r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6390
Expires: Tue, 04 Oct 2022 12:00:42 GMT
Date: Tue, 04 Oct 2022 10:14:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 09:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2hIqRrzxENQScQnGd49JIFpUqonsDjuTgkfvgh1S834OmatuFzE9Dw==
Age: 1628
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TUCsIDX_K2FAgrwmzBlFn_fIUTfcmJqKzpQPR_KlwJ8Azz100BGXwA==
age: 17145
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 10:14:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.spl-notice.com/etisalat/
198.46.94.17302 Found 0 B URL HTTP/1.1 www.spl-notice.com/etisalat/
IP 198.46.94.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Etisalat
fortinet Phishing
GET /etisalat/ HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:12 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
location: login.html
X-Proxy-Cache: MISS
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 09:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 10:27:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OYnoDh8hJKHGvCmtGrPofD3D4FuqnVCe1PyUqbO066LgdG5rRiF2Xg==
Age: 2680
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2232
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:13 GMT
Last-Modified: Tue, 04 Oct 2022 09:37:01 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.spl-notice.com/etisalat/Care_files/googlefonts.css
198.46.94.17200 OK 593 B URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/googlefonts.css
IP 198.46.94.17:0
File type ASCII text, with CRLF line terminators
Hash 86b88ecc9cbc692944f2d317df7648ea
cc11b977b1e61bf1ebb28a96a76699634f184c19
9934a824e285424be1f10e7c05b29d32c0d5e7c3eff0ef519710cf0fc5d9d50d
GET /etisalat/Care_files/googlefonts.css HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/login.html
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:13 GMT
Content-Type: text/css
Last-Modified: Fri, 27 Sep 2019 15:53:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d8e3072-a82"
Expires: Tue, 11 Oct 2022 10:14:13 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: gzip
www.spl-notice.com/etisalat/login.html
198.46.94.17200 OK 126 kB URL HTTP/1.1 www.spl-notice.com/etisalat/login.html
IP 198.46.94.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19074)
Size 126 kB (126252 bytes)
Hash 2980fc1ea5a315e86419de42b9923514
9d4a1b666b9472fb5fec8c2f3064e915a4319c13
f80bd5bed6bd023e233ffc504106afde315dfb5c71b74f14d7732f7956399526
Analyzer Verdict Alert openphish Etisalat
fortinet Phishing
GET /etisalat/login.html HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 03 Oct 2022 18:06:30 GMT
X-Proxy-Cache: HIT
Content-Encoding: gzip
www.spl-notice.com/etisalat/Care_files/labels.js
198.46.94.17200 OK 4.8 kB URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/labels.js
IP 198.46.94.17:0
File type Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash ec42fba582b3c5841776d9fba8d31101
cc8e1a00426e8487517e61a25ef361065dd0c16e
f2bd6d1a47c3a0a77ed7b1fe3f3b1b6ab429050123f05c3d2889f226287e6416
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/Care_files/labels.js HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/login.html
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:13 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Sep 2019 15:53:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d8e3072-3a2b"
Expires: Tue, 11 Oct 2022 10:14:13 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: gzip
www.spl-notice.com/etisalat/Care_files/engine.js
198.46.94.17200 OK 13 kB URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/engine.js
IP 198.46.94.17:0
Hash 9d4fe5094b38a3c6787a890b021b6b6e
9eee8d573ced71c19da6145090ad85ce300f0416
3f62b82f69f2c7332a106d2578cef895f82fdd295e21e5b1cf2e4e0f03662c7c
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/Care_files/engine.js HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/login.html
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:13 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Sep 2019 15:53:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d8e3072-b3e6"
Expires: Tue, 11 Oct 2022 10:14:13 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: gzip
www.spl-notice.com/etisalat/Care_files/util.js
198.46.94.17200 OK 12 kB URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/util.js
IP 198.46.94.17:0
Hash ed00e6ef219e8d53569f8b6367e3dcb3
df945fa76689503b2837efe9dce79139da2ae26e
6aeadfd91bda1d49901ee146e685bb43b045de0f01d8c72082d50d11fcbac611
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/Care_files/util.js HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/login.html
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:13 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Sep 2019 15:53:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d8e3072-b49c"
Expires: Tue, 11 Oct 2022 10:14:13 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: gzip
push.services.mozilla.com/
34.214.17.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.17.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LfSH/LnS9HEZormSn3Iy6A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: n5NgF/kZxq1zEoresIaQd5NhgqY=
www.spl-notice.com/etisalat/Care_files/CaptchaServlet.txt
198.46.94.17404 Not Found 179 B URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/CaptchaServlet.txt
IP 198.46.94.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash cce55030d17de7ce56b9249ee06ec29f
9fe3d0385300c0d94ab3bfe0418ecbc4d5c10dae
13797b82fea032924329669eda7aa35ae1bb8380daf4aeb578b05e69cfdca589
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/Care_files/CaptchaServlet.txt HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/login.html
HTTP/1.1 404 Not Found
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.spl-notice.com/etisalat/Care_files/api.js
198.46.94.17200 OK 467 B URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/api.js
IP 198.46.94.17:0
File type ASCII text, with very long lines (729), with no line terminators
Hash 17047fcf7f8f530cae0b0e6e93db208e
e6c20cab18ba0bdf57e8773776dd35fb775e04db
48ba4d0bd9c6660223558120266f9beac9dce9656fdeb1e725efca31306d2c4a
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/Care_files/api.js HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/login.html
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:13 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Sep 2019 15:53:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d8e3072-2d9"
Expires: Tue, 11 Oct 2022 10:14:13 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: gzip
www.spl-notice.com/etisalat/Care_files/interceptor
198.46.94.17404 Not Found 179 B URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/interceptor
IP 198.46.94.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash cce55030d17de7ce56b9249ee06ec29f
9fe3d0385300c0d94ab3bfe0418ecbc4d5c10dae
13797b82fea032924329669eda7aa35ae1bb8380daf4aeb578b05e69cfdca589
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/Care_files/interceptor HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/login.html
HTTP/1.1 404 Not Found
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.spl-notice.com/etisalat/Care_files/hmd.css
198.46.94.17200 OK 8.1 kB URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/hmd.css
IP 198.46.94.17:0
File type ISO-8859 text, with CRLF line terminators
Hash 9d0dd408ff960369f65008807faaf078
d2b350c9165c770ba043df49b034ac2b68e5f292
37d7e5a63768db08cda048022f4b8928a8e650d75e94f809d3d05014296eea57
GET /etisalat/Care_files/hmd.css HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/login.html
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:13 GMT
Content-Type: text/css
Last-Modified: Fri, 27 Sep 2019 15:53:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d8e3072-a338"
Expires: Tue, 11 Oct 2022 10:14:13 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: gzip
www.spl-notice.com/etisalat/Care_files/b2c-routes.js
198.46.94.17200 OK 74 kB URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/b2c-routes.js
IP 198.46.94.17:0
File type ASCII text, with CRLF line terminators
Hash 5afd8fabfbb11722b9cc57e09e18e0b7
e7261d82fc7931a323608add8d674af11262406d
f77f91f7b30a030ee8af5d3741c0494d4d46c33ed3cc12aa163460592f4a47e5
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/Care_files/b2c-routes.js HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/login.html
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:13 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Sep 2019 15:53:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d8e3072-749fd"
Expires: Tue, 11 Oct 2022 10:14:13 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: gzip
www.spl-notice.com/etisalat/Care_files/app.css
198.46.94.17200 OK 290 kB URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/app.css
IP 198.46.94.17:0
File type Unicode text, UTF-8 text, with very long lines (62701), with CRLF line terminators
Size 290 kB (290339 bytes)
Hash f9fe80e89f73823b5300fe07d9531804
031e1880d886e8b28cc1095ae775bb6dd15d2a2e
e14230d74cbf213cfbf34e6b52ad2925328526266bef87bee5299d82878696b0
