r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8467
Expires: Wed, 28 Sep 2022 04:04:06 GMT
Date: Wed, 28 Sep 2022 01:42:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 01:15:37 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _4hzKzJu3781bO---v2BHSiuvW__p7k1dq-_uNmn4HytofDDmn43og==
Age: 1642
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KYTD7El1qgJHrX42o9XSSLdQ-MRH9eYeBw9ZwgXI540960f2TPnspQ==
age: 58726
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 01:42:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/flipclock.css
188.114.97.1200 OK 1.4 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/flipclock.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (7726), with no line terminators
Hash 0dc87eeac215cd6aaf25d722d2e5888f
890688e3a41b20ad25249c8367f45273764c7757
a6ef0d00ef3be3df2a3d6d378418b501afca9238433e61420c1d3947cfb69e0c
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/flipclock.css HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:42:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-1e2e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BI%2BtGJ%2FO1ENsdNWdT3R2heIgNdxrT17Hol7bILaYdKY2jx64mW6gE7ycY%2B1jal%2FXVDXzZ34Lf6CNHYLWGJCByXOS4pvr%2F6okYx0ueeLMXCkSm2KgMJh71H8ytBKNo%2BAxaOQrPRU2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c91ea824b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/intlTelInput.css
188.114.97.1200 OK 3.1 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/intlTelInput.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (21119), with no line terminators
Hash 86ffe28459f65fe5ee3fa41187de1ef0
54b79fc47cd6e28db115204834c99aec6333c30f
cbbc17461b4b2f8db91309930fa34e02f9eb0e6507591d637043e740d9f75460
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/intlTelInput.css HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:42:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-527f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtpR6y4P5KcAh%2FtXZbxCHbA1dlJbUi%2FDFRYTs6XRzKuCTSEgaFF%2BVHvMtAD88jb4NHH5mGvKl8P5eFjC65An7%2BgI7MwIeEzOQXxxQk47aQkGCX7fhXg49jH1LOPdUZ105G9clGCj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c91ea8250b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:42:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/fontawesome-all.css
188.114.97.1200 OK 8.0 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/fontawesome-all.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (36418)
Hash 978d75e233a00b4120ca7baa4386d8da
abfb675c0c0a29b7693afb6fca159574d508a99c
d484bab8328188f777557840f8223809c346f98e27add8079f339803b03f0756
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/fontawesome-all.css HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:42:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-8ef7"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcPnpgdZR4DjFuFDdqI%2BxRBE4W44Wq29gHzmPG67ZBpzSQpsx0RfeTO9UYA%2BYuuQ71DrtuFVzIcXZjdsR09BPv78zci7DB%2FeG1XlrZKUueLGgzChcMD25dLROyIjf4qxf64yvqqG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c91e981fb518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/css.txt
188.114.97.1200 OK 1.6 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/css.txt
IP 188.114.97.1:0
Hash 368d9e823e5cc9bd830ce90d728b040e
cba915ac6238228839aed2294746ac594f133c75
ac8ab2a3d450627c0a3e3ddf7d3d307f25b227d72d014563b54baa4d055a432d
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/css.txt HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:42:59 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-98a7"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKMLglyepGgcwDB2BXIIO7JRetPhu9UsOo9IVxmvaNfXn%2BtTsKXhR5PCh1vB5doimz8uaLa2he8J9smqGxMrInPWdQqmczAnqqvow6avIbJbSobbbqx9AA9rCMpwCB1xzmxKzUrj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c91ea96eb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.googletagmanager.com/gtag/js?id=UA-22484186-3
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP 142.250.74.72:0
File type ASCII text, with very long lines (2039)
Hash 7349bdc9dcaf60a63b6900e790f53271
45c51f60964ebf0e67c62047f2d8a481302b339b
a08ca504de5e77ea7e340ddc8fb53a6284be74bd2854645baf6b1ed58358f223
GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 01:42:59 GMT
expires: Wed, 28 Sep 2022 01:42:59 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42345
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
188.114.97.1200 OK 794 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (46071), with CRLF line terminators
Size 794 kB (793823 bytes)
Hash 15fbf80c24003bd2d0d6a9c984f809f0
cde7ddb0669df17a0805490e585ff5e18c631c57
136744936e55481642e600b42a0ffa33429ba3a5e8e24c5c0f5e2cc81afb2635
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:42:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2B5LM7kH%2BMKG%2F0T37z%2FxNYQ4qp5cf4x9WdAyW0Zhgqh2vSTD%2FGT5Wo43sbSdXoCkWjSRzKvlZnaSoSbSS6yS8%2FFAnU%2Bp1oRudwylsLJL%2Frz6hJvPNZAsfcx0MHI3sxTXyIhVOceg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c91ceeb6b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/bootstrap.css
188.114.97.1200 OK 20 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/bootstrap.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (65371)
Hash 821b5b99fd4aa2f0d3c0402208ce49c7
6ec0325f301f9b920fb2eca016506925558e69d9
9a494b3e8cf9307f56d63c2811d1ded2fbb4ec2a6ac5fce1cf621e6681140a68
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/bootstrap.css HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:42:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-1d943"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TUJuivz6glN5AOqXvzwDVPqprhOG1IFEkS2tMGBKoSR7dniIpZMmPoT58M9R0HFcAX6mDJVF%2F1U5CHlO7ylVnzJZsWHVzAN9El8OwkMkeV435su0USdeyGmghzPme2QMdo1ckd3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c91e9ca30b39-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:42:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/tfa.js
188.114.97.1200 OK 6.9 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/tfa.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (21248)
Hash 4cf418e83d040bf769e46528d084fa83
8fe3c89e231a49e831fa365c5c331ec5fef37667
e16a401a50c5a17ea971851652a408ea38d121cd60f40c195d9f9ceaeeaed97e
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/tfa.js HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:42:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-5323"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLz1XRNjdwNnvixmB0ItkWDLS5iDMv5RRDxXx30Pf3IsYOOmB79GKkVW553bvAMU%2FuavCtG8SLk2sfGvWgxLjk4zLzPsgkOAUTLAHx6R5GOdqkPlZBsVLE5m6PnU%2BOu9eB5pRjzp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c91fd8ddb518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/style1.css
188.114.97.1200 OK 632 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/style1.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (1645), with no line terminators
Hash 1fde4dca98fead1ab06fd95362591593
5aafb2f402f97402e6d4a18899d72df69ef74558
a3fff5a919a8e2ea00171bac33aa644bbacf91ec63f78667a382da978d7e3627
