587830819094575*sl_5467515-f6d9b*ee9e1741e9f19896ef875c2f90968c4d6c97a1c2*4472-bfdf314f-6f01772b*4472 HTTP/1.1
Host: mobclick.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 12 Sep 2022 20:08:43 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 309
Connection: keep-alive
Content-Encoding: identity
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 12 Sep 2022 20:08:43 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: mobitck=1; expires=Mon, 12-Sep-2022 23:59:59 GMT; Max-Age=13876; path=/; HttpOnly
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 79223e8d6bd05838ca3e6d4b6919b2c6
0936225a62b5a7525990809f27137770da2da202
e62d32a17870fafcd4000948dd0b95b5e8eb967bf3141010d3041e9d3f816939
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E62D32A17870FAFCD4000948DD0B95B5E8EB967BF3141010D3041E9D3F816939"
Last-Modified: Mon, 12 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5918
Expires: Mon, 12 Sep 2022 21:47:21 GMT
Date: Mon, 12 Sep 2022 20:08:43 GMT
Connection: keep-alive
m.news-page.net/proc.php?7c501da73f3208bd66a552ee28ceb45fc29153ad
99.198.108.195200 OK 1.6 kB URL HTTP/2 m.news-page.net/proc.php?7c501da73f3208bd66a552ee28ceb45fc29153ad
IP 99.198.108.195:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3620), with no line terminators
Hash 8dc82b970f9ac1459b62a43fad8951c5
f78dd79d4f023e931e06efa9b37bbc7962a395f2
365b5b08e381d32398c2ea434fc37bda3243b75580bdd882081f95d28251af15
GET /proc.php?7c501da73f3208bd66a552ee28ceb45fc29153ad HTTP/1.1
Host: m.news-page.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.news-page.net/?utm_term=7142587830819094575&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84
Cookie: u=e51aeb8f0aeae72ef2c409e5fdda3cc7
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 20:08:42 GMT
content-type: text/html; charset=UTF-8
location: https://www.tiltimagic.com/?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7142587830819094575&website=4472-bfdf314f-6f01772b&placement=4472
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18593
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 20:08:43 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18593
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 20:08:43 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18593
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 20:08:43 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18593
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 20:08:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 04:04:42 GMT
age: 57841
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 80812
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PWOeca9JRnIgEymeLVyqTBucBJ0j6OS9Rmqwd4CcAKixqo0zvb452w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:48:14 GMT
age: 80429
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 22:16:58 GMT
age: 78705
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b674daf3dc6e85ed054ab34d69979b86
47aaf5a3af2c25820d01d613c82b7f1279a298fc
7b9993ef69d4b77c1533ada040c85563b9cf7b1f5d007177c005f6cd7fdba1d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4162
x-amzn-requestid: 9dc27e34-69e1-439d-8974-1297584ef4d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIhuHlWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87a4-410e9ede524aa657609a057a;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UxATqmWDCTwVqA3ORIXXObWZZj158TSRUoaAr48b08sxdAxBicw5zA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:27:45 GMT
age: 45658
etag: "47aaf5a3af2c25820d01d613c82b7f1279a298fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:13:41 GMT
age: 46502
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4ea7d99f9a51fdb39b8238a0e78b31a7
beacb7f6c547f348a03ef88e52b494cf4194e8dc
86b450c9f7327f0057262587602746add477cd8118d8a3b20fabbc229cffc652
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86B450C9F7327F0057262587602746ADD477CD8118D8A3B20FABBC229CFFC652"
Last-Modified: Sat, 10 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6294
Expires: Mon, 12 Sep 2022 21:53:37 GMT
Date: Mon, 12 Sep 2022 20:08:43 GMT
Connection: keep-alive
clicks.istripper.com/ref.php?ploc=direct-dl&s=82313&exotracker=192534057&version=2
130.185.144.4301 Moved Permanently 0 B URL HTTP/1.1 clicks.istripper.com/ref.php?ploc=direct-dl&s=82313&exotracker=192534057&version=2
IP 130.185.144.4:0
ASN #20860 Iomart Cloud Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ref.php?ploc=direct-dl&s=82313&exotracker=192534057&version=2 HTTP/1.1
Host: clicks.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Mon, 12 Sep 2022 20:08:43 GMT
Server: nginx/1.8.0
Content-Type: text/html; charset=iso-8859-1
X-Powered-By: PHP/7.3.25
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Location: https://www.istripper.com/home/download-instructions?dl=1&version=2
Cache-control: private
Set-Cookie: subwww=www; path=/; domain=.istripper.com; Secure; HttpOnly
s=82313; expires=Wed, 12-Oct-2022 20:08:43 GMT; Max-Age=2592000; path=/; domain=.istripper.com; Secure; HttpOnly
track=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.istripper.com; Secure; HttpOnly
referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.istripper.com; Secure; HttpOnly
ref=2YEs6AT0YZLHghDsL3xYrF; expires=Wed, 12-Oct-2022 20:08:43 GMT; Max-Age=2592000; path=/; domain=.istripper.com; Secure; HttpOnly
TOTWEB=serverweb2; path=/; Secure; HttpOnly
Transfer-Encoding: chunked
www.istripper.com/img/dlinstructions/windows/installation-step-1.jpg
172.64.144.99200 OK 23 kB URL HTTP/2 www.istripper.com/img/dlinstructions/windows/installation-step-1.jpg
IP 172.64.144.99:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x233, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 91a2572e4391b7f5935c7787573b1482
97c4a44fbf7e6ceef09da577421a208abe66df73
240c68fb032ffc61b9e475d92c75e3ae68408250e075c4d000564e4c96bc7ab8
GET /img/dlinstructions/windows/installation-step-1.jpg HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/home/download-instructions?dl=1&version=2
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: image/webp
content-length: 23410
cache-control: public, max-age=604800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=26419
content-disposition: inline; filename="installation-step-1.webp"
etag: "5a577660-6733"
last-modified: Thu, 11 Jan 2018 14:36:16 GMT
vary: Accept
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 955943281
cf-cache-status: HIT
age: 32531
expires: Mon, 19 Sep 2022 20:08:44 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 749b46db88e9b51d-OSL
X-Firefox-Spdy: h2
www.istripper.com/img/dlinstructions/windows/istripper-preview.png
172.64.144.99200 OK 64 kB URL HTTP/2 www.istripper.com/img/dlinstructions/windows/istripper-preview.png
IP 172.64.144.99:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c45dcdeb59bc53a6a1bf501bda67c4de
2e7f205f1c388f1bce909c7bb12d22c7f92ff07e
8b85b11624fcefffa4ac0540d4135cb40112c6bf82924996970d851384303266
GET /img/dlinstructions/windows/istripper-preview.png HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/home/download-instructions?dl=1&version=2
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: image/webp
content-length: 64012
cache-control: public, max-age=604800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=69474
content-disposition: inline; filename="istripper-preview.webp"
etag: "583800de-10f62"
last-modified: Fri, 25 Nov 2016 09:14:06 GMT
vary: Accept
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 74648759
cf-cache-status: HIT
age: 277005
expires: Mon, 19 Sep 2022 20:08:44 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 749b46db88e5b51d-OSL
X-Firefox-Spdy: h2
www.istripper.com/img/dlinstructions/windows/installation-step-2.jpg
172.64.144.99200 OK 8.7 kB URL HTTP/2 www.istripper.com/img/dlinstructions/windows/installation-step-2.jpg
IP 172.64.144.99:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x233, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 495bc81304424aa5cf3d21eb6f4c3925
69370052921b100bdd5996f74353fe1df43bd7a1
6c06e2ddc7fb71d091028fa03a9a36f9ad9d82888ea26015f9059aa41ae115b1
GET /img/dlinstructions/windows/installation-step-2.jpg HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/home/download-instructions?dl=1&version=2
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: image/webp
content-length: 8674
cache-control: public, max-age=604800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=9920
content-disposition: inline; filename="installation-step-2.webp"
etag: "5a577660-26c0"
last-modified: Thu, 11 Jan 2018 14:36:16 GMT
vary: Accept
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 743116197
cf-cache-status: HIT
age: 277004
expires: Mon, 19 Sep 2022 20:08:44 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 749b46db98f1b51d-OSL
X-Firefox-Spdy: h2
www.istripper.com/img/landing/mastercard.png
172.64.144.99200 OK 5.8 kB URL HTTP/2 www.istripper.com/img/landing/mastercard.png
IP 172.64.144.99:0
File type PNG image data, 63 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash 48087d64b8f424e8f3f8d346e692cf7a
5a6784b0157399a5befe3f0451f754e80494c5ce
7df44c6b7fddcf6cd87a752a3cb865b02ea4add2bc5cb11cf9ab440039a3a217
GET /img/landing/mastercard.png HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/home/download-instructions?dl=1&version=2
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: image/png
content-length: 5767
cache-control: public, max-age=604800
cf-bgj: imgq:85,h2pri
cf-polished: origSize=8347
etag: "5e97fb15-209b"
last-modified: Thu, 16 Apr 2020 06:28:37 GMT
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 406817487
cf-cache-status: HIT
age: 3954
expires: Mon, 19 Sep 2022 20:08:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b46db98f9b51d-OSL
X-Firefox-Spdy: h2
www.istripper.com/img/landing/visa.png
172.64.144.99200 OK 5.7 kB URL HTTP/2 www.istripper.com/img/landing/visa.png
IP 172.64.144.99:0
File type PNG image data, 102 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 8771a3669c5d4c20a54cca0738ad1c5f
cfff13f1ad1645c0b8932c84435ce7e57873ac10
48de8db32d9ab976b2f077063a97faf48814b02c9dac7a88e90ebd920b73fb43
GET /img/landing/visa.png HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/home/download-instructions?dl=1&version=2