GET /etisalat/Care_files/app.css HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/login.html
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:13 GMT
Content-Type: text/css
Last-Modified: Fri, 27 Sep 2019 15:53:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d8e3072-1d803d"
Expires: Tue, 11 Oct 2022 10:14:13 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.spl-notice.com/etisalat/Care_files/loading.gif
198.46.94.17200 OK 76 kB URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/loading.gif
IP 198.46.94.17:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash 032bf6d985eb0dfb558fddacf39006c7
c089052df1f20017f7273ef9702620d3e54c0278
af2d8b18228e5de40356984301eba416c02bdb4a9f4a3946e1a157abb3b16d94
GET /etisalat/Care_files/loading.gif HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/login.html
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:14 GMT
Content-Type: image/gif
Content-Length: 75841
Last-Modified: Fri, 27 Sep 2019 15:53:22 GMT
Connection: keep-alive
ETag: "5d8e3072-12841"
Expires: Tue, 11 Oct 2022 10:14:14 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes
www.googletagmanager.com/gtm.js?id=GTM-TSZ46Z
142.250.74.168200 OK 117 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TSZ46Z
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (35218)
Size 117 kB (117374 bytes)
Hash 01889e64c66a9cbc94bfb3d23cedfaa7
6f26ae30653b39c0a85541478afbc9c6ce1cb8ff
1fd3409c21576d2776e9d35d37c79846d827d7afb00e289e7d11755f77e29088
GET /gtm.js?id=GTM-TSZ46Z HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 10:14:14 GMT
expires: Tue, 04 Oct 2022 10:14:14 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 117374
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.spl-notice.com/etisalat/Care_files/CaptchaServlet.txt
198.46.94.17404 Not Found 179 B URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/CaptchaServlet.txt
IP 198.46.94.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash cce55030d17de7ce56b9249ee06ec29f
9fe3d0385300c0d94ab3bfe0418ecbc4d5c10dae
13797b82fea032924329669eda7aa35ae1bb8380daf4aeb578b05e69cfdca589
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/Care_files/CaptchaServlet.txt HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/login.html
HTTP/1.1 404 Not Found
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:14 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.spl-notice.com/etisalat/Care_files/1YwB1sO8YE1Lyjf12WNiUA.woff
198.46.94.17404 Not Found 153 B URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/1YwB1sO8YE1Lyjf12WNiUA.woff
IP 198.46.94.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 841102042dfedb8a9dcc0e6a9966307f
313ea8da3498deebf7f443093638df7501ce60c6
6ad407809dc8e6d079dfbd21823508dffb897b97a27eb8ae43acbea1b7c8df0d
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/Care_files/1YwB1sO8YE1Lyjf12WNiUA.woff HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/Care_files/googlefonts.css
HTTP/1.1 404 Not Found
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:14 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive
Vary: Accept-Encoding
www.spl-notice.com/etisalat/fonts/neotech-regular.woff
198.46.94.17404 Not Found 153 B URL HTTP/1.1 www.spl-notice.com/etisalat/fonts/neotech-regular.woff
IP 198.46.94.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 841102042dfedb8a9dcc0e6a9966307f
313ea8da3498deebf7f443093638df7501ce60c6
6ad407809dc8e6d079dfbd21823508dffb897b97a27eb8ae43acbea1b7c8df0d
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/fonts/neotech-regular.woff HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/Care_files/app.css
HTTP/1.1 404 Not Found
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:14 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive
Vary: Accept-Encoding
www.spl-notice.com/etisalat/Care_files/H2DMvhDLycM56KNuAtbJYA.woff
198.46.94.17404 Not Found 153 B URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/H2DMvhDLycM56KNuAtbJYA.woff
IP 198.46.94.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 841102042dfedb8a9dcc0e6a9966307f
313ea8da3498deebf7f443093638df7501ce60c6
6ad407809dc8e6d079dfbd21823508dffb897b97a27eb8ae43acbea1b7c8df0d
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/Care_files/H2DMvhDLycM56KNuAtbJYA.woff HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/Care_files/googlefonts.css
HTTP/1.1 404 Not Found
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:14 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive
Vary: Accept-Encoding
www.spl-notice.com/etisalat/fonts/ge_ss_two_light.ttf
198.46.94.17404 Not Found 113 B URL HTTP/1.1 www.spl-notice.com/etisalat/fonts/ge_ss_two_light.ttf
IP 198.46.94.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash fa654187ff3fa5d00f447d5c53990518
0c996af2521a1c3fef0a0738dcc9bbd00e6bee1d
2a447af4bd6b0dddf926fcde3f29c0464cddd299ce4bbcffa97804efd6f33693
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/fonts/ge_ss_two_light.ttf HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/Care_files/app.css
HTTP/1.1 404 Not Found
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/1.1 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash 1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 15317
Last-Modified: Tue, 30 Aug 2022 20:19:10 GMT
Cache-Control: no-cache
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Etag: "d4de8398858246712016031c834bb061+gzip+gzip"
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 10:14:14 GMT
X-Served-By: cache-iad-kcgs7200165-IAD, cache-bma1644-BMA
X-Cache: HIT, HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5e89969841b429e3ca44b320d17ea98a
30486a886b793ad5431b73d983d091487e5709c6
2d08365a447343168153cf1178b3b847377c2923bce06d9f6485ad08d3a06d34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4483
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:14 GMT
Last-Modified: Tue, 04 Oct 2022 08:59:31 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 08:41:09 GMT
expires: Tue, 04 Oct 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 5585
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.spl-notice.com/etisalat/Care_files/bframe.html
198.46.94.17200 OK 1.2 kB URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/bframe.html
IP 198.46.94.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a04cf9b4ff547671c6062a5580e5f984
a5c4fae7b3178e3f080d50a430b7797b65b1fb5d
86cff9c4f02968466328fe80bb7de58b349182bf643041eeb2bf378251ea51e8
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/Care_files/bframe.html HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/login.html
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 27 Sep 2019 15:53:24 GMT
X-Proxy-Cache: HIT
Content-Encoding: gzip
www.spl-notice.com/etisalat/Care_files/anchor_data/JBwSXsc__bL1AIIwyKh3QnwBHg7D-WM3_5_AwioMKBk.js
198.46.94.17200 OK 5.5 kB URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/anchor_data/JBwSXsc__bL1AIIwyKh3QnwBHg7D-WM3_5_AwioMKBk.js
IP 198.46.94.17:0
File type ASCII text, with very long lines (12267), with no line terminators
Hash 35e3c7284d93a4d278b2a04aa551be1b
a56f2d58e6762cba8a704066ede2aa370f031410
85879fca6c6c509c575db95efe3fc3da958743201a0cb42aa2a5f8a6e055b536
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/Care_files/anchor_data/JBwSXsc__bL1AIIwyKh3QnwBHg7D-WM3_5_AwioMKBk.js HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/Care_files/anchor.html
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:14 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Sep 2019 15:53:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d8e3072-2feb"
Expires: Tue, 11 Oct 2022 10:14:14 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: gzip
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: EpDYTciqPofIvTa055qkjOkrGpmsuwkXvactWQue0R4P6NRDVO0hJxtXT5ZtD5dVXug00ixH8/Mib04LFr5VRQ==
content-length: 26840
x-fb-trip-id: 1904183273
date: Tue, 04 Oct 2022 10:14:14 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/gtm/optimize.js?id=GTM-T57KNFL
142.250.74.174200 OK 50 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=GTM-T57KNFL
IP 142.250.74.174:0
File type ASCII text, with very long lines (21890)
Hash a33de4f8bb84f81ec956bfc8b77122d6
f03c8b8a833ed21ca24121b9ea4adb8e23e60b97
303d9508464c65213e197ae518c8984aa90174471f5bb81de86c7b6553fe844b
GET /gtm/optimize.js?id=GTM-T57KNFL HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 10:14:14 GMT
expires: Tue, 04 Oct 2022 10:14:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 49725
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5e89969841b429e3ca44b320d17ea98a
30486a886b793ad5431b73d983d091487e5709c6
2d08365a447343168153cf1178b3b847377c2923bce06d9f6485ad08d3a06d34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4483
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:14 GMT
Last-Modified: Tue, 04 Oct 2022 08:59:31 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
9157623.fls.doubleclick.net/activityi;src=9157623;type=remar0;cat=etisa0;ord=9154126433332;gtm=2wg9s0;auiddc=1670828870.1664878454;u1=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html;~oref=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html?