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/style1.css HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:42:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-66d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhTU7fI6INvfyHBNrMDi8Ud1yklKUS3ETDdEwoepLlGZG6NLoJ5de8keZkuTCW8oe7j4wSmZ0vPoH6AiTEnnHYZu8sDVanggIRdoOMLI7IBTy2UNVoyjox7Sh3dKsYkrsd14F9WQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c91fa8760b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/style.css
188.114.97.1200 OK 4.3 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/style.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (19581), with no line terminators
Hash 73f1e45ae235e3d9f8ef2a8a2db03102
43bd3326c5aa7fc6c068c681d116830cadfad725
8457fcb0c199f3ce20a30baf4026423e26c6ebd75def22d33d213a31b8135a7d
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/style.css HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:42:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-4c7d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdoZgsLkYGoGmo1fk6T%2FTexBFyhtI2gYbcaWHDbfmjv9oUjWkG%2BH0Ldo8tdvyqszpOHI9LKSuqRzdZGLP7g6ReDp%2FBJT6fBS9VyZ5KNstl9ayXEgt1Ds%2BE1u77sSrSvBnZ8Kzsjr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c91f78a2b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/obtp.js
188.114.97.1200 OK 1.9 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/obtp.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (4446), with no line terminators
Hash db8aab343db8f5f29b8720589d1dcdb0
731e334a3251ddf5bc3c4cbde6494a83788e1e0c
c3edf8e48d33c959b577c8ba7cef44d75dc47f1b54fc553690724a9a4805e697
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/obtp.js HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:42:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-115e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvT316Tc5C3IJDYpZaTfXng5x7mfKJR2czWzf3GvZlPK57WEoZJUnE1LI4SlVlZ4eK8X%2FxqC20TEc5Zws6wt9CP06fcj9V7753AuIzNxBCW2zDpytAIXfI4VNtg%2BdxMPDGnVxcsx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c91fd9edb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/pptm.%25E4%25B8%258B%25E8%25BD%25BD
188.114.97.1404 Not Found 122 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/pptm.%25E4%25B8%258B%25E8%25BD%25BD
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ba5146ac943c84a42ae7dd8ec650000d
cd224acead78854add64c91f811c97c4ebe23e46
d4e24dacc040ac19271080523c3e47ea0754bdf3a2697c0e58b4d41949327734
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/pptm.%25E4%25B8%258B%25E8%25BD%25BD HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBgNk%2BFuZCp8YfQ313tSCJ4Ly98VM9jStE44dzpthaQNnnA%2FM%2BI4%2Fw7kKo5R7LD0%2B5YQuOam89kPH1ogki4bXsZZVuIhxI6xrAKETj4%2FTQ4Q3%2BT4zWLqyd%2FKZqPcSqjpC9y7JXFp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c92078ac0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/bat.js
188.114.97.1200 OK 6.9 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/bat.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (22437), with no line terminators
Hash bf312e6b642bb3f77eb3d4af8fcbd309
4abc389c58e11afa3de708d48d8cd45d187b1993
d0ac9fb04475a4a61b11a2620174fd0f4ee7f9538785a5b8309ea75093899b76
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/bat.js HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-57a5"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfIhEcYfj42ygUm9sqjNYluy8jmg7i2Ox43CZWpOb0PZXz%2FuljR7U2YyZF2x5uniYjd%2F0GEWfMQIHZZkeTUA76pGxoIv2U2Z3ND3wTUsaDptr%2FcvUNCKXQ13m1%2Bga000rCzU07vn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c920791ab518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/css.css
188.114.97.1200 OK 837 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/css.css
IP 188.114.97.1:0
Hash d82a19fa8caf016f919e124aedb9bd44
a1eac128b8bef9d85954beab927de28ec793b80c
7465dab545e985b7fd16e6124e8f658e45ac1025c150aff884951d9e5e8f368b
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/css.css HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-3ccd"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDPTke2A%2F2bcutgW4LsUgla8uUnvRQI2wYwn1s%2FMzLGs%2BpRc%2BsheEup2hy5j6A%2FJDfaLlXjGm0aXjZ%2BU6My7AaK60hYYXLxgc2R0HU6hq4Y9W9oBRVel3bsiSPiIZJGKbQ51uL6p"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c9209a3fb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/fbevents.js
188.114.97.1200 OK 15 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/fbevents.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (42174)
Hash 7f527e895deb7354a755cf2252e3a3a6
3f05c5d005417c060b947e0272cdd583eedaebfc
e387a857a38b1d79973706db6920aa34eaff4e3ec364243c6d6f693c480f2908
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/fbevents.js HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-cb4f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMKvQeuKFJtDEp5R%2BfDbAuUCR09LvNPB%2FpIDHERPVySGirzHjOdC3WDLz7GA3yGNOrV8z2D96N%2BEpw8CCvBXe4RCfyhRlghoL4DkEKeatPFMY2GaXDlYIMHrVt0eDQR4pdQPlyzn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c9204d7d0b39-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/2128872657442699.js
188.114.97.1200 OK 44 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/2128872657442699.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (64470)
Hash 79e999c6df6962385cc1d166060a3368
31870115bf8515d40d7bbd6464a2959ede49b09d
4bdfb7903173e3c20ece760e7a96e47390888549d3e8a8f70d7bc8ff4bcfa19e
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/2128872657442699.js HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-2d3bc"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M90a3a6QaPo7WwWJsi8U44f4%2FLI%2FH3YYk5JumfK6kJkRDtkUHZvOvq6SVWcTPyVgDOjjE9yb%2BJIHCDPp%2FB%2FOyvTsgfq%2F39auCMY81kF%2FaikKPaDVjGy8p3%2BadBwPS0hgLur8wQ4X"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c9204803b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/font-awesome.css
188.114.97.1200 OK 7.2 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/font-awesome.css
IP 188.114.97.1:0
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash 67aa70020e480e3f73b299b0cbef81f0
666d31f54baa208fbc5f095fc01829c95ed6b783
a1a8dedba732d2de1c8327243313c24cf30e003f54fadb2d3b01fbaadd0b903a
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/font-awesome.css HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-9226"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bcounPg20gUWjPmEsDM39kCPkR96ZRqyWCPupyO46o9xvYR5tPW05q89O4i3LYy55HGUi7ezyYfkLXh0va7y6GLb%2FsV44qjD0rMPdi0ljeqt%2BhjFWnwxuLY95LHv%2FJ6Xa1p%2FBYr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c9209936b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 01:10:47 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 01:12:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 01z8II_1AR63m5ghAR1VCI-0nuJXWcshmPnVZGdn-tqi35LBrajlUA==
Age: 1934
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/css_002.txt
188.114.97.1200 OK 725 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/css_002.txt
IP 188.114.97.1:0
Hash e3b4fcf9a8a6aef913c0abd828464471