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: image/png
content-length: 5724
cache-control: public, max-age=604800
cf-bgj: imgq:85,h2pri
cf-polished: origSize=9089
etag: "5e97fb13-2381"
last-modified: Thu, 16 Apr 2020 06:28:35 GMT
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 662864053
cf-cache-status: HIT
age: 3954
expires: Mon, 19 Sep 2022 20:08:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b46db9904b51d-OSL
X-Firefox-Spdy: h2
www.istripper.com/img/dlinstructions/windows/installation-step-3.jpg
172.64.144.99200 OK 18 kB URL HTTP/2 www.istripper.com/img/dlinstructions/windows/installation-step-3.jpg
IP 172.64.144.99:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x233, components 3\012- data
Hash 8e230c234c87cc7b9b092892c7fad849
6d590c13fc32a3f34a49b3468d697335c12c8b0a
39117c5e3dab41630c7ad0f01e87f83c43d10640b3a1ed462759463ac72df481
GET /img/dlinstructions/windows/installation-step-3.jpg HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/home/download-instructions?dl=1&version=2
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: image/jpeg
content-length: 17703
cache-control: public, max-age=604800
cf-bgj: imgq:100,h2pri
cf-polished: origSize=17711, status=webp_bigger
etag: "5a577660-452f"
last-modified: Thu, 11 Jan 2018 14:36:16 GMT
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 251963904
cf-cache-status: HIT
age: 32531
expires: Mon, 19 Sep 2022 20:08:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b46db98f7b51d-OSL
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.80200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.80:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Mon, 12 Sep 2022 00:51:49 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: znEHI1hgQIUO5QK6UreUgPwCbEgxLfh9BKKDDRmNWz41E-mko-j_qw==
age: 69416
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:08:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:08:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.istripper.com/img/landing/media-preview.jpg
172.64.144.99200 OK 38 kB URL HTTP/2 www.istripper.com/img/landing/media-preview.jpg
IP 172.64.144.99:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x899, components 3\012- data
Hash 089b7f26bee6cf290e6e447190b862c9
4aa55d7b183593c43a7f1d4f514d8d4556442f87
2de31fd1e9170d2172b865480d76919d81a7398660693846106ded282777ad50
GET /img/landing/media-preview.jpg HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/build/css/main-7e8d7b9b.css
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: image/jpeg
content-length: 38251
cache-control: public, max-age=604800
cf-bgj: imgq:85,h2pri
cf-polished: origSize=40482
etag: "5a18280b-9e22"
last-modified: Fri, 24 Nov 2017 14:09:15 GMT
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 534252901
cf-cache-status: HIT
age: 17835
expires: Mon, 19 Sep 2022 20:08:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b46dc39feb51d-OSL
X-Firefox-Spdy: h2
www.istripper.com/fonts/medium/BlackTie-Medium-webfont.woff2?v=1.0.0
172.64.144.99200 OK 13 kB URL HTTP/2 www.istripper.com/fonts/medium/BlackTie-Medium-webfont.woff2?v=1.0.0
IP 172.64.144.99:0
File type Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Hash 45950b55ba84e41eb5f0983dede2cebd
e94cf4456de1d974291b0550b71a16c9942afd73
454659a7191149e9499e487fd221c6f1c837ec0f306f5b2048be09f4ef391712
GET /fonts/medium/BlackTie-Medium-webfont.woff2?v=1.0.0 HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.istripper.com/build/css/main-7e8d7b9b.css
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: application/octet-stream
content-length: 12848
last-modified: Fri, 17 Nov 2017 13:58:37 GMT
etag: "5a0eeb0d-3230"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: public, max-age=604800
x-varnish: 622887079
via: 1.1 varnish-v4
x-cache: MISS
cf-cache-status: HIT
age: 339430
expires: Mon, 19 Sep 2022 20:08:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b46dc4a10b51d-OSL
X-Firefox-Spdy: h2
www.istripper.com/build/css/main-7e8d7b9b.css
172.64.144.99200 OK 49 kB URL HTTP/2 www.istripper.com/build/css/main-7e8d7b9b.css
IP 172.64.144.99:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ca8dec1c585153272bbf37979d0b115f
c7ef7f9b506a3ba90d7bb4dde19da0e934f4ca4b
9a2d8e61891d251cf9c06e5af57d024aa6413553f5db12adf1b3c9ef35880836
GET /build/css/main-7e8d7b9b.css HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/home/download-instructions?dl=1&version=2
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: text/css
cache-control: public, max-age=604800
cf-bgj: minify
etag: W/"62a88b1f-29a55"
last-modified: Tue, 14 Jun 2022 13:20:31 GMT
vary: Accept-Encoding
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 1035700581
cf-cache-status: HIT
age: 590854
expires: Mon, 19 Sep 2022 20:08:44 GMT
server: cloudflare
cf-ray: 749b46db88ddb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:08:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:200,700
142.250.74.10200 OK 24 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:200,700
IP 142.250.74.10:0
Hash 141687fcd7404a68d1970094baacbac0