142.250.74.70200 OK 369 B URL HTTP/1.1 9157623.fls.doubleclick.net/activityi;src=9157623;type=remar0;cat=etisa0;ord=9154126433332;gtm=2wg9s0;auiddc=1670828870.1664878454;u1=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html;~oref=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (528), with no line terminators
Hash 6a049034f41b7a25dcaf4b2a2e4ba06f
92db37589878d15d1e2bb06edb295d35c18afc5a
0f07bc573e5080e1cf29356ed5364cb905fe0393565dcf3da0d28ff05fbfb04d
GET /activityi;src=9157623;type=remar0;cat=etisa0;ord=9154126433332;gtm=2wg9s0;auiddc=1670828870.1664878454;u1=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html;~oref=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html? HTTP/1.1
Host: 9157623.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 04 Oct 2022 10:14:14 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 369
X-XSS-Protection: 0
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 3.1 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7751)
Hash 57efbbeb3e1d23c82b677511c67c8b0e
f927ba115ef4be362694c22850ddbdd1c1b054d1
873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=68208
date: Tue, 04 Oct 2022 10:14:14 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/recaptcha__en.js
142.250.74.163404 Not Found 1.6 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/recaptcha__en.js
IP 142.250.74.163:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash b7490d04083b4367d72cfa06c3a0f237
df095435455df237659750f238808e967c7ce370
13cd32d35b43fbac0df38d403f2f7ecefb10e47719bcfbbba510c9445154e975
GET /recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 10:14:14 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 38ea1e4d24ca95b2f1da26f24df03559
bd5d4ca979822e0bc5b3e8d5e4a4617f276057e0
82123bf409adc45c0a830654ad76d954f44e4a8aae01ecebbfe769259096cdf3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4734
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:14 GMT
Last-Modified: Tue, 04 Oct 2022 08:55:21 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
secure.adnxs.com/seg?add=29637970&t=2>mcb=1682284292
185.89.210.90307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=29637970&t=2>mcb=1682284292
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=29637970&t=2>mcb=1682284292 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 04 Oct 2022 10:14:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29637970%26t%3D2%26gtmcb%3D1682284292
AN-X-Request-Uuid: 3add0fdc-c828-4003-9542-1b20bb26e25b
Set-Cookie: uuid2=2763293706329522575; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 02-Jan-2023 10:14:14 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash ea112afcbc5159581c7a2ab15f91d4b8
d4bc73c7ba1db71f58366b3f243b0c1fea9eac7b
56d1f4941f66992387fe5cd926e73414484810726724291a46e19441090933a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5733
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:14 GMT
Last-Modified: Tue, 04 Oct 2022 08:38:41 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash ea112afcbc5159581c7a2ab15f91d4b8
d4bc73c7ba1db71f58366b3f243b0c1fea9eac7b
56d1f4941f66992387fe5cd926e73414484810726724291a46e19441090933a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5733
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:14 GMT
Last-Modified: Tue, 04 Oct 2022 08:38:41 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 312
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
creativecdn.com/tags?type=iframe&id=pr_Wu0DIU5lLy56UZdgqCMM&id=pr_Wu0DIU5lLy56UZdgqCMM_custom_lang_undefined&id=pr_Wu0DIU5lLy56UZdgqCMM_lid_TgFUAF4zotRbw6jaPjdk&su=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&sr=&ts=1664878454215
185.184.8.90302 Found 0 B URL HTTP/2 creativecdn.com/tags?type=iframe&id=pr_Wu0DIU5lLy56UZdgqCMM&id=pr_Wu0DIU5lLy56UZdgqCMM_custom_lang_undefined&id=pr_Wu0DIU5lLy56UZdgqCMM_lid_TgFUAF4zotRbw6jaPjdk&su=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&sr=&ts=1664878454215
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?type=iframe&id=pr_Wu0DIU5lLy56UZdgqCMM&id=pr_Wu0DIU5lLy56UZdgqCMM_custom_lang_undefined&id=pr_Wu0DIU5lLy56UZdgqCMM_lid_TgFUAF4zotRbw6jaPjdk&su=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&sr=&ts=1664878454215 HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 04 Oct 2022 10:14:14 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=yLyMLFI8SjBowsjNrEjX;Path=/;Domain=.creativecdn.com;Expires=Wed, 04-Oct-2023 10:14:14 GMT;Max-Age=31536000;Secure;SameSite=None
ts=1664878454;Path=/;Domain=.creativecdn.com;Expires=Wed, 04-Oct-2023 10:14:14 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://creativecdn.com/tags?type=iframe&id=pr_Wu0DIU5lLy56UZdgqCMM&id=pr_Wu0DIU5lLy56UZdgqCMM_custom_lang_undefined&id=pr_Wu0DIU5lLy56UZdgqCMM_lid_TgFUAF4zotRbw6jaPjdk&su=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&sr=&ts=1664878454215&tc=1
content-length: 0
X-Firefox-Spdy: h2
i.l.inmobicdn.net/helix-cors/custom/js/idspPixel/v4/min.pixel.js
205.185.216.10200 OK 651 B URL HTTP/1.1 i.l.inmobicdn.net/helix-cors/custom/js/idspPixel/v4/min.pixel.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (1187), with no line terminators
Hash c9cb059b770cede9e829b73ae0573569
0598460c0a35f18278dbcf7b02aa95ee9d680d4d
5f6f298a1b1354f37bd68a9b91d5cf9629ff8c8e1686a191864184e3de7b5d20
GET /helix-cors/custom/js/idspPixel/v4/min.pixel.js HTTP/1.1
Host: i.l.inmobicdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 10:14:14 GMT
Connection: Keep-Alive
ETag: "1638450682"
Cache-Control: max-age=76785
Content-Encoding: gzip
Content-Length: 651
Content-Type: application/x-javascript
Last-Modified: Thu, 02 Dec 2021 13:11:22 GMT
Accept-Ranges: bytes
X-HW: 1664878454.dop014.sk1.t,1664878454.cds240.sk1.shn,1664878454.cds240.sk1.c
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
creativecdn.com/tags?type=iframe&id=pr_Wu0DIU5lLy56UZdgqCMM&id=pr_Wu0DIU5lLy56UZdgqCMM_custom_lang_undefined&id=pr_Wu0DIU5lLy56UZdgqCMM_lid_TgFUAF4zotRbw6jaPjdk&su=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&sr=&ts=1664878454215&tc=1
185.184.8.90204 No Content 0 B URL HTTP/2 creativecdn.com/tags?type=iframe&id=pr_Wu0DIU5lLy56UZdgqCMM&id=pr_Wu0DIU5lLy56UZdgqCMM_custom_lang_undefined&id=pr_Wu0DIU5lLy56UZdgqCMM_lid_TgFUAF4zotRbw6jaPjdk&su=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&sr=&ts=1664878454215&tc=1
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?type=iframe&id=pr_Wu0DIU5lLy56UZdgqCMM&id=pr_Wu0DIU5lLy56UZdgqCMM_custom_lang_undefined&id=pr_Wu0DIU5lLy56UZdgqCMM_lid_TgFUAF4zotRbw6jaPjdk&su=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&sr=&ts=1664878454215&tc=1 HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.spl-notice.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=9157623;type=remar0;cat=etisa0;ord=9154126433332;gtm=2wg9s0;auiddc=1670828870.1664878454;u1=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html;~oref=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html
172.217.21.162200 OK 371 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9157623;type=remar0;cat=etisa0;ord=9154126433332;gtm=2wg9s0;auiddc=1670828870.1664878454;u1=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html;~oref=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (527), with no line terminators
Hash 0dfcc68d5d502d5170120476ff49d829
3648c05b9e9433c28ea52a7f703be9748b64f2f7
a3e296bb88efc30b24ab134a8152d53e845d65569858edf4e1fc16c42a1e2f72
GET /ddm/fls/i/src=9157623;type=remar0;cat=etisa0;ord=9154126433332;gtm=2wg9s0;auiddc=1670828870.1664878454;u1=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html;~oref=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9157623.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 10:14:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 371