511e0791284c66848468d5253ad5ba547f2ee7dd
0ac5724f07a1512420ebc0b917ab9eed03053b169ff3ecaccbc12791877ee652
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/css_002.txt HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-2b5c"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xr%2FrP8JRdsfLHEqC0cy4t6qv%2FVsJTMzNNp6hT54dtYmSBkwmmAWgXUo6Bsp%2Fy6dfbMTvwrwoheuoD3qVsjDfk2jy5Yq5AdIuaPlcfL2AmMJKlNWAMS%2BOu7dfeZYz2IpQuS4ddXaq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c921699bb518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/last.css
188.114.97.1200 OK 395 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/last.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (1036), with no line terminators
Hash 86b3263ee8d138fc96ee88c6ac8e0e6e
52f552e075bb614b05ec2e1ff0163fd59d6d6e63
275066f0edac6ed08dd249905b8d684807f094935875d61d056e806139f3594e
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/last.css HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-40c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TR%2FprRvte5AlvP47PM%2FcK2jntkCRr2T79r5s8eICZNFrr9mwQMSHxWatpVh6lMQHqVOJXVGncWMhebefcZbokCAhNTUSWWLQmDtRxR2FKFiHHU5S68zZbwnc97ytRG4VOtl3CT8l"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c92138ef0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/f2.txt
188.114.97.1200 OK 43 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/f2.txt
IP 188.114.97.1:0
File type ASCII text, with no line terminators
Hash ad8b6f08655797587cdec719a94efe59
182adf5a140796f81e930649d05654dbf22fd5b7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/f2.txt HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: text/plain
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: "62e823fa-2b"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4XBNXaxwqL0msvC1NClhU0SuQ7ek1AgYbOuLSGI148Z33O%2BmNJJIEpj0NsFOahPKHwIbQOjdLH4UkgN6bW%2BIzxqIW6lmMfQIlPOZfxn6soofWIQfMxUOVzT%2FXV0UNuX%2BWQR1tH6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c921f9e1b518-OSL
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/f1.txt
188.114.97.1200 OK 43 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/f1.txt
IP 188.114.97.1:0
File type ASCII text, with no line terminators
Hash ad8b6f08655797587cdec719a94efe59
182adf5a140796f81e930649d05654dbf22fd5b7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/f1.txt HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: text/plain
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: "62e823fa-2b"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkFnuyv8Bqof9%2FF0nLk6Ltm5N91grE9oXIMEyZbutpgDM%2FYjvKcZTvFnCahSJls8cC65DUb7WedyK0pNcmez116yuY2p4EU2%2BEW0DGvyNcfKHwWJ9x6CpIp1jYIp8KaJIVifOmps"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c921d9d4b518-OSL
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/f.txt
188.114.97.1200 OK 8.5 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/f.txt
IP 188.114.97.1:0
File type ASCII text, with very long lines (2068)
Hash d11a8d7079e447d5c0a397885e41ff76
0f6a079cc431cdfe933fb6643ff3a60a31492847
d697a2251cade28e35261d44c485d301ce66713dee542bd8adf27e97bcf4323d
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/f.txt HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-5720"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNJ4Cp8K7I9%2Fo1lHzk5xYp3n%2B1rcH0whcXOW6m3Ec1CvS1lpXIFskdqXUyWdheLcFd5%2Bl2VQt76wWPV7c7Zam8f9CWcRJArtS7CDUN7R5%2FSd%2B2hlTSC9Z4pSy9ki6Hrz31BXWIHM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c9219dd70b39-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/js.txt
188.114.97.1200 OK 30 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/js.txt
IP 188.114.97.1:0
File type ASCII text, with very long lines (1769)
Hash 592150262e6db5d30968645e3ffedadc
b30818e854dd914773516c5f1b1e32bf2d236729
488cfb371fb9351f4c961b5d8c971395704e34703f69031d4e7ea14c4198de7a
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/js.txt HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-1452d"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZwIFFyYAWTI3XTeddPfCW%2Fp26YlRexDMimp8JXVtbryggjxdSW4HlzMg3vo9gIgZpjvm86gbaxfCVWYmyMzjoYEN5dw3127puCqiozAElYEXfD0wdmE%2BjFzPBcM3GkRjmumJVDS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c921d8bcb50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/manifest.%25E4%25B8%258B%25E8%25BD%25BD
188.114.97.1200 OK 1.7 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/manifest.%25E4%25B8%258B%25E8%25BD%25BD
IP 188.114.97.1:0
File type ASCII text, with very long lines (1706), with no line terminators
Hash a7814d07f1a9d759bd840ea27419cf12
ed29ba6aaebf692517921db616b88ef97ff5b0ba
23aa25f5bb6405b5e6f817973ecfcc003cb3830a4e70c0125fd2c5b0a6537929
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/manifest.%25E4%25B8%258B%25E8%25BD%25BD HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: application/octet-stream
Content-Length: 1706
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: "62e823fa-6aa"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2F42rx2GHtkIfzCMRWGwhbMJf%2F6mcBFXvLekvAaum4SzMclCSxGrd7Dkd2LJLriy1nBX7yygeiJ2AtI%2FtLMl8OLSz7KD6E86vzGfzCYf2Pboq%2Bi0MAIRIy2nvWJFK6vat44yERGp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c9228a20b518-OSL
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/jquery-3.%25E4%25B8%258B%25E8%25BD%25BD
188.114.97.1200 OK 87 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/jquery-3.%25E4%25B8%258B%25E8%25BD%25BD
IP 188.114.97.1:0
File type ASCII text, with very long lines (32058)
Hash c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/jquery-3.%25E4%25B8%258B%25E8%25BD%25BD HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: application/octet-stream
Content-Length: 86659
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: "62e823fa-15283"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvYGzPRi7Yu%2FZTyzgK2qwtWRhYAfKKsndJmv%2FPn0MpSUXxH50T60TN9bKuG6d6v2LcvK8w%2BSw60N7T8axOxZf9P1aZuek4f7AhOQ2G6ShNEjQplb1Qfuw8GkWodaPHYr2A1ngNfn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c922092f0b55-OSL
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/style1_002.css
188.114.97.1200 OK 85 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/style1_002.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (65402)
Hash b97e2ac00967243783260390ca7087fd
80b8a392e06822b9591f1aeb1032d3e090f628e4
58feb3b6c9504c949c8e23a132d68759643eefaaf046dcacd1fb36e1693c7c16
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/style1_002.css HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-253b0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZCwWGwTIwrimvDyFTDzHdAt0bKEBNObTNd8n0opQJYsspIEN%2Bj1Ro6YjvJansbHpxVWZGFMfULg0k%2BjZ1tLZgsEks00U4xSla5b8y%2FF%2BHbH%2BnrxXlyUkG7ww531VCJ3YXQwDx4l"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c9218a9ab500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4877
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:00 GMT
Last-Modified: Wed, 28 Sep 2022 00:21:43 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/jquery.js