ba8bd0469c946672f2b48d1c3f4573ed6db3b36b
601dc8ffec6ee9ab0725153fbe39455c1a5a93511796b1b8855aaf60dbb4b088
GET /css?family=Lato:300,400,700|Raleway:200,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Sep 2022 20:08:44 GMT
date: Mon, 12 Sep 2022 20:08:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.istripper.com/home/download-instructions?dl=1&version=2
172.64.144.99200 OK 6.5 kB URL HTTP/2 www.istripper.com/home/download-instructions?dl=1&version=2
IP 172.64.144.99:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22679), with no line terminators
Hash 7b5ceca1b8e23c8b1b805c94d618c7ef
bbf62b23ce720a42422abc1eb91d4c8b5e6a5e71
19910fd60453f9d7d5d439022e2bce3d62011d9716b55a5cba16111aee5dde5d
GET /home/download-instructions?dl=1&version=2 HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: subwww=www; s=82313; ref=2YEs6AT0YZLHghDsL3xYrF
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.25
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
set-cookie: subwww=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; Secure; HttpOnly
subwww=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.www.istripper.com; Secure; HttpOnly
subwww=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.istripper.com; Secure; HttpOnly
s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; Secure; HttpOnly
s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.www.istripper.com; Secure; HttpOnly
s=82313; expires=Wed, 11-Sep-2024 20:08:43 GMT; Max-Age=63072000; path=/; domain=.istripper.com; Secure; HttpOnly
ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; Secure; HttpOnly
ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.www.istripper.com; Secure; HttpOnly
ref=2YEs6AT0YZLHghDsL3xYrF; expires=Wed, 11-Sep-2024 20:08:43 GMT; Max-Age=63072000; path=/; domain=.istripper.com; Secure; HttpOnly
CLEAN=4; expires=Wed, 12-Oct-2022 20:08:43 GMT; Max-Age=2592000; path=/; domain=.istripper.com; Secure; HttpOnly
LANG=en; expires=Thu, 12-Sep-2024 20:08:43 GMT; Max-Age=63158400; path=/; domain=.istripper.com; Secure; HttpOnly
PHPSESSID=ssoveeofg4fmrl2u7edich90bk; path=/; Secure; HttpOnly
LV=2022-09-12; expires=Thu, 12-Sep-2024 20:08:43 GMT; Max-Age=63158400; path=/; domain=.istripper.com; Secure; HttpOnly
TOTWEB=serverweb3; path=/
locale: en
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
refresh: 0;url=https://www.istripper.com/fileaccess/software
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749b46da3ebab51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.istripper.com/img/logo/light/istripper.svg
172.64.144.99200 OK 24 kB URL HTTP/2 www.istripper.com/img/logo/light/istripper.svg
IP 172.64.144.99:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3195), with no line terminators
Hash bb4b42009a49a1811f0bdb09bcc192d4
9390b79e6ff32a86d9721818204964d263692dac
f45ffe5cfea2156f7552ecc314ddd383f00694501686124351d017e15854d1e2
GET /img/logo/light/istripper.svg HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/home/download-instructions?dl=1&version=2
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Sep 2017 11:24:36 GMT
vary: Accept-Encoding
etag: W/"59afdaf4-c7b"
cache-control: public, max-age=604800
x-varnish: 531631843
via: 1.1 varnish-v4
x-cache: MISS
cf-cache-status: HIT
age: 585082
expires: Mon, 19 Sep 2022 20:08:44 GMT
server: cloudflare
cf-ray: 749b46db88e2b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5bf685a4f13cca00015103ce
143.204.55.80200 OK 1.8 kB URL HTTP/2 widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5bf685a4f13cca00015103ce
IP 143.204.55.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4154)
Hash a8a941f7dc068156715b31e54962cad0
4ee56e25135b3b62670b798483fe3678857a1b7d
10e8a6d9cae3724f92b6beabbe625e588ca3519095153ca888aa799e124f63fd
GET /trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5bf685a4f13cca00015103ce HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1751
last-modified: Tue, 14 Jun 2022 14:06:43 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Mon, 12 Sep 2022 03:44:12 GMT
cache-control: max-age=86400
etag: "a8a941f7dc068156715b31e54962cad0"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MuFuUTRBxcWe-S-9eJ26_niqODVAM576iU1DTOMfIiRTDJrbUIauLg==
age: 62444
X-Firefox-Spdy: h2
www.istripper.com/favicons/istripper/apple-icon-120x120.png
172.64.144.99200 OK 3.1 kB URL HTTP/2 www.istripper.com/favicons/istripper/apple-icon-120x120.png
IP 172.64.144.99:0
File type PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced\012- data
Hash e65e892100f8c2e5fff426919c4222a7
a32d50782e9bf3aa0da4b745447dbbbf9c97b708
2fbaf7bc9e021f951fd62346fbefc85eec3733c65104983aab0e426f5c2b0b5d
GET /favicons/istripper/apple-icon-120x120.png HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/home/download-instructions?dl=1&version=2
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: image/png
content-length: 3051
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-bgj: imgq:85,h2pri
cf-polished: origSize=5029
etag: "56f25600-13a5"
last-modified: Wed, 23 Mar 2016 08:38:24 GMT
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 414091332