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13464
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 10:14:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13464
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 10:14:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 44248
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 44300
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 42295
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34f2dfb2faff276db1d4a57739db2450
f5ce815082043a4efce28fc790ae7d8b3a8531f8
e02ea92f0be524ccfe26eee61a77e39a13d852d1ba3696f729e0f61812028667
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5083
x-amzn-requestid: ed99df03-5d15-4e09-9aea-bbf77a705323
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI0HT0IAMFxvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556b-422197147d76caac6e910664;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:35 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pddStyEpwVdYKSAUVcpupnWVPw6ALoYCouHQzixF_vTgXdpVF60ElA==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
age: 43395
etag: "f5ce815082043a4efce28fc790ae7d8b3a8531f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.spl-notice.com/etisalat/Care_files/bframe_data/styles__ltr.css
198.46.94.17200 OK 95 kB URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/bframe_data/styles__ltr.css
IP 198.46.94.17:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 72a474ec197d8624a6bd08f71efc2d48
7d826404ea82e5465b0d5e14477ea3724d5dfc38
915be588ff87bc3be2829410f572cd4cfd442f43052439e1a6efc9cb86c7c5d3
GET /etisalat/Care_files/bframe_data/styles__ltr.css HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/Care_files/anchor.html
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:14 GMT
Content-Type: text/css
Last-Modified: Fri, 27 Sep 2019 15:53:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d8e3072-227e9"
Expires: Tue, 11 Oct 2022 10:14:14 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bec66cf-b911-4eb8-95d6-27e5f2afb6c7.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bec66cf-b911-4eb8-95d6-27e5f2afb6c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash de29d0d95d22e4e246a90feed644baf0
4ac6c5691df804078d5da54233cf4d8e7012f9ca
8e34ad07e098df14f7001d1ee538479de11afa4c255006cb6e8e2207c0e50a47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bec66cf-b911-4eb8-95d6-27e5f2afb6c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 3348b2e8-915a-492b-8241-89c13a21232c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqFlFyyoAMFz_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b56f0-2baf7ac2213c31fc384e8317;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Y1H21zphqs9mIGVYHojfc-nvW35BS3nq4hunM_JmyT9mC100bXlgWw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:46 GMT
age: 44308
etag: "4ac6c5691df804078d5da54233cf4d8e7012f9ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 19881
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=3f0fa6ac-a24c-4e83-85b2-645d7118fdb6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b262fd03-4ac8-43df-81d2-ba2c6d8e60a7&tw_document_href=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv1sh&type=javascript&version=2.3.27
104.244.42.133200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=3f0fa6ac-a24c-4e83-85b2-645d7118fdb6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b262fd03-4ac8-43df-81d2-ba2c6d8e60a7&tw_document_href=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv1sh&type=javascript&version=2.3.27
IP 104.244.42.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=3f0fa6ac-a24c-4e83-85b2-645d7118fdb6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b262fd03-4ac8-43df-81d2-ba2c6d8e60a7&tw_document_href=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv1sh&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 10:14:14 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=567a60b5-0494-42d6-a199-a1d0433fe10f; Max-Age=63072000; Expires=Thu, 03 Oct 2024 10:14:14 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 61fd92185156d428
strict-transport-security: max-age=0
x-response-time: 103
x-connection-hash: 0a9dfd2735b59ed3194605b5427fa4cc8e3c45fbddab0af43a15d48f0e551a71
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=98af3560-5121-4314-a1ab-59c3e687bdcc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b262fd03-4ac8-43df-81d2-ba2c6d8e60a7&tw_document_href=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv1sh&type=javascript&version=2.3.27
104.244.42.133200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=98af3560-5121-4314-a1ab-59c3e687bdcc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b262fd03-4ac8-43df-81d2-ba2c6d8e60a7&tw_document_href=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv1sh&type=javascript&version=2.3.27
IP 104.244.42.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=98af3560-5121-4314-a1ab-59c3e687bdcc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b262fd03-4ac8-43df-81d2-ba2c6d8e60a7&tw_document_href=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv1sh&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 10:14:14 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=794de841-4b0e-4bce-92b6-5a2309669a57; Max-Age=63072000; Expires=Thu, 03 Oct 2024 10:14:14 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 0d8ccd7f84067780
strict-transport-security: max-age=0
x-response-time: 109
x-connection-hash: 0a9dfd2735b59ed3194605b5427fa4cc8e3c45fbddab0af43a15d48f0e551a71
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/i18n/pixel/config.js?sdkid=C5NC3CLQ5ECR7VU42P60&hostname=www.spl-notice.com
23.36.79.17200 OK 347 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/config.js?sdkid=C5NC3CLQ5ECR7VU42P60&hostname=www.spl-notice.com
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 448614da126fefc770fc81ca233ceb1a
2587a06dea65fffaa97ee64d065e07006c6e440a
0fe7ab9bb7d80934fa4996ffaef3b70b0b69fdf3afe0018d2664d9f0917c0d0f
GET /i18n/pixel/config.js?sdkid=C5NC3CLQ5ECR7VU42P60&hostname=www.spl-notice.com HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202210041014155D09FD8C6387352DBC1C
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e8c506f4be95b24ce7718600a3aa3d00d0d104c5a49fc972dbd30a1f8c9fdc5e0a3b6fca89f4e682d8206e1654305b24d
content-encoding: gzip
expires: Tue, 04 Oct 2022 10:14:15 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 04 Oct 2022 10:14:15 GMT
content-length: 347
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
set-cookie: _ttp=2FfLzggDklmdeVfTJQVMkIIS4qS; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=102
x-origin-response-time: 102,23.36.79.13
x-akamai-request-id: 5b96d0f9
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.spl-notice.com/etisalat/Care_files/recaptcha__en.js
198.46.94.17200 OK 102 kB URL HTTP/1.1 www.spl-notice.com/etisalat/Care_files/recaptcha__en.js
IP 198.46.94.17:0
File type ASCII text, with very long lines (538)
Size 102 kB (101913 bytes)
Hash ddc0ddeeb878f6f58fdbff16def83f1d
c8ca88c75baf6cd1f777ce3eb0d2644107bf0576
83c13f1008d5805c8ba63e1dad794dc852c0b7e5ed2bcbd793beeb7f82ee7336
Analyzer Verdict Alert fortinet Phishing
GET /etisalat/Care_files/recaptcha__en.js HTTP/1.1
Host: www.spl-notice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/etisalat/Care_files/anchor.html