188.114.97.1200 OK 915 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/jquery.js
IP 188.114.97.1:0
Hash a6937dacea053ad118b5b07538547ef0
cb1b0ac43ff37f7a21bfdd895d9bcaf0d7988f74
2d05329dbaa98416aa87d6897ce3cc5a35e0dea0ed233b0a8ec2efc426dbdd49
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/jquery.js HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-792"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sfty76W8j9JQVY%2FpeEEmEwuk7lKWL8%2BcfG8S%2FVMPcR0JMYDgNkVPWCPdlcpERxlFsiElxsuvMiwt%2FN4NuniGH4xzoPY3wCyinp9VNte0FJ%2F1iwb%2Bkl6Tl4OJWfr6pvy0vfIWu%2Bg8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c92339850b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/main.js
188.114.97.1200 OK 320 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/main.js
IP 188.114.97.1:0
File type C source, ASCII text, with very long lines (359)
Hash ae86cd97e3f3d0aeb33404162325a6cd
1838b24880669a6476df5b6f6441a8ebc1fe20cf
b3785a78e8f3715fdaaeb17f2c6483a26a1b3313eba223e4820629e3c92dc7ca
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/main.js HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-245"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yApmL22hYpYT1egJEzRc3%2FCxSQqu6Lfq4rsQSq1pF5UlFfHI5kg9nlvhXN82uBfnN6SvVa7%2FjnKUhJWbpHApbkKyfHNqAOe6uoPv92iXvrbPZq6%2BiBz4QtTV%2B5eU8CHJ8NShCJlk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c9236b40b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/jquery-3.js
188.114.97.1200 OK 30 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/jquery-3.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (32058)
Hash 165a43244de5b28bfdb9422e0ad82b68
dd12888e259036e6c6986a0c65a3b3e38b697f54
200e3fccd025dffd3f7c6ad186f87ea51737db6c85e279b0d8b9626ad7ce1954
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/jquery-3.js HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-15283"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0A587fJ2fh%2BVSwZaEYjso3xU8WhvHWKEVKCOfjktE2WlTQ6OeHVUQ4MldRtTPUzBxXyUDzU7ZIzC7kcCoq21Rpa11jBjAWn7Xf1KL%2FZP0mg9ccDYw7IHx4EWt1Z6bhB5TnF9Zpwz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c922b92cb50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/bootstrap.js
188.114.97.1200 OK 9.8 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/bootstrap.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (32033)
Hash 5001f34e4d6720378751012dedda52d6
d582a3fa4a2772626a934ade1489dc5e5f97a845
3cbb8f3723828476519f646eed5cd50a490f1cb1a03b9c2e92ad2a749c1dbf5a
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/bootstrap.js HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:29 GMT
ETag: W/"62e823f9-90b5"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2ISKnrLHfEvjFv622y%2FDeIb8weJzzeJC0l6tf025ecOad4PlG0pDTrZ8ZzYtZ%2Fkaziko9c04%2FXXMHv4B7UeaQcNCIYcRuRqv%2BGZFMci1074XwfCP99AYnuGFRo2dVJQ21TvolV3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c9231a6cb518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/show.%25E4%25B8%258B%25E8%25BD%25BD
188.114.97.1200 OK 256 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/show.%25E4%25B8%258B%25E8%25BD%25BD
IP 188.114.97.1:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 256 kB (256150 bytes)
Hash 04ac8427433d48324755ef21e13ea222
649d0f821b50480745a695a666c69e42a14e9f43
1f8be107f7500a15282933e2f7efe1a7ef998db59f4ce04216429833320a7c9b
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/show.%25E4%25B8%258B%25E8%25BD%25BD HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: application/octet-stream
Content-Length: 256150
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: "62e823fa-3e896"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7hdbOvbdviNVntZWFf%2FFU2n%2FU%2BrlcK8y9P2IZSA1lQP6Oqb7n2ipgN2s%2F4mSEaN0v15xgRyxu8Wkm%2FKtG6wwI12%2FSjnlSE0AIX8Ym%2BF%2F9IGJzzYDIZ0VMXUX%2BhOeUbJjYSbqcLq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c922be480b39-OSL
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/jquery_002.js
188.114.97.1200 OK 450 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/jquery_002.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (501)
Hash 41a2fdff43ee058af2d4c8c291b2d9d4
f2fdf3165732412088dc899f0f20272f56559044
35716b5a75076c9d0847735a25f06045a2f033646b81de0d901414a8170ab5a5
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/jquery_002.js HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: W/"62e823fa-31c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NhiLxEKswoW779zCYcDK31VSI6y3C3vD3RT2e0G1xB9ywb28uv%2BGWGsrlxnlLJ60KfnhOMZahu1O5Jxt%2BOKJqbPOMlmlKkMGgUtBqfpxdKIGawl%2B3XU1o5UEoVOGrh90BqMseD1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c923b9bd0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/bg-body.png
188.114.97.1404 Not Found 116 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/bg-body.png
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d6e62b966693d7822072903ae8310d00
2de307cf4db56a090d7633f2da9ce6d224f6ffb7
36bd7d3c61ddaa2cfd74438dfcc2552f527a5299abc17957073a05d4b1d5cecf
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/bg-body.png HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/style1.css
HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pQ2mrNbPFRrvG9nnT5CaunI5o7KzZDxHUPctc7HZ%2FJutdCfi7QKn8rY1fo5mhz7vCP2bRUIHf%2FydkBwmKuSJ2M%2F8H1vNe3CBHfWUjHhsqfAu3FRsvVR2xWGjPVtKENa%2Bw1CZf5X"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c9240b7ab500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/bg-body-left.png
188.114.97.1200 OK 128 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/bg-body-left.png
IP 188.114.97.1:0
File type PNG image data, 552 x 812, 8-bit colormap, non-interlaced\012- data
Size 128 kB (128092 bytes)
Hash 4dbc129cc0bbe77f887cf813c4408e9b
fc3f7169f6ccd2b1cadeaf349893225882c11a13
1f044c072e134bdb8815ef45070ce943f01bfd52dd457483552f86d92a77aeaa
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/bg-body-left.png HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/style1.css
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: image/png
Content-Length: 128092
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: "62e823fa-1f45c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YLhMSEid0Oi6yAfgmmkFZOWrc8%2FVCdILZrAxLSjsXnjRHWqSic%2Bq76mTFTSoB5uJXmCDAUWZWI%2B%2FBQzkmaGtknpO3ET4J5dyHjyRGysLXQJzAShPJqSukNCecMiwwoUG6eOb9Ib"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c92439fbb50f-OSL
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/images/line.png
188.114.97.1404 Not Found 116 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/images/line.png
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d6e62b966693d7822072903ae8310d00
2de307cf4db56a090d7633f2da9ce6d224f6ffb7
36bd7d3c61ddaa2cfd74438dfcc2552f527a5299abc17957073a05d4b1d5cecf
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/images/line.png HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/style1_002.css
HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kePfA5ZcvdMlo2BiSzkOrdYIU8qJ11%2FXGuRiOAAE9bGb5wc50CsoT2xpGZ9QBWLKz9o2VlAQ7yA50knPQq29WSMvGNhwud4%2BabFk%2BOuuePIyuF8GHVKYa536VIr%2FLmNhLqJShwI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c924ca140b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/barlow/v2/7cHqv4kjgoGqM7E3t-4s51os.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v2/7cHqv4kjgoGqM7E3t-4s51os.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21080, version 1.0\012- data
Hash fa61eccc5d911d604a8739a7c9dc8bcb
73488928ed4cd9f726f0129fc6c969908161091a
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
GET /s/barlow/v2/7cHqv4kjgoGqM7E3t-4s51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rolewine.sa.com
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 06:48:49 GMT
expires: Fri, 22 Sep 2023 06:48:49 GMT
cache-control: public, max-age=31536000
age: 500051
last-modified: Wed, 12 Dec 2018 22:06:27 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.13.69.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.69.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wPaQlgx3KIU43aoUU145Lg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vppWtSBTxcxtFaxZnH/iB08OROY=
fonts.gstatic.com/s/barlow/v2/7cHpv4kjgoGqM7E_DMs5.woff2
142.250.74.163200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v2/7cHpv4kjgoGqM7E_DMs5.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20444, version 1.0\012- data
Hash 0f9d3b560bae7d6283f13b731bc4f674
cd082fc17fecdeb0b4de56499ce420f7c73fd7d9
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
GET /s/barlow/v2/7cHpv4kjgoGqM7E_DMs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rolewine.sa.com
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 06:48:48 GMT
expires: Fri, 22 Sep 2023 06:48:48 GMT
cache-control: public, max-age=31536000
age: 500052
last-modified: Wed, 12 Dec 2018 22:09:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/bg-body-right.png
188.114.97.1200 OK 97 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/bg-body-right.png
IP 188.114.97.1:0
File type PNG image data, 476 x 812, 8-bit colormap, non-interlaced\012- data
Hash 017ff46ff9a1d8170ee09edaa444b280
e6244df569c2abc083725b869a69fc30e505581f
952916fc6a983c646ae35c1335a92d0226c9c8b72f8e8b59a3c4c6dc37dc590f
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/bg-body-right.png HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/style1.css
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: image/png
Content-Length: 96740
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: "62e823fa-179e4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIDltF8m5WvbeRwfPe2bmpA54qgFCoP8%2Bs8by2xQTfd0IPE%2BaOHFY8GBmgXNPWbVp6zkXt6GPtkZ0CRKNEOJE0hl5GhwQj%2BhEaorJ%2B%2Bzmo8sK%2Bzj%2Fn%2F6oVt7LPOKbsqMeAPLyvna"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c9246b29b518-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/barlow/v2/7cHqv4kjgoGqM7E3p-ks51os.woff2
142.250.74.163200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v2/7cHqv4kjgoGqM7E3p-ks51os.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20300, version 1.0\012- data
Hash f780d6f93676a9792d73405ad95cfbcc
3ffb0b44be63925e77d3cbaa9ab89b30dc63a70f
3916e5c19c2e260ec6c95d4af3cc8c026c5825717221a6b931614f804be378ac
GET /s/barlow/v2/7cHqv4kjgoGqM7E3p-ks51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rolewine.sa.com
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 06:48:49 GMT
expires: Fri, 22 Sep 2023 06:48:49 GMT
cache-control: public, max-age=31536000
age: 500051
last-modified: Wed, 12 Dec 2018 22:05:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.rolewine.sa.com/clicks/chapter2/dronxprodiscount_files/rated-bg.png
188.114.97.1200 OK 33 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronxprodiscount_files/rated-bg.png
IP 188.114.97.1:0
File type PNG image data, 1920 x 309, 8-bit grayscale, non-interlaced\012- data
Hash b50d31f2cc5907f761be48d49b6d1395
2860d207f026ffc5c89d1fbb1861cd80fbf1e983
7f46f96de1079ab0e23b5fe3a550020dfaef35a15667e572036c32e84fda2340
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronxprodiscount_files/rated-bg.png HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/style1_002.css
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: image/png
Content-Length: 33360
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:14 GMT
ETag: "62e823ea-8250"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xsTOwy9TMt2cmWtlyISS83HvJk73VXe0XyoxBQiPLk%2BgY6rwM0UfG9B1euL8hFqys6vzfbjHHGEUEwGibcGrQJ%2BwzXMMznuvKSjdgG5R8mIEF0NcyJ9EFFU%2BXgquOn3nkE52o23"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c9254a440b55-OSL
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronxprodiscount_files/features-bg.png
188.114.97.1200 OK 119 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronxprodiscount_files/features-bg.png
IP 188.114.97.1:0
File type PNG image data, 1919 x 822, 8-bit colormap, non-interlaced\012- data
Size 119 kB (118905 bytes)
Hash 3cce5293a4ee949dec8e986cecaedf33
49368789299133426f8967d4e4df94a2456b1232
8889b616bbaca86c12d25f26150562a0354ff36602696231b08551d029d1739e
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronxprodiscount_files/features-bg.png HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/style1_002.css
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: image/png
Content-Length: 118905
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:14 GMT
ETag: "62e823ea-1d079"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gg1ut%2FftYxHYpn56VfW3bxrozR7pC0BUeM35MWS0Q%2BiWxSktYwc45Ch%2BE9fNNbozc73veoF6OEzuG7%2BUuAbgM1onk4ZNAUxqUsFkNk7LKAFPn0W3eOrQvjOnvjz1EPaMjqz5pBDL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c924cb52b518-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/barlow/v2/7cHqv4kjgoGqM7E3_-gs51os.woff2
142.250.74.163200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v2/7cHqv4kjgoGqM7E3_-gs51os.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20348, version 1.0\012- data
Hash 9c43f43c6a98e7a4c8f27827ff455c9f
60b73cbb826b0710af3988a30873b3c47e43b511
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
GET /s/barlow/v2/7cHqv4kjgoGqM7E3_-gs51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rolewine.sa.com
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20348
date: Wed, 28 Sep 2022 01:43:00 GMT
expires: Thu, 28 Sep 2023 01:43:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 12 Dec 2018 22:05:17 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rolewine.sa.com/clicks/chapter2/dronxprodiscount_files/marvel-bg.png
188.114.97.1200 OK 41 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronxprodiscount_files/marvel-bg.png
IP 188.114.97.1:0
File type PNG image data, 1920 x 355, 8-bit colormap, non-interlaced\012- data
Hash a2cf30cf9f9c94ca233de42e68686e58
f405fecfc083aaf78abfd66e5ecac05501114617
b8fe22fddc6cc86351d432d6ce92667ddaac8f4ce72156fc4c44e8d98338390c
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronxprodiscount_files/marvel-bg.png HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/style1_002.css