cf-cache-status: HIT
age: 539661
expires: Mon, 19 Sep 2022 20:08:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b46dceb18b51d-OSL
X-Firefox-Spdy: h2
www.istripper.com/favicons/istripper/favicon-16x16.png
172.64.144.99200 OK 440 B URL HTTP/2 www.istripper.com/favicons/istripper/favicon-16x16.png
IP 172.64.144.99:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 6ec1b4e2c52096b799140c6292eb6c40
78f422243cabf32aa9601f0bd6de4a1870964c38
bd50c8e8831aef10d456217e3d2d8a1fdc6860b8681462fd59bcc4d04e935419
GET /favicons/istripper/favicon-16x16.png HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/home/download-instructions?dl=1&version=2
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: image/png
content-length: 440
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-bgj: imgq:85,h2pri
cf-polished: origSize=958
etag: "56f25600-3be"
last-modified: Wed, 23 Mar 2016 08:38:24 GMT
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 841549703
cf-cache-status: HIT
age: 520818
expires: Mon, 19 Sep 2022 20:08:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b46dcfb1ab51d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:08:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js
143.204.55.80200 OK 16 kB URL HTTP/2 widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js
IP 143.204.55.80:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (50317)
Hash 3c2cef4a08f0fe336be6859edd2acbec
09630001b3a8330a44f7f9245f16f7e750f5ccfc
503e9d598072df2784f4511c55bca4072a08453af16a19777e50a3f567f53a77
GET /trustboxes/53aa8807dec7e10d38f59f32/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5bf685a4f13cca00015103ce
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 15538
last-modified: Tue, 14 Jun 2022 14:06:48 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Mon, 12 Sep 2022 01:20:51 GMT
cache-control: max-age=86400
etag: "3c2cef4a08f0fe336be6859edd2acbec"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ps-CJK7NlOTHaoBK5YX0nHuA37sMFhDL9P2JyTTcOXX0jKvUqVaWQg==
age: 67674
X-Firefox-Spdy: h2
www.istripper.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1663012800
172.64.144.99200 OK 14 kB URL HTTP/2 www.istripper.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1663012800
IP 172.64.144.99:0
File type ASCII text, with very long lines (39750), with no line terminators
Hash 7229e3da70521079276880709d8f8c54
34e3c174a0dd5700bbfba4c6caaaa8ff3e141e6f
4eda7a0ceac863edda0c6284345cebd3e6c7296435d4e20e6f7a4a5734abbf8f
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1663012800 HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-control-type-options: nosniff
server: cloudflare
cf-ray: 749b46dcdaf5b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 12 Sep 2022 18:41:12 GMT
expires: Mon, 12 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 5252
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:08:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/gtm/js?id=GTM-P9LCK2H&cid=1161945013.1663013312
142.250.74.174200 OK 41 kB URL HTTP/2 www.google-analytics.com/gtm/js?id=GTM-P9LCK2H&cid=1161945013.1663013312
IP 142.250.74.174:0
File type ASCII text, with very long lines (1615)
Hash 81b030f0a1ec4054dd056a8d6d8718c2
ee55acbaf4c54e9e9af8cababec906b47091b31b
f4db5972afa5e3386cb90288d74663032be39bb23d245fbbf120c32db588443f
GET /gtm/js?id=GTM-P9LCK2H&cid=1161945013.1663013312 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Sep 2022 20:08:44 GMT
expires: Mon, 12 Sep 2022 20:08:44 GMT
cache-control: private, max-age=900
last-modified: Mon, 12 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41243
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=5bf685a4f13cca00015103ce&locale=en-US
143.204.55.80200 OK 388 B URL HTTP/2 widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=5bf685a4f13cca00015103ce&locale=en-US
IP 143.204.55.80:0
File type JSON data\012- , ASCII text, with very long lines (909), with no line terminators
Hash bf13be03695279653f59f696f9e11cae
c07544f6a3cbf29ea02814efa6bfbbf5eb48189f
20e5ed02ec6865a57acc7b920213c8399bf82b27d7ff871f41971ffbfaa7d679
GET /trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=5bf685a4f13cca00015103ce&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5bf685a4f13cca00015103ce
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 388
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fallback-status: BYPASS
x-skip-cache-cookie: 0
x-xss-protection: 1; mode=block
date: Mon, 12 Sep 2022 19:56:47 GMT
cache-control: public,max-age=1800
etag: "0c08129bf2eae256db8b3f08902f709f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: H4a0JI37FnuTJS8JZxepjNexhYuN3ys8Wg33X9D9LjP_tsRmCaGFCg==
age: 720
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=120px&styleWidth=100%25&theme=dark&url=https%3A%2F%2Fwww.istripper.com%2Fhome%2Fdownload-instructions%3Fdl%3D1%26version%3D2&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5bf685a4f13cca00015103ce&widgetId=53aa8807dec7e10d38f59f32