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 04 Oct 2022 10:14:14 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Sep 2019 15:53:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d8e3072-418bd"
Expires: Tue, 11 Oct 2022 10:14:14 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: gzip
analytics.tiktok.com/api/v2/pixel
23.36.79.17200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 748
Origin: http://www.spl-notice.com
Connection: keep-alive
Referer: http://www.spl-notice.com/
Cookie: _ttp=2FfLzggDklmdeVfTJQVMkIIS4qS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221004101415F7289F2EA01E3634B4B2
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60a2a61edc672d2b1437a8f456e7c356f1d42305947662ff38448a426761e1b856fb554c2a9e99c60710493c3c933dfbcd41f43bf8df513ea3042bdedcb459aee4f6936da50d34a7eea03afcdf95ec2041
x-origin-response-time: 14,23.32.16.68
x-akamai-request-id: 82bd4e4.5b96d30c
expires: Tue, 04 Oct 2022 10:14:15 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 04 Oct 2022 10:14:15 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_MISS from a23-32-16-68.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=14, inner; dur=11
x-parent-response-time: 109,23.36.79.13
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/identify.js
23.36.79.17200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/identify.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash b4d265ec7a3a069689f1f19a41d8d30a
0f5f6ba9bbae62bc566a9dfac418b17e94c8073b
4fd8657122792d1b41c49b820904e0e2526a588519c2f672566451eefd721ac1
GET /i18n/pixel/identify.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221004101415099E578C22DF7F2D201C
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e85b28326866efd84ae04897ed66abbc6b75fd908c827149342c8e0a0a539384a9a670293ada26e0ad56a701068954675
content-encoding: gzip
expires: Tue, 04 Oct 2022 10:14:15 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 04 Oct 2022 10:14:15 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=109
x-origin-response-time: 109,23.36.79.13
x-akamai-request-id: 5b96d0ab
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
188.125.94.206200 OK 5.9 kB IP 188.125.94.206:0
File type ASCII text, with very long lines (16553), with no line terminators
Hash 2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PvY6Lho9a83e75x/bU//rPoYY1CC3LhMvkC9T4o6vMErUBbZSm8UipBZokUnkLGgwhVsqEDqt4k=
x-amz-request-id: P5WP0X6BC0K301D0
date: Tue, 04 Oct 2022 10:13:30 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 46
content-length: 5929
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29637970%26t%3D2%26gtmcb%3D1682284292
185.89.210.90200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29637970%26t%3D2%26gtmcb%3D1682284292
IP 185.89.210.90:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D29637970%26t%3D2%26gtmcb%3D1682284292 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.spl-notice.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 04 Oct 2022 10:14:15 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 8f0b7962-a814-45c7-8672-4f6f470a6d20
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Ilkr]wgL!]tbP6j2F-XstGt!@Dlo$r>81; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 02-Jan-2023 10:14:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BPWBRZB9JK&cid=504997097.1664878454>m=2oe9s0&aip=1&z=11642532
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BPWBRZB9JK&cid=504997097.1664878454>m=2oe9s0&aip=1&z=11642532
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BPWBRZB9JK&cid=504997097.1664878454>m=2oe9s0&aip=1&z=11642532 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 10:14:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=050302285AC26FE81BB0101B5B956EFC; domain=.bing.com; expires=Sun, 29-Oct-2023 10:14:15 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 54634CD21C6A4B948355E6DA005068EA Ref B: OSL30EDGE0310 Ref C: 2022-10-04T10:14:15Z
date: Tue, 04 Oct 2022 10:14:15 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 57571803fbcccf1d8d3f64d1d59ad3be
9309dbdac73523157341a8aacafa931a8c7306f7
2cfc4c813b7ac4d3e9ac437fdac58c0c1f86ee330accc220be070996bdfe5e2e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2110
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:15 GMT
Last-Modified: Tue, 04 Oct 2022 09:39:05 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 904a0d87402d9eecfec00481cdb28d62
6b37e41d4321718433996e4c1f4eed2f8f1727fc
e0884556a581a67e0e212887e97ca7f4438ef644fea7a0efd10175902f5e77e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2507
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:15 GMT
Last-Modified: Tue, 04 Oct 2022 09:32:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314
googleads.g.doubleclick.net/pagead/viewthroughconversion/900746231/?random=1664878454362&cv=9&fst=1664878454362&num=1&label=ofteCKzz4GYQ95fBrQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&auid=1670828870.1664878454&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/900746231/?random=1664878454362&cv=9&fst=1664878454362&num=1&label=ofteCKzz4GYQ95fBrQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&auid=1670828870.1664878454&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2331), with no line terminators
Hash 3fa7be803a9eb1f39f80d64363940ffe
e390bc20558451dac696db1ba7e4381b6e9ac4fe
7b4e3275b83037d5206e0c4b8205191c1a9b64991e7089a904697d828771c821
GET /pagead/viewthroughconversion/900746231/?random=1664878454362&cv=9&fst=1664878454362&num=1&label=ofteCKzz4GYQ95fBrQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&auid=1670828870.1664878454&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 10:14:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1080
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Oct-2022 10:29:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-76519932-1&cid=504997097.1664878454&jid=1036551384&gjid=870495960&_gid=306389426.1664878454&_u=aGDAgEADQAAAAEAAI~&z=1655824491
74.125.131.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-76519932-1&cid=504997097.1664878454&jid=1036551384&gjid=870495960&_gid=306389426.1664878454&_u=aGDAgEADQAAAAEAAI~&z=1655824491
IP 74.125.131.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-76519932-1&cid=504997097.1664878454&jid=1036551384&gjid=870495960&_gid=306389426.1664878454&_u=aGDAgEADQAAAAEAAI~&z=1655824491 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.spl-notice.com
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.spl-notice.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 10:14:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/900746231/?random=1664878454364&cv=9&fst=1664878454364&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&auid=1670828870.1664878454&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/900746231/?random=1664878454364&cv=9&fst=1664878454364&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&auid=1670828870.1664878454&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2242), with no line terminators
Hash e7ef46c58298df3bdcce4ca0cafa4c8d
237bbd340e7383f3f9708c1eed1bc639523748a1
dc222314452248a49f6e7adaa2875c1db2cd0c3520943fc78b59d233f057fa07
GET /pagead/viewthroughconversion/900746231/?random=1664878454364&cv=9&fst=1664878454364&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&auid=1670828870.1664878454&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 10:14:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1030
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Oct-2022 10:29:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/bg/JBwSXsc__bL1AIIwyKh3QnwBHg7D-WM3_5_AwioMKBk.js