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: image/png
Content-Length: 40644
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:14 GMT
ETag: "62e823ea-9ec4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYq%2Bmz4j2RyrGJeCLzZV3yvva%2Fmj0ZxvwPauBv5SFqHlufr%2F38T%2BK1JVIWX7mYD8eaGJvNfvgS44gkxZLnCMc6EHZgLLeJqCVzKu4I7CN3x6nq7LcUaeKVqiSpmMj2Z0JJ1%2Fuvwh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c924cefc0b39-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/barlow/v2/7cHqv4kjgoGqM7E30-8s51os.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v2/7cHqv4kjgoGqM7E30-8s51os.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21072, version 1.0\012- data
Hash 9126e37748c1ee76d20fb783efef135b
4ebc85b3cb847b7cf4dc2341094d4fc883fe08ca
46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb
GET /s/barlow/v2/7cHqv4kjgoGqM7E30-8s51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rolewine.sa.com
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21072
date: Wed, 28 Sep 2022 01:43:00 GMT
expires: Thu, 28 Sep 2023 01:43:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 12 Dec 2018 22:04:17 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/0_002.txt
188.114.97.1404 Not Found 122 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/0_002.txt
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ba5146ac943c84a42ae7dd8ec650000d
cd224acead78854add64c91f811c97c4ebe23e46
d4e24dacc040ac19271080523c3e47ea0754bdf3a2697c0e58b4d41949327734
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/0_002.txt HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0u6wxcNp1tzvhz3XWKk%2B%2Fl2mvCizgiJOJBYObhbVcdo%2B7l8tA9cFuhyRakHwD%2BbSOCpj8fzeyakHcJeMdXGMkmLh249erya4WgWc6FfS9sfmLGb%2F34nGJlA%2FLUWfI1IDHwJT%2FiA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c9258c01b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/0.txt
188.114.97.1404 Not Found 122 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/0.txt
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ba5146ac943c84a42ae7dd8ec650000d
cd224acead78854add64c91f811c97c4ebe23e46
d4e24dacc040ac19271080523c3e47ea0754bdf3a2697c0e58b4d41949327734
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/0.txt HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guVVpXhqu0qQRMOf%2B4rKpxR745asm3bVVl6bMwz0F9wPP7gxs4581%2Fs8%2F69txLPJr7caW7RWt%2FOThYjmEYVTW3v%2B%2FT7%2BoPRj73854biiDTVYGo%2F3CoHymTPoM56ipu8AUYns6GLW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c925aa6b0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 3.2 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (8072), with no line terminators
Hash 9b19340ef7db3cbb26aa923adb8dbe6e
082e699bca6e80ca6c72a43f2894f4a32e785e26
c042b8b199b2c08fa66f90753998544860e3f64c3a1f47754a66970b3b8c5b2a
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Wed, 28 Sep 2022 02:03:00 GMT
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Length: 3249
Connection: keep-alive
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 11367
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 17:32:37 GMT
Accept-Ranges: bytes
ETag: "80a8697a8a2d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=314B9E3A615E65CC36E78C1760096443; domain=.bing.com; expires=Mon, 23-Oct-2023 01:43:00 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: E935E1C13DF746BE802186D3EA0C6355 Ref B: OSL30EDGE0407 Ref C: 2022-09-28T01:43:00Z
Date: Wed, 28 Sep 2022 01:43:00 GMT
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd9c95c1c24789f4041887b11468ab7e
bf202eeda47e79ac15d77325a02a1206bec63dcb
86f005e634685a4eb89dd87735b4cc0d91163be2912c470a529f0eb223531dbf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6055
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:01 GMT
Last-Modified: Wed, 28 Sep 2022 00:02:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 00:41:09 GMT
expires: Wed, 28 Sep 2022 02:41:09 GMT
cache-control: public, max-age=7200
age: 3712
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/vendor.%25E4%25B8%258B%25E8%25BD%25BD
188.114.97.1200 OK 27 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/vendor.%25E4%25B8%258B%25E8%25BD%25BD
IP 188.114.97.1:0
File type gzip compressed data, from Unix\012- data
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/vendor.%25E4%25B8%258B%25E8%25BD%25BD HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: application/octet-stream
Content-Length: 273807
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: "62e823fa-42d8f"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kj6a9x6fvLFFbk%2FMmkXfNirOKKOlGETat6DVxJTk4YKaoiskP6Gop1aQNAOHxxwSxrMHhuiJyR5CR0%2B%2BGwpVrBCM9CgVzMIRVNFI46nwyK6%2F%2F6MMLEYARnMib%2FZSANohOBe5wXdx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c9229a24b518-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd9c95c1c24789f4041887b11468ab7e
bf202eeda47e79ac15d77325a02a1206bec63dcb
86f005e634685a4eb89dd87735b4cc0d91163be2912c470a529f0eb223531dbf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6055
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:01 GMT
Last-Modified: Wed, 28 Sep 2022 00:02:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/page-logo.png
188.114.97.1200 OK 591 kB URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/page-logo.png
IP 188.114.97.1:0
File type PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 591 kB (591177 bytes)
Hash 17afdc9ba149de09554478af843413c5
f0ff59f4fcf2168f9acf436ee4111c76abaf97bf
d8501f90164e095fb2434d9bcaee6c12261a74d3bee87705f7c4703bb4c5ec18
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/page-logo.png HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: image/png
Content-Length: 591177
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: "62e823fa-90549"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpcGRmq94ttqOX%2BnYZuszTfhugMvbVvNS2rIHlnIMtHyrdDxQsn%2BTnnaNgQyH3ze3BouBe%2Fr%2FM9RzccK7na%2FOS%2Ft8TUrPLpV5fLdMFWWG85LiUwOEfWl%2B8FqoJThrdmBrBXJcC0U"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7518c9253a87b50f-OSL
alt-svc: h2=":443"; ma=60
bat.bing.com/action/0?ti=20105041&Ver=2&mid=5348a905-cd31-4504-9338-8a04cccf409d&sid=e1927c703ece11ed85962913d4bb3349&vid=e19281803ece11eda1b407be21c6680a&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=DroneX%20Pro&p=http%3A%2F%2Fwww.rolewine.sa.com%2Fclicks%2Fchapter2%2F6242022_dronexpro.php%3Fsid%3D991880%26h%3Djww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo%2Felqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq&r=<=1567&evt=pageLoad&sv=1&rn=22387
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=20105041&Ver=2&mid=5348a905-cd31-4504-9338-8a04cccf409d&sid=e1927c703ece11ed85962913d4bb3349&vid=e19281803ece11eda1b407be21c6680a&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=DroneX%20Pro&p=http%3A%2F%2Fwww.rolewine.sa.com%2Fclicks%2Fchapter2%2F6242022_dronexpro.php%3Fsid%3D991880%26h%3Djww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo%2Felqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq&r=<=1567&evt=pageLoad&sv=1&rn=22387