143.204.55.80204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=120px&styleWidth=100%25&theme=dark&url=https%3A%2F%2Fwww.istripper.com%2Fhome%2Fdownload-instructions%3Fdl%3D1%26version%3D2&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5bf685a4f13cca00015103ce&widgetId=53aa8807dec7e10d38f59f32
IP 143.204.55.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=120px&styleWidth=100%25&theme=dark&url=https%3A%2F%2Fwww.istripper.com%2Fhome%2Fdownload-instructions%3Fdl%3D1%26version%3D2&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5bf685a4f13cca00015103ce&widgetId=53aa8807dec7e10d38f59f32 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5bf685a4f13cca00015103ce
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Mon, 12 Sep 2022 20:08:43 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mPR32AKiXD5dg5vstOsiMoCaW85uHFb-aO5OWb1n3hzxybI9mmZWMQ==
X-Firefox-Spdy: h2
www.istripper.com/binary/setup-istripper_49ZwbCANhE74QX3lyYCSNPiGoCD.exe
172.64.144.99200 OK 63 MB URL HTTP/2 www.istripper.com/binary/setup-istripper_49ZwbCANhE74QX3lyYCSNPiGoCD.exe
IP 172.64.144.99:0
File type PE32 executable (GUI) Intel 80386, for MS Windows\012- data
Size 63 MB (62906272 bytes)
Hash 375175390fdbad35be67f4d1280d354d
75f3a776a43aa32be704f2fa8128beba34a0b0fd
0c4ba07d364270a181264f0dffb38ca21c5acf0d295b6ef70ec759ba20d7bcfd
GET /binary/setup-istripper_49ZwbCANhE74QX3lyYCSNPiGoCD.exe HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: s=82313; ref=49ZwbCANhE74QX3lyYCSNPiGoCD; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3; _ga=GA1.2.1161945013.1663013312; _gid=GA1.2.1606552164.1663013312; _gat=1; DLDED=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: application/octet-stream
content-length: 62906272
last-modified: Wed, 23 Mar 2022 10:47:20 GMT
etag: "623afab8-3bfdfa0"
cf-cache-status: HIT
age: 1120117
expires: Tue, 13 Sep 2022 20:08:44 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b46defdc6b51d-OSL
X-Firefox-Spdy: h2
www.istripper.com/cdn-cgi/apps/head/fLDhFVazeqalSkIg94y2Krcbstg.js
172.64.144.99200 OK 0 B URL HTTP/2 www.istripper.com/cdn-cgi/apps/head/fLDhFVazeqalSkIg94y2Krcbstg.js
IP 172.64.144.99:0
GET /cdn-cgi/apps/head/fLDhFVazeqalSkIg94y2Krcbstg.js HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/home/download-instructions?dl=1&version=2
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: NfZvotjSIKHGuKwJutGqvrAgFpaWYdvq8az5jPxmLrrvRpXw7zueaHiUEm/eWdF4A0t03ufUhag=
x-amz-request-id: 5743MCR1Y9JTK71P
cache-control: public, max-age=31536000
last-modified: Fri, 31 Jul 2020 08:05:20 GMT
x-amz-version-id: PV4YUDDonyY36PzlG6GJeSQz1T3gdSbZ
etag: W/"045dee888f48aede304eb85317ec8f1b"
cf-cache-status: HIT
age: 12322602
expires: Tue, 12 Sep 2023 20:08:44 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b46db78d0b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
259.novitrk3.com/smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source=
188.240.52.20200 OK 0 B URL HTTP/2 259.novitrk3.com/smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source=
IP 188.240.52.20:0
GET /smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source= HTTP/1.1
Host: 259.novitrk3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImQ0aVdmZEdaQ3g0UGJkQzZ4YXJaZVE9PSIsInZhbHVlIjoiS1Z6U3czTWJCT3BNWU5iZ1MvNkNsSTh3ZzduS0xFQWJkM3FEUHBRdit1WHpuZXVWYWUzZjViTW5xNGwxMEFabXJPdGtLQzY2aWUxWGZhRnljdDNsT2I0cThIQ0h2Tlc4MzZ5TENjTmJnOUpTKzZaUFh4QlZWTm80cUpQWDVJbTIiLCJtYWMiOiJjZDhiOTNhMDVhMjIzMTBkMTA0Nzc0ZTZhNzQ3ZWZkMDUzNjExMDJlZGVmNDYwODkzMWQwNzQyOWU4OTM3MDU2IiwidGFnIjoiIn0%3D; novidash_session=eyJpdiI6IkVqRlBkRWFBeGFHaXAzMFNFVFdhMVE9PSIsInZhbHVlIjoiTko1QXJTUEZuM3ZwWFZSdEZ6NEJpbW1mdGpncnNwS3Vnb3VvenlBb3JyNzlLdEt0d2pvTm0weUI4U25ZZUtrSnQyTmJjN0NqNWF0dTd4S2h0c25uNVpvRnV0bkNyNWdnZ0EyT3pMRXhxb28zMWVaU2tqdlNreEw2OGZ5cDhVeHAiLCJtYWMiOiIwZDE2NGU2ZjhlYzJjNjEyYmJmYjgxZjc5YWU4NTBmYjQ3NWVhZTQ1ZjQ1MTk0Y2MyZTNiYjIzYWQwNDBiMDhjIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx/1.19.10
date: Mon, 12 Sep 2022 20:08:41 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6Im1MVG01TW9Tcnc3UWhlOU5jWGdkU0E9PSIsInZhbHVlIjoiK2htemVJUndOWEZnU0NRTkJuMkJDTzYxZkFpSFlVYUREQWxqaGF3ckpjK3pEZ3dodzVnQnAwR1JQWjArQk9hbVJSQjk2WjNncC84OEJwU2liS1IxaURmTldzWGw1T2RwQW9RalBGTzZiUFExcWRrc0RqZGs4NGNiSWIxWS93eWoiLCJtYWMiOiI3ZTk0ZTRjZDMwOWZmOWU1NmQ1MTBiZDA5MDhjYzBjMWMwNTAzYTI4Njk2MDI5NDYwNTg3MTQ0M2MwYTI4YjI1IiwidGFnIjoiIn0%3D; expires=Mon, 12-Sep-2022 22:08:41 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IjduRkFwQm92bVJXVDZwVzZidDVaVnc9PSIsInZhbHVlIjoiMG01bGp0eUE5Sy9IS1B2TGVRaE85SklOaUcyeDBQTmppZEZydHhvOWRJRVc2aVJQU1lrUzl3MnRRMm9pWGZWZWxEMzdTVnFFT3ZVUXY3c3N2cHJGT0UyNU1xeTF3eUJNWXU4aVVlMVZhZW1hdG9nQThsdEtBSTJRdnFLS3Q1ekYiLCJtYWMiOiIwMzJjOTZjNGI2YzE5OTVlMjNmYTU4NGUyYjNjMDkyYjhmMWU3NGYxZDM4OTAzZmZmNTBkMjc4ZDBhODBkNmFkIiwidGFnIjoiIn0%3D; expires=Mon, 12-Sep-2022 22:08:41 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