142.250.74.164200 OK 5.3 kB URL HTTP/1.1 www.google.com/js/bg/JBwSXsc__bL1AIIwyKh3QnwBHg7D-WM3_5_AwioMKBk.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (12267), with no line terminators
Hash ac29b12ed0c9fd43246eb54f153d01cd
9ee7f00622c5c445371a33e24a4a5ca68041712c
dcda8c5625df767c55436f2f9db45ed9c9b58057007175e1c7a5e915fd145bdc
GET /js/bg/JBwSXsc__bL1AIIwyKh3QnwBHg7D-WM3_5_AwioMKBk.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spl-notice.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Length: 5282
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 29 Sep 2022 11:19:49 GMT
Expires: Fri, 29 Sep 2023 11:19:49 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 17 Sep 2019 16:00:00 GMT
Content-Type: text/javascript
Age: 428066
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 57571803fbcccf1d8d3f64d1d59ad3be
9309dbdac73523157341a8aacafa931a8c7306f7
2cfc4c813b7ac4d3e9ac437fdac58c0c1f86ee330accc220be070996bdfe5e2e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2110
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:15 GMT
Last-Modified: Tue, 04 Oct 2022 09:39:05 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313
googleads.g.doubleclick.net/pagead/viewthroughconversion/743986920/?random=1664878454366&cv=9&fst=1664878454366&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&auid=1670828870.1664878454&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/743986920/?random=1664878454366&cv=9&fst=1664878454366&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&auid=1670828870.1664878454&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2242), with no line terminators
Hash 720399afa4a232bd32963ee271a8fe01
0c0da87820b09a0e72dacad3771fb70d8a40193c
1617f88b24383f38e2660e258b67a3ca357aa9aca5f630c07f5060e612e38798
GET /pagead/viewthroughconversion/743986920/?random=1664878454366&cv=9&fst=1664878454366&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&auid=1670828870.1664878454&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 10:14:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1032
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Oct-2022 10:29:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5aa6118ac8308288d21744b863e581c7
c60ff431fab303691622edbf3cb4977b231c3c5b
4ed957d024c0ff27187e0c0b47c3788e90250ec1d4b4e7b3f0e5f5ce8d6cee76
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2955
Cache-Control: max-age=123848
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:15 GMT
Etag: "633b3cb4-1d7"
Expires: Wed, 05 Oct 2022 20:38:23 GMT
Last-Modified: Mon, 03 Oct 2022 19:49:08 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NC3CLQ5ECR7VU42P60&lib=ttq
23.36.79.17200 OK 37 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NC3CLQ5ECR7VU42P60&lib=ttq
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 1423a3b847b924e0eee72a8550c0586b
91f0705f31a87256ef5ca8d9242e54472f50f729
3dde5a27f6edd3e79d86dacbe40e162b630ce6e67c228b00f4e9d6bf3e13eda0
GET /i18n/pixel/events.js?sdkid=C5NC3CLQ5ECR7VU42P60&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221004101414DF74308D057C5D2352BA
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60a2a61edc672d2b1437a8f456e7c356f1371ba03a3a16e02e0500e9f8fc015f0f870e1e7270cfcee751937f44527def9c158121386c413945982e041b400ffb847f1a8f7cfd8c009212e443f1d8087c05
content-encoding: gzip
x-origin-response-time: 7,23.32.16.92
x-akamai-request-id: 21d54e6f.5b96cde0
expires: Tue, 04 Oct 2022 10:14:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 04 Oct 2022 10:14:14 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-32-16-92.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=7, inner; dur=3
x-parent-response-time: 106,23.36.79.13
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=98af3560-5121-4314-a1ab-59c3e687bdcc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b262fd03-4ac8-43df-81d2-ba2c6d8e60a7&tw_document_href=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv1sh&type=javascript&version=2.3.27
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=98af3560-5121-4314-a1ab-59c3e687bdcc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b262fd03-4ac8-43df-81d2-ba2c6d8e60a7&tw_document_href=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv1sh&type=javascript&version=2.3.27
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=98af3560-5121-4314-a1ab-59c3e687bdcc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b262fd03-4ac8-43df-81d2-ba2c6d8e60a7&tw_document_href=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv1sh&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 10:14:15 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_qEYM9zM7Tv+7OA8Lri+CeQ=="; Max-Age=63072000; Expires=Thu, 03 Oct 2024 10:14:15 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 19be5431094809c3
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: c24f0906ef253acc4ddb2678568ef3a5678b8666277e39c6eb370e73263dc530
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 281 B IP 172.64.155.188:0
Hash f5705f09ae6e32d96ae50881bf2812ba
72d4ce90bb5c77ecd3849d6c64d5deec5e30aa03
5229e0e37c791347261d59e51539a66afea742b694bed01b03f6f475f9aa31ed
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 10:14:15 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 23:56:29 GMT
Expires: Mon, 10 Oct 2022 23:56:28 GMT
Etag: "72d4ce90bb5c77ecd3849d6c64d5deec5e30aa03"
Cache-Control: max-age=567132,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754d26494d90b4f3-OSL
region1.analytics.google.com/g/collect?v=2&tid=G-BPWBRZB9JK>m=2oe9s0&_p=1686919240&_gaz=1&cid=504997097.1664878454&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664878454&sct=1&seg=0&dl=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&dt=My%20Etisalat%20-%20Self%20Care&en=page_view&_fv=2&_ss=2
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-BPWBRZB9JK>m=2oe9s0&_p=1686919240&_gaz=1&cid=504997097.1664878454&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664878454&sct=1&seg=0&dl=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&dt=My%20Etisalat%20-%20Self%20Care&en=page_view&_fv=2&_ss=2
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-BPWBRZB9JK>m=2oe9s0&_p=1686919240&_gaz=1&cid=504997097.1664878454&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664878454&sct=1&seg=0&dl=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&dt=My%20Etisalat%20-%20Self%20Care&en=page_view&_fv=2&_ss=2 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.spl-notice.com
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://www.spl-notice.com
date: Tue, 04 Oct 2022 10:14:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.etisalat.ae/b2c/assets/favicon.ico
213.42.214.53200 OK 3.0 kB URL HTTP/1.1 www.etisalat.ae/b2c/assets/favicon.ico
IP 213.42.214.53:0
ASN #5384 Emirates Telecommunications Corporation
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 922df61e6ec27d89f0cc50b994e54a21
0aa5d55d50e5eff1ed68b9bfeaa43eff63f956de
98dc25b93b32e18c525a5ed35597bd6e89ded9265e36f9c1c102fa41e4962f45
GET /b2c/assets/favicon.ico HTTP/1.1
Host: www.etisalat.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 10:14:15 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
Expires: 0
Last-Modified: Mon, 27 Jun 2022 12:59:12 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Channel, kiosk-id, transactionId
X-Content-Type-Options: nosniff, nosniff
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block, 1; mode=block
Access-Control-Max-Age: 1
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors *;
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/x-icon