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=20105041&Ver=2&mid=5348a905-cd31-4504-9338-8a04cccf409d&sid=e1927c703ece11ed85962913d4bb3349&vid=e19281803ece11eda1b407be21c6680a&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=DroneX%20Pro&p=http%3A%2F%2Fwww.rolewine.sa.com%2Fclicks%2Fchapter2%2F6242022_dronexpro.php%3Fsid%3D991880%26h%3Djww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo%2Felqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq&r=<=1567&evt=pageLoad&sv=1&rn=22387 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0DE836FF5FB8637C156124D25E4D628B; domain=.bing.com; expires=Mon, 23-Oct-2023 01:43:01 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4B03CC44343146ED9AE901D9B4AE6CBD Ref B: OSL30EDGE0111 Ref C: 2022-09-28T01:43:01Z
date: Wed, 28 Sep 2022 01:43:00 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=20103275&Ver=2&mid=efa3027f-c446-4308-8491-1598e72cf03d&sid=e1927c703ece11ed85962913d4bb3349&vid=e19281803ece11eda1b407be21c6680a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=DroneX%20Pro&p=http%3A%2F%2Fwww.rolewine.sa.com%2Fclicks%2Fchapter2%2F6242022_dronexpro.php%3Fsid%3D991880%26h%3Djww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo%2Felqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq&r=<=1567&evt=pageLoad&sv=1&rn=476084
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=20103275&Ver=2&mid=efa3027f-c446-4308-8491-1598e72cf03d&sid=e1927c703ece11ed85962913d4bb3349&vid=e19281803ece11eda1b407be21c6680a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=DroneX%20Pro&p=http%3A%2F%2Fwww.rolewine.sa.com%2Fclicks%2Fchapter2%2F6242022_dronexpro.php%3Fsid%3D991880%26h%3Djww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo%2Felqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq&r=<=1567&evt=pageLoad&sv=1&rn=476084
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=20103275&Ver=2&mid=efa3027f-c446-4308-8491-1598e72cf03d&sid=e1927c703ece11ed85962913d4bb3349&vid=e19281803ece11eda1b407be21c6680a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=DroneX%20Pro&p=http%3A%2F%2Fwww.rolewine.sa.com%2Fclicks%2Fchapter2%2F6242022_dronexpro.php%3Fsid%3D991880%26h%3Djww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo%2Felqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq&r=<=1567&evt=pageLoad&sv=1&rn=476084 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=10738E1A770C657000F49C3776F96420; domain=.bing.com; expires=Mon, 23-Oct-2023 01:43:01 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A78B75CFE1345B897C7F1424D126F7D Ref B: OSL30EDGE0111 Ref C: 2022-09-28T01:43:01Z
date: Wed, 28 Sep 2022 01:43:00 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/20103275.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/20103275.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/20103275.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=0510379309AE6B112FFE25BE085B6A71; domain=.bing.com; expires=Mon, 23-Oct-2023 01:43:01 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7DF8B3D52B1748929EF2EFE1515F658F Ref B: OSL30EDGE0111 Ref C: 2022-09-28T01:43:01Z
date: Wed, 28 Sep 2022 01:43:00 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/20105041.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/20105041.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/20105041.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=130C0A9B979769312A3218B696626808; domain=.bing.com; expires=Mon, 23-Oct-2023 01:43:01 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9260C59463DD41F285849DF31DED93EC Ref B: OSL30EDGE0111 Ref C: 2022-09-28T01:43:01Z
date: Wed, 28 Sep 2022 01:43:00 GMT
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22484186-3&cid=604675842.1664329379&jid=458716355&gjid=1806370329&_gid=626287707.1664329379&_u=YEBAAUAAAAAAAC~&z=1828754493
64.233.165.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22484186-3&cid=604675842.1664329379&jid=458716355&gjid=1806370329&_gid=626287707.1664329379&_u=YEBAAUAAAAAAAC~&z=1828754493
IP 64.233.165.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22484186-3&cid=604675842.1664329379&jid=458716355&gjid=1806370329&_gid=626287707.1664329379&_u=YEBAAUAAAAAAAC~&z=1828754493 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.rolewine.sa.com
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.rolewine.sa.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 01:43:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=003fefef2c09e91029ed7eed52ee57c0fd&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=http%3A%2F%2Fwww.rolewine.sa.com%2Fclicks%2Fchapter2%2F6242022_dronexpro.php%3Fsid%3D991880%26h%3Djww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo%2Felqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq&optOut=false&bust=012228794558927525&referrer=
70.42.32.223200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=003fefef2c09e91029ed7eed52ee57c0fd&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=http%3A%2F%2Fwww.rolewine.sa.com%2Fclicks%2Fchapter2%2F6242022_dronexpro.php%3Fsid%3D991880%26h%3Djww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo%2Felqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq&optOut=false&bust=012228794558927525&referrer=
IP 70.42.32.223:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=003fefef2c09e91029ed7eed52ee57c0fd&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=http%3A%2F%2Fwww.rolewine.sa.com%2Fclicks%2Fchapter2%2F6242022_dronexpro.php%3Fsid%3D991880%26h%3Djww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo%2Felqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq&optOut=false&bust=012228794558927525&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:01 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 7ac68a5359b2d2ba276d7689d8a6fa7a
content-encoding: gzip
tr.outbrain.com/cachedClickId?marketerId=003fefef2c09e91029ed7eed52ee57c0fd
70.42.32.223200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=003fefef2c09e91029ed7eed52ee57c0fd
IP 70.42.32.223:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=003fefef2c09e91029ed7eed52ee57c0fd HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 01:43:01 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 83311dfbf9d1f28dec428c86ac64a6a3
content-encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 59a21734ecba7688903b71fe01fbb85e
cd59a6869f8ad14e29fb4b9e288d8ce46ff1633c
c10e1fcfd60f713d506985b361285b5704c14e3a0792ecd6b3e0b02a1bb15db6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 01:43:01 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4H9wQkXY8GGy3aZ4LAf2Ps3IxNL0EBaJv17lTiS_H9UFTRaboQfgjw==
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef12641bb4d59312b43f4f06ae2cee73
5450eaf271bf466e6aa58b63d52b49b66c5f4a6f
894fd5dabf39c09179591f3305d88ef71eb467ddeb1fc5c568dc377c3a1317d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=604675842.1664329379&jid=458716355&_u=YEBAAUAAAAAAAC~&z=1451898065
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=604675842.1664329379&jid=458716355&_u=YEBAAUAAAAAAAC~&z=1451898065