259.novitrk3.com/smartlink?mongo_id=631f91c98e4a45019f08c3be&mongo_grouped_id=631f9194a50f417ac13efd51&redirect_url=https%3A%2F%2Fm.news-page.net%2F%3Futm_medium%3D98774ae3068a24906aeee5af1282751e21ca5683%26utm_campaign%3Dmainstream_np%261%3D3%262%3D%7Bsubid%7D%26cid%3D902633807%26np%3D1&fingerprint=eyJ3ZWJkcml2ZXIiOjAsImhlYWRsZXNzIjowLCJjaHJvbWUiOjAsIm9uTGluZSI6MSwiY29va2llRW5hYmxlZCI6MSwicGx1Z2lucyI6MCwibWltZVR5cGVzIjowLCJzY3JlZW5XaWR0aCI6MTI4MCwic2NyZWVuSGVpZ2h0IjoxMDI0LCJvdXRlcldpZHRoIjoxMTUyLCJvdXRlckhlaWdodCI6OTAxLCJjb2xvckRlcHRoIjoyNCwiZGV2aWNlTWVtb3J5IjowLCJoYXJkd2FyZUNvbmN1cnJlbmN5IjoxNiwic3RhbmRhbG9uZSI6MCwidGltZXpvbmUiOiJVVEMiLCJsYW5ndWFnZSI6ImVuLVVTIiwibGFuZ3VhZ2VzIjpbImVuLVVTIiwiZW4iXSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0b3VjaCI6MCwiaWZyYW1lIjowLCJldmFsIjozNywidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJvdmVycmlkZSI6MSwiZHVyYXRpb24iOjQyfQ==&js=1
188.240.52.20302 Found 0 B URL HTTP/2 259.novitrk3.com/smartlink?mongo_id=631f91c98e4a45019f08c3be&mongo_grouped_id=631f9194a50f417ac13efd51&redirect_url=https%3A%2F%2Fm.news-page.net%2F%3Futm_medium%3D98774ae3068a24906aeee5af1282751e21ca5683%26utm_campaign%3Dmainstream_np%261%3D3%262%3D%7Bsubid%7D%26cid%3D902633807%26np%3D1&fingerprint=eyJ3ZWJkcml2ZXIiOjAsImhlYWRsZXNzIjowLCJjaHJvbWUiOjAsIm9uTGluZSI6MSwiY29va2llRW5hYmxlZCI6MSwicGx1Z2lucyI6MCwibWltZVR5cGVzIjowLCJzY3JlZW5XaWR0aCI6MTI4MCwic2NyZWVuSGVpZ2h0IjoxMDI0LCJvdXRlcldpZHRoIjoxMTUyLCJvdXRlckhlaWdodCI6OTAxLCJjb2xvckRlcHRoIjoyNCwiZGV2aWNlTWVtb3J5IjowLCJoYXJkd2FyZUNvbmN1cnJlbmN5IjoxNiwic3RhbmRhbG9uZSI6MCwidGltZXpvbmUiOiJVVEMiLCJsYW5ndWFnZSI6ImVuLVVTIiwibGFuZ3VhZ2VzIjpbImVuLVVTIiwiZW4iXSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0b3VjaCI6MCwiaWZyYW1lIjowLCJldmFsIjozNywidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJvdmVycmlkZSI6MSwiZHVyYXRpb24iOjQyfQ==&js=1
IP 188.240.52.20:0
GET /smartlink?mongo_id=631f91c98e4a45019f08c3be&mongo_grouped_id=631f9194a50f417ac13efd51&redirect_url=https%3A%2F%2Fm.news-page.net%2F%3Futm_medium%3D98774ae3068a24906aeee5af1282751e21ca5683%26utm_campaign%3Dmainstream_np%261%3D3%262%3D%7Bsubid%7D%26cid%3D902633807%26np%3D1&fingerprint=eyJ3ZWJkcml2ZXIiOjAsImhlYWRsZXNzIjowLCJjaHJvbWUiOjAsIm9uTGluZSI6MSwiY29va2llRW5hYmxlZCI6MSwicGx1Z2lucyI6MCwibWltZVR5cGVzIjowLCJzY3JlZW5XaWR0aCI6MTI4MCwic2NyZWVuSGVpZ2h0IjoxMDI0LCJvdXRlcldpZHRoIjoxMTUyLCJvdXRlckhlaWdodCI6OTAxLCJjb2xvckRlcHRoIjoyNCwiZGV2aWNlTWVtb3J5IjowLCJoYXJkd2FyZUNvbmN1cnJlbmN5IjoxNiwic3RhbmRhbG9uZSI6MCwidGltZXpvbmUiOiJVVEMiLCJsYW5ndWFnZSI6ImVuLVVTIiwibGFuZ3VhZ2VzIjpbImVuLVVTIiwiZW4iXSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0b3VjaCI6MCwiaWZyYW1lIjowLCJldmFsIjozNywidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJvdmVycmlkZSI6MSwiZHVyYXRpb24iOjQyfQ==&js=1 HTTP/1.1
Host: 259.novitrk3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlUxYnovWmJzbjV5NFdlenNwQ3lnZkE9PSIsInZhbHVlIjoiUHVrVkViQkRDck41QnZqS2sxQVY1eEl5bHlSSGRqSTZidVcvU0ZsWEZOUWcrWmlqVUI1RndMd3ZZbW9GamJnakZlSTA3ZFFjRnMwVzJpanRPOEllc3A4andUSUNiRGt0bDJ2ZkZ5aU5BSXBNdTFPeGJEU25QcEsrdDl0UTJGcWsiLCJtYWMiOiIyZTZhMjQyMmI3NDI3OWE4NjA1ZTUwZWU2MzUwMTZmM2U2MmE5Y2NlYzVmMGFmMThkNTY4MDZiZTRhM2IzY2E1IiwidGFnIjoiIn0%3D; novidash_session=eyJpdiI6IitaUWxJQURSakIzQlAwUXZxQjhVS1E9PSIsInZhbHVlIjoiWklpaHFldk9KNVVrZE5MVXVqRnd4dzJjU0diUitjZFBpN2VKNksrUGpQQm1xcFJ4ekFMQVA4TDgvQU5SdzBGMUdaQXBqVllvNEFOWnV3a0ljN01PL2w0b05LeEpkRHBjODRIUHNFUnVMcDk5bXJPU05LTTR3bGZlNVdzTnZLNkIiLCJtYWMiOiJiZjJjMDcyNmRiOGM2NmZiNWVmZjZjYTIzNWRhMmI2NjI3NmU5YjdlNjA2YzI5NDcwNjJiZmFjMWNmMzkwYzYzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.19.10
date: Mon, 12 Sep 2022 20:08:41 GMT
content-type: text/html; charset=UTF-8
location: https://m.news-page.net/?utm_medium=98774ae3068a24906aeee5af1282751e21ca5683&utm_campaign=mainstream_np&1=3&2={subid}&cid=902633807&np=1
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IjFaL2NoRGMxcCtIZElXaVV1aHNvVmc9PSIsInZhbHVlIjoicU9kcCtuOERZQUUzUmxncGpNbFFlS2s4dXhmQmpYTml6dWJGTFpkUlBUS003dGE0cUJBTTlvOEtTaUlZYldQRlNPZHJqdzRCLzlIWlhXK2h5czE5QlVHeEV0U2RUYUpPby84WEp2bHNjeitnajgzZWJpK01ucThNc0RVNHZVNW8iLCJtYWMiOiI1MDEzYTNhNzg2ZTNmMWM0NmNhZGNkNDgwMmM1MzhjYTk2OGZkY2JhN2I5ZjExYzEzZTU4N2UxNzhjYTY2Zjk4IiwidGFnIjoiIn0%3D; expires=Mon, 12-Sep-2022 22:08:41 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6Ik1qUlFIZ1Y3NDgzR0F2REUyZUJTa0E9PSIsInZhbHVlIjoibjRyOGU2eE9QTVY1UVMzNzhqQ3FiQkUyZVNWdzUzQldkS056Y1JUMTdvRDdkalR1SXZPQ1ErOXpGYkl0NEk4d2tLZXRjVk9oY3lPazFaSzk2elk0cTNqVjVaVG45T0I1M3RuNFBsd1EzTXBQOFhYdityVHFURnJKU0tHWnA4R0UiLCJtYWMiOiJkOGE2ZGE1Y2JkMjZlZjAxN2Y5NTAyMmZjMThmMzk5NTIyZmNhNTU0M2M2MjIzMTJkYzZlMzY3ZGMzNmJjMzMyIiwidGFnIjoiIn0%3D; expires=Mon, 12-Sep-2022 22:08:41 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.istripper.com/fileaccess/software
172.64.144.99302 Found 0 B URL HTTP/2 www.istripper.com/fileaccess/software
IP 172.64.144.99:0
GET /fileaccess/software HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3; _ga=GA1.2.1161945013.1663013312; _gid=GA1.2.1606552164.1663013312; _gat=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: text/html; charset=UTF-8
location: https://www.istripper.com/binary/setup-istripper_49ZwbCANhE74QX3lyYCSNPiGoCD.exe
x-powered-by: PHP/7.3.25
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
locale: en
set-cookie: LANG=en; expires=Thu, 12-Sep-2024 20:08:44 GMT; Max-Age=63158400; path=/; domain=.istripper.com; Secure; HttpOnly
ref=49ZwbCANhE74QX3lyYCSNPiGoCD; expires=Thu, 12-Sep-2024 20:08:44 GMT; Max-Age=63158400; path=/; domain=.istripper.com; Secure; HttpOnly