Set-Cookie: CMS-cookie=!domIeC6g6+wYGU+IOdgM8uplIfjDqHlZGGibbFsrzIsUgBFoNVYc9gsZXNFHB0yPwQX47NqTXPZrbJM=; path=/; Httponly; Secure
TS0196bc3e=012b7f183c2c6ee49b6e414199d8d8f0b5982adc400a0b40e852151d308288ae490141abf3ea96c2b82f6e86a98c3f298fe08982be; Path=/
Transfer-Encoding: chunked
bat.bing.com/p/action/52018639.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/52018639.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/52018639.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=308F394E74A66DD10FB52B7D75F16C64; domain=.bing.com; expires=Sun, 29-Oct-2023 10:14:15 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 62BBC2036F0F4CBFACC0E45D9F6B548E Ref B: OSL30EDGE0310 Ref C: 2022-10-04T10:14:15Z
date: Tue, 04 Oct 2022 10:14:15 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 4e5b1c18b41c244135794b09f34ef8c0
954b38d1eca6896a15c88cae2ebd5b791d32cc91
459d21039ffbad3ea5274c2d0df28e4b684bcbc6c306b0ae7d977aa782b8dffe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1677
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:15 GMT
Last-Modified: Tue, 04 Oct 2022 09:46:18 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314
bat.bing.com/action/0?ti=52018639&tm=gtm002&Ver=2&mid=f6c0036e-b13b-4c32-9323-e36b42b95586&sid=4c834a8043cd11edbe5dcd25c86a9862&vid=4c834d1043cd11ed811871ed85786ab8&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=My%20Etisalat%20-%20Self%20Care&p=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&r=<=2405&evt=pageLoad&sv=1&rn=862737
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=52018639&tm=gtm002&Ver=2&mid=f6c0036e-b13b-4c32-9323-e36b42b95586&sid=4c834a8043cd11edbe5dcd25c86a9862&vid=4c834d1043cd11ed811871ed85786ab8&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=My%20Etisalat%20-%20Self%20Care&p=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&r=<=2405&evt=pageLoad&sv=1&rn=862737
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=52018639&tm=gtm002&Ver=2&mid=f6c0036e-b13b-4c32-9323-e36b42b95586&sid=4c834a8043cd11edbe5dcd25c86a9862&vid=4c834d1043cd11ed811871ed85786ab8&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=My%20Etisalat%20-%20Self%20Care&p=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&r=<=2405&evt=pageLoad&sv=1&rn=862737 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1394CC3B82AA677A3905DE0883FD666E; domain=.bing.com; expires=Sun, 29-Oct-2023 10:14:15 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 886F4FABD59849B0A3D577CE29A2A46D Ref B: OSL30EDGE0310 Ref C: 2022-10-04T10:14:15Z
date: Tue, 04 Oct 2022 10:14:15 GMT
X-Firefox-Spdy: h2
tags.bkrtx.com/js/bk-coretag.js
23.13.254.202200 OK 16 kB URL HTTP/2 tags.bkrtx.com/js/bk-coretag.js
IP 23.13.254.202:0
File type ASCII text, with very long lines (42581)
Hash 1d6730c68cb783c9b157fece2471f7b7
9c176c938a3567b446e02ccf1f919bf5bbccc921
32098d2ec6839522764c3c6c83b8427d8dca6bd041118e367b0ea6c7e1f05375
GET /js/bk-coretag.js HTTP/1.1
Host: tags.bkrtx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.spl-notice.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 21 May 2021 19:14:21 GMT
etag: W/"60a8068d-cbc2"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 16078
cache-control: max-age=604800
expires: Tue, 11 Oct 2022 10:14:15 GMT
date: Tue, 04 Oct 2022 10:14:15 GMT
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=www.spl-notice.com&origin=onetag
178.250.0.157200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=www.spl-notice.com&origin=onetag
IP 178.250.0.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 2d6c9cb74a2e7e2efed0176fc9c6ddea
b536921e1985366e04649be98d9afc87265d4dba
e1512d6717d1a9a5f45849de664e45c6ef0d0cae55029e5a62b0ab3cdb279bc2
GET /syncframe?topUrl=www.spl-notice.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 10:14:14 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=785ff74a-41a7-4567-93e3-2ad9680cf4f8; expires=Sun, 29 Oct 2023 10:14:14 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 662786
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash e433fcb50acece9e71308bea3cae2176
2c0f6555dac211dede365146a74683d1e9dfd861
f857ceb2aa56ca52b06507625e2e52a4b27ff34f21fdd32a20048e9abf9a66b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 477
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:15 GMT
Last-Modified: Tue, 04 Oct 2022 10:06:18 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash e433fcb50acece9e71308bea3cae2176
2c0f6555dac211dede365146a74683d1e9dfd861
f857ceb2aa56ca52b06507625e2e52a4b27ff34f21fdd32a20048e9abf9a66b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6420
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 10:14:15 GMT
Last-Modified: Tue, 04 Oct 2022 08:27:15 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314
www.facebook.com/tr/?id=905934456228039&ev=PageView&dl=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&rl=&if=false&ts=1664878455227&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664878455226.24404601&it=1664878454277&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=905934456228039&ev=PageView&dl=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&rl=&if=false&ts=1664878455227&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664878455226.24404601&it=1664878454277&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=905934456228039&ev=PageView&dl=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&rl=&if=false&ts=1664878455227&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664878455226.24404601&it=1664878454277&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 04 Oct 2022 10:14:15 GMT
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=988171&time=1664878454753&url=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tm=gtmv2
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=988171&time=1664878454753&url=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tm=gtmv2
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=988171&time=1664878454753&url=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tm=gtmv2 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D988171%26time%3D1664878454753%26url%3Dhttp%253A%252F%252Fwww.spl-notice.com%252Fetisalat%252Flogin.html%26tm%3Dgtmv2%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJQIIkFYjbABAAAAYOifSuYmtbAp0DiGg1KcaVLhZMRqXm2CSmYolWQrRmlJNcwpqcGWfrQ24DK4A; Max-Age=2592000; Expires=Thu, 03 Nov 2022 10:14:15 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQL5GQHDsnCb7AAAAYOifSuYP5WudYox3qdeSUSPy8mJJw9TsbCEqCg1f5DcMcLurabMQnS4UJFfskmFEGN7mg; Max-Age=2592000; Expires=Thu, 03 Nov 2022 10:14:15 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&2864edba-02aa-4cf5-831a-8c2e72986ce0"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 04-Oct-2023 10:14:15 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2397:u=1:x=1:i=1664878455:t=1664964855:v=2:sig=AQGXklMN88y1dezezX4Hctyznx5t453l"; Expires=Wed, 05 Oct 2022 10:14:15 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXqMrjyJFxuXcO0wdP+Zg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 0BC3B297A28A4C8C9D7E9CFE5A0C4EB7 Ref B: OSL30EDGE0319 Ref C: 2022-10-04T10:14:15Z
date: Tue, 04 Oct 2022 10:14:14 GMT
content-length: 0
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.90200 OK 361 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.90:0
File type JSON data\012- , ASCII text, with very long lines (409), with no line terminators
Hash 3572bf52ccfecf79032d09c0011ec02b
dc736afbb71e5cc6bdee8807b1e80bf4d0b4aa08
88ee728d42ce3262cd2b9471f1f8242498db221ee1f97976333fc4fd70f6008a
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 10:14:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 115248