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=604675842.1664329379&jid=458716355&_u=YEBAAUAAAAAAAC~&z=1451898065 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 01:43:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=604675842.1664329379&jid=458716355&_u=YEBAAUAAAAAAAC~&z=1451898065
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=604675842.1664329379&jid=458716355&_u=YEBAAUAAAAAAAC~&z=1451898065
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=604675842.1664329379&jid=458716355&_u=YEBAAUAAAAAAAC~&z=1451898065 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 01:43:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef12641bb4d59312b43f4f06ae2cee73
5450eaf271bf466e6aa58b63d52b49b66c5f4a6f
894fd5dabf39c09179591f3305d88ef71eb467ddeb1fc5c568dc377c3a1317d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 01:43:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6735
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 01:43:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6735
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 01:43:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6735
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 01:43:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6735
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 01:43:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6735
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 01:43:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9646ccba-7fc2-470a-b04e-5cef02e234cd.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9646ccba-7fc2-470a-b04e-5cef02e234cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e49757d877a437a57f39d458862e8369
7d8b30445dadc44a17e5a26301212fced3aaa2af
e8b481bd5fe7ce92aa614cb77c9318ef8b763e71a178126805a4c363e6f91a9b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9646ccba-7fc2-470a-b04e-5cef02e234cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13058
x-amzn-requestid: 2ce70ac3-0451-41f4-bd82-596a92582a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EiiIAMFQLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-25deabef6235856b6d9bb19f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: oGmQtgwLy_unp2_L3WP10HsyeCSgao4_37Kf6K8JeeVgz8YXbDvDWQ==
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:47 GMT
age: 14174
etag: "7d8b30445dadc44a17e5a26301212fced3aaa2af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b255b252ceed088d6f505e7e9acfcb55
a6b1c3e0d506ac1c66405e061e9910fafb176a7d
b796a98834c7ecf220d13bfba61e81a9b90d472d2aa725ff66888cbddad731e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:29:45 GMT
age: 65596
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: y3DefdcXJyoDHpJXwz460gfWcv2JUboOFExNQmTFgy30B4mn54Xvuw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:30 GMT
age: 14311
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 6627e07e-034b-432e-ab9e-afe035fa0b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e9HgIoAMFxUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7f34c3f6454379724a7ac413;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J27vcANRhkMUuGwTZjXkO0EF0-UjN-MODVQRKgsc7hJI2S-UPF8Ctw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:53 GMT
age: 14528
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 9f410158-cd1a-45a9-9e86-4005b25577e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4Hw7oAMFpAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-70683c681f22a3b6103fcb4a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l9IinQYCcQV_iymSArIEnOWgbmLlmVqz94402zcsmga5Bp3Sty7QRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:49 GMT
age: 14532
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9715fa-0606-41f2-b3fa-1c7048f24b48.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9715fa-0606-41f2-b3fa-1c7048f24b48.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c761355e3b9bdf64113c92591306b959
5dcf4fbd065e0850c2602a5e8791ba7af1999d9f
03464d30ae3a3199bb3b19e1c730385fc8f68444d41eb0099542bd83108e6ed5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9715fa-0606-41f2-b3fa-1c7048f24b48.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9710
x-amzn-requestid: 38e078fa-bad5-4593-b4f7-ffab77c1d3cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCF9GWeoAMF-5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633116f2-29b4342e3c7700924d65a273;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:05:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dA8uT96jM1QIn89Jw-8vMlGaNrr8xjUBjhg1usiZqFMf0SO12IA4Kg==
via: 1.1 ce74b5c96395745bcb8206d6c9ee0962.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 03:17:58 GMT
age: 80703
etag: "5dcf4fbd065e0850c2602a5e8791ba7af1999d9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/dronexpro.mp4
188.114.97.1206 Partial Content 0 B URL HTTP/1.1 www.rolewine.sa.com/clicks/chapter2/dronexpro0109_files/dronexpro.mp4
IP 188.114.97.1:0
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/dronexpro0109_files/dronexpro.mp4 HTTP/1.1
Host: www.rolewine.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.rolewine.sa.com/clicks/chapter2/6242022_dronexpro.php?sid=991880&h=jww9ggkeys2ryo_ciclnu79ijsjnl6rxwzxujxokqoo/elqmjnyspm7vm1mty_c5eissselv6vhel43wrpelnzexfx88h6ai1cf9wxdhioarm4fkst2ceynmyuemrz9xsq
HTTP/1.1 206 Partial Content
Date: Wed, 28 Sep 2022 01:43:00 GMT
Content-Type: video/mp4
Content-Length: 2773316
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:30 GMT
ETag: "62e823fa-2a5144"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Content-Range: bytes 0-2773315/2773316
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtkveNflOxMoNbvalggaXNqO4eLdYAhavHwUYGkNnsd%2BLi3KBxyc%2B7HbZMGmjoeyoNSVSPi%2FRtseXCb7%2FBU7%2FUffyQBfW8Sf5Zk2IiHM2MDrGdUR6ZF%2BbCW99FZxqdP55BqnPtx8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7518c9250be0b500-OSL
alt-svc: h2=":443"; ma=60
connect.facebook.net/signals/config/371373974792356?v=2.8.37&r=stable
157.240.200.14200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/371373974792356?v=2.8.37&r=stable
IP 157.240.200.14:0
GET /signals/config/371373974792356?v=2.8.37&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: sOQtGWFS251H/jxJlc6KxdfGf5Vr09tTkUT4xp5B+VJ/5SBULxNRJeJz+8NZPoO9WDbc87ukdlgcXjdnUKvHbQ==
priority: u=3,i
x-fb-trip-id: 1679558926
date: Wed, 28 Sep 2022 01:43:01 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
techxsv.com/intl_3/images/products/dronexpro/favicon.png
18.159.95.77404 Not Found 0 B URL HTTP/2 techxsv.com/intl_3/images/products/dronexpro/favicon.png
IP 18.159.95.77:0
GET /intl_3/images/products/dronexpro/favicon.png HTTP/1.1
Host: techxsv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rolewine.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 28 Sep 2022 01:43:01 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.0.13
set-cookie: PAGE_LANG=no; expires=Fri, 28-Oct-2022 01:43:01 GMT; Max-Age=2592000; path=/
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2