s=82313; expires=Thu, 12-Sep-2024 20:08:44 GMT; Max-Age=63158400; path=/; domain=.istripper.com; Secure; HttpOnly
DLDED=1; expires=Mon, 12-Sep-2022 21:08:44 GMT; Max-Age=3600; path=/; domain=.istripper.com; Secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749b46de6d09b51d-OSL
X-Firefox-Spdy: h2
www.istripper.com/build/js/adapter.bundle-09545328.js
172.64.144.99200 OK 0 B URL HTTP/2 www.istripper.com/build/js/adapter.bundle-09545328.js
IP 172.64.144.99:0
GET /build/js/adapter.bundle-09545328.js HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/home/download-instructions?dl=1&version=2
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: application/javascript
cache-control: public, max-age=604800
cf-bgj: minify
cf-polished: origSize=68495
etag: W/"62a88b20-10b8f"
last-modified: Tue, 14 Jun 2022 13:20:32 GMT
vary: Accept-Encoding
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 903152876
cf-cache-status: HIT
age: 539662
expires: Mon, 19 Sep 2022 20:08:44 GMT
server: cloudflare
cf-ray: 749b46db9906b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.istripper.com/cdn-cgi/apps/body/YBCtWO_m2F_YepxEveHLbijyibI.js
172.64.144.99200 OK 0 B URL HTTP/2 www.istripper.com/cdn-cgi/apps/body/YBCtWO_m2F_YepxEveHLbijyibI.js
IP 172.64.144.99:0
GET /cdn-cgi/apps/body/YBCtWO_m2F_YepxEveHLbijyibI.js HTTP/1.1
Host: www.istripper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.istripper.com/home/download-instructions?dl=1&version=2
Cookie: s=82313; ref=2YEs6AT0YZLHghDsL3xYrF; CLEAN=4; LANG=en; PHPSESSID=ssoveeofg4fmrl2u7edich90bk; LV=2022-09-12; TOTWEB=serverweb3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:08:44 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: wbLDOrU+1oLIbtKlXswf1O+EKeTlsTvtW2/Wrt3ZO/rJEh/Gts09z7G81YA7VZ+foeF61U/xbNo=
x-amz-request-id: MBQ58GFHA721K3MX
cache-control: public, max-age=31536000
last-modified: Fri, 31 Jul 2020 08:05:20 GMT
x-amz-version-id: HEh62SxbTlWyoyFovdeBQ5r_UuMyWFre
etag: W/"036f4639519c69dd7407363c4506211f"
cf-cache-status: HIT
age: 8452921
expires: Tue, 12 Sep 2023 20:08:44 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b46dbb938b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
259.novitrk3.com/smartlink-css/631f91c98e4a45019f08c3be
188.240.52.20200 OK 0 B URL HTTP/2 259.novitrk3.com/smartlink-css/631f91c98e4a45019f08c3be
IP 188.240.52.20:0
Analyzer Verdict Alert fortinet Phishing
GET /smartlink-css/631f91c98e4a45019f08c3be HTTP/1.1
Host: 259.novitrk3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://259.novitrk3.com/smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source=
Cookie: XSRF-TOKEN=eyJpdiI6Im1MVG01TW9Tcnc3UWhlOU5jWGdkU0E9PSIsInZhbHVlIjoiK2htemVJUndOWEZnU0NRTkJuMkJDTzYxZkFpSFlVYUREQWxqaGF3ckpjK3pEZ3dodzVnQnAwR1JQWjArQk9hbVJSQjk2WjNncC84OEJwU2liS1IxaURmTldzWGw1T2RwQW9RalBGTzZiUFExcWRrc0RqZGs4NGNiSWIxWS93eWoiLCJtYWMiOiI3ZTk0ZTRjZDMwOWZmOWU1NmQ1MTBiZDA5MDhjYzBjMWMwNTAzYTI4Njk2MDI5NDYwNTg3MTQ0M2MwYTI4YjI1IiwidGFnIjoiIn0%3D; novidash_session=eyJpdiI6IjduRkFwQm92bVJXVDZwVzZidDVaVnc9PSIsInZhbHVlIjoiMG01bGp0eUE5Sy9IS1B2TGVRaE85SklOaUcyeDBQTmppZEZydHhvOWRJRVc2aVJQU1lrUzl3MnRRMm9pWGZWZWxEMzdTVnFFT3ZVUXY3c3N2cHJGT0UyNU1xeTF3eUJNWXU4aVVlMVZhZW1hdG9nQThsdEtBSTJRdnFLS3Q1ekYiLCJtYWMiOiIwMzJjOTZjNGI2YzE5OTVlMjNmYTU4NGUyYjNjMDkyYjhmMWU3NGYxZDM4OTAzZmZmNTBkMjc4ZDBhODBkNmFkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.10
date: Mon, 12 Sep 2022 20:08:41 GMT
content-type: text/css; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IlUxYnovWmJzbjV5NFdlenNwQ3lnZkE9PSIsInZhbHVlIjoiUHVrVkViQkRDck41QnZqS2sxQVY1eEl5bHlSSGRqSTZidVcvU0ZsWEZOUWcrWmlqVUI1RndMd3ZZbW9GamJnakZlSTA3ZFFjRnMwVzJpanRPOEllc3A4andUSUNiRGt0bDJ2ZkZ5aU5BSXBNdTFPeGJEU25QcEsrdDl0UTJGcWsiLCJtYWMiOiIyZTZhMjQyMmI3NDI3OWE4NjA1ZTUwZWU2MzUwMTZmM2U2MmE5Y2NlYzVmMGFmMThkNTY4MDZiZTRhM2IzY2E1IiwidGFnIjoiIn0%3D; expires=Mon, 12-Sep-2022 22:08:41 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IitaUWxJQURSakIzQlAwUXZxQjhVS1E9PSIsInZhbHVlIjoiWklpaHFldk9KNVVrZE5MVXVqRnd4dzJjU0diUitjZFBpN2VKNksrUGpQQm1xcFJ4ekFMQVA4TDgvQU5SdzBGMUdaQXBqVllvNEFOWnV3a0ljN01PL2w0b05LeEpkRHBjODRIUHNFUnVMcDk5bXJPU05LTTR3bGZlNVdzTnZLNkIiLCJtYWMiOiJiZjJjMDcyNmRiOGM2NmZiNWVmZjZjYTIzNWRhMmI2NjI3NmU5YjdlNjA2YzI5NDcwNjJiZmFjMWNmMzkwYzYzIiwidGFnIjoiIn0%3D; expires=Mon, 12-Sep-2022 22:08:41 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
m.news-page.net/?utm_term=7142587830819094575&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84
99.198.108.195200 OK 0 B URL HTTP/2 m.news-page.net/?utm_term=7142587830819094575&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84
IP 99.198.108.195:0
GET /?utm_term=7142587830819094575&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84 HTTP/1.1
Host: m.news-page.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.news-page.net/?utm_medium=98774ae3068a24906aeee5af1282751e21ca5683&utm_campaign=mainstream_np&1=3&2={subid}&cid=902633807&np=1
Cookie: u=e51aeb8f0aeae72ef2c409e5fdda3cc7
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 20:08:42 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2