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D988171%26time%3D1664878454753%26url%3Dhttp%253A%252F%252Fwww.spl-notice.com%252Fetisalat%252Flogin.html%26tm%3Dgtmv2%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D988171%26time%3D1664878454753%26url%3Dhttp%253A%252F%252Fwww.spl-notice.com%252Fetisalat%252Flogin.html%26tm%3Dgtmv2%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D988171%26time%3D1664878454753%26url%3Dhttp%253A%252F%252Fwww.spl-notice.com%252Fetisalat%252Flogin.html%26tm%3Dgtmv2%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.spl-notice.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=988171&time=1664878454753&url=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&tm=gtmv2&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&b6c8f852-444e-4043-83c3-8a22b8123e73"; Domain=.linkedin.com; Expires=Wed, 04-Oct-2023 10:14:15 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221004101415f6bb1738-51f3-4294-8cf8-4db1488c7be2AQF9HuBpZD99m48tALDyv-_9DTy31CEx"; Domain=.www.linkedin.com; Expires=Wed, 04-Oct-2023 10:14:15 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjQ4Nzg0NTU7MjswMjG0IPUB4BGRXVMa6BZB6sMYD573ugaAY3PM61GSmlM5dw==; Domain=.linkedin.com; Expires=Sun, 02 Apr 2023 10:14:15 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2354:u=1:x=1:i=1664878455:t=1664964855:v=2:sig=AQEZ7joLDZrFVTwOKr9UaBkMAddbIMnb"; Expires=Wed, 05 Oct 2022 10:14:15 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXqMrj091AGGUMZOR2B3g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 670841E3FAAD4768BB25B3566F05BC1E Ref B: OSL30EDGE0319 Ref C: 2022-10-04T10:14:15Z
date: Tue, 04 Oct 2022 10:14:15 GMT
content-length: 0
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10086711.json
188.125.94.206200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10086711.json
IP 188.125.94.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10086711.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.spl-notice.com
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: Q8BNKW6B2P581JXM
x-amz-id-2: hzLG7a1QmUsta4opTTV3CGPrCtwKC0h94VPRnmZLeXNuIhYV0anz/MFNwL2jWKgkjeaVeGFWKLc=
content-type: application/json
date: Tue, 04 Oct 2022 10:14:15 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-encoding: gzip
content-length: 22
age: 2
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 86 kB IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (64360)
Hash 7daa4e0029e69d5a18f9c76bce0ea6fa
ffa7189194f4d278cb2e58d230a08883858d9d25
734d9cb6cdf6e63d6a1f0f26f53b8355e4b4b2778486ca582258273693a6e8f4
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=_m9HCF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czc1TUNMQWtQajFHSm9xQ2MlMkZ2aXQxUHBFOVB6cVpUUXg0cUNGMjc4WW5NbA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 10:14:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=qzy15180M0RITmhlJTJCZkMwOUJGQlhaMUN2czc1TUNMQWtQajFHSm9xQ2MlMkZ2aXQxTTBBV3lDRFFYeiUyRkhRV1E3YURpSEFQ; expires=Sun, 29 Oct 2023 10:14:15 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 331303
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2004%20Oct%202022%2010%3A14%3A15%20GMT&n=0&b=My%20Etisalat%20-%20Self%20Care&.yp=10086711&f=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2004%20Oct%202022%2010%3A14%3A15%20GMT&n=0&b=My%20Etisalat%20-%20Self%20Care&.yp=10086711&f=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Tue%2C%2004%20Oct%202022%2010%3A14%3A15%20GMT&n=0&b=My%20Etisalat%20-%20Self%20Care&.yp=10086711&f=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 10:14:16 GMT
expires: Tue, 04 Oct 2022 10:14:16 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBHgHPGMCEOpb1pblSCAKOM4OtqHke6cFEgEBAQFYPWNFYwAAAAAA_eMAAA&S=AQAAAkrh-kbvPBtKKw0jYPg5BRc; Expires=Wed, 4 Oct 2023 16:14:16 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
stags.bluekai.com/site/75460?ret=html&phint=PC_ProductName&phint=PC_Price&phint=PC_ProductCategory&phint=PC_ProductBrand&phint=PC_ProductID&phint=AddCart_ProductName&phint=AddCart_ProductCategory&phint=AddCart_ProductPrice&phint=AddCart_ProductBrand&phint=AddCart_ProductID&phint=Phone_hash&phint=__bk_t%3DMy%20Etisalat%20-%20Self%20Care&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&phint=__bk_v%3D3.1.10&limit=4&r=34144393
23.38.201.22200 OK 71 B URL HTTP/2 stags.bluekai.com/site/75460?ret=html&phint=PC_ProductName&phint=PC_Price&phint=PC_ProductCategory&phint=PC_ProductBrand&phint=PC_ProductID&phint=AddCart_ProductName&phint=AddCart_ProductCategory&phint=AddCart_ProductPrice&phint=AddCart_ProductBrand&phint=AddCart_ProductID&phint=Phone_hash&phint=__bk_t%3DMy%20Etisalat%20-%20Self%20Care&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&phint=__bk_v%3D3.1.10&limit=4&r=34144393
IP 23.38.201.22:0
File type HTML document text\012- HTML document, ASCII text
Hash 988428fdc0079b85e995b96b0ed4b565
27aece4f871a936951d17de604853cddc9bfb5ec
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
GET /site/75460?ret=html&phint=PC_ProductName&phint=PC_Price&phint=PC_ProductCategory&phint=PC_ProductBrand&phint=PC_ProductID&phint=AddCart_ProductName&phint=AddCart_ProductCategory&phint=AddCart_ProductPrice&phint=AddCart_ProductBrand&phint=AddCart_ProductID&phint=Phone_hash&phint=__bk_t%3DMy%20Etisalat%20-%20Self%20Care&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&phint=__bk_v%3D3.1.10&limit=4&r=34144393 HTTP/1.1
Host: stags.bluekai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 71
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
cache-control: max-age=0, no-cache, no-store
bk-server: 4373
date: Tue, 04 Oct 2022 10:14:16 GMT
X-Firefox-Spdy: h2
advertiser.inmobiapis.com/tpce/v1/events/pixel?impId=&advId=be74c68eaf2f4481a2c389f9ca07dae8&bUrl=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&ckId=46489c77-3c31-4a83-9f92-a535d5551b99&eventTime=1664878454438
52.224.142.56200 OK 0 B URL HTTP/2 advertiser.inmobiapis.com/tpce/v1/events/pixel?impId=&advId=be74c68eaf2f4481a2c389f9ca07dae8&bUrl=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&ckId=46489c77-3c31-4a83-9f92-a535d5551b99&eventTime=1664878454438
IP 52.224.142.56:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tpce/v1/events/pixel?impId=&advId=be74c68eaf2f4481a2c389f9ca07dae8&bUrl=http%3A%2F%2Fwww.spl-notice.com%2Fetisalat%2Flogin.html&ckId=46489c77-3c31-4a83-9f92-a535d5551b99&eventTime=1664878454438 HTTP/1.1
Host: advertiser.inmobiapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 10:14:15 GMT
content-type: application/json
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.82200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.82:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 10:14:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 80219
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-1432586.js?sv=7
143.204.55.37200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1432586.js?sv=7
IP 143.204.55.37:0
GET /c/hotjar-1432586.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 04 Oct 2022 10:14:06 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/2c52b2de41aac9c5533d249b1eac13fc
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bmudXlCxIIXaYFt1_vUyXJ2O-SpuZ28QxcKSQ-w5MSjBUNA4CuOxSw==
age: 8
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=39527
178.250.2.140200 OK 0 B URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=39527
IP 178.250.2.140:0
GET /js/ld/ld.js?a=39527 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spl-notice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 10:14:14 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2