r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5474
Expires: Mon, 06 Feb 2023 17:07:51 GMT
Date: Mon, 06 Feb 2023 15:36:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8543
Expires: Mon, 06 Feb 2023 17:59:00 GMT
Date: Mon, 06 Feb 2023 15:36:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2844
Expires: Mon, 06 Feb 2023 16:24:01 GMT
Date: Mon, 06 Feb 2023 15:36:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 15:34:05 GMT
content-type: application/json
age: 152
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
xcis.mobixone.co.za/mtn-za/subscribe/omBl-0dJI-0Tfs-rUqi-rbPI-qBEl-9jiM-g13H/bigthinking/mtn-za/ZA/subscribe/L1OheDfklkWNarQ0QagmvFHm/bigthinking-sportsclub/sportscl263528/EMPTY/EMPTY/
52.18.240.76303 See Other 0 B URL HTTP/1.1 xcis.mobixone.co.za/mtn-za/subscribe/omBl-0dJI-0Tfs-rUqi-rbPI-qBEl-9jiM-g13H/bigthinking/mtn-za/ZA/subscribe/L1OheDfklkWNarQ0QagmvFHm/bigthinking-sportsclub/sportscl263528/EMPTY/EMPTY/
IP 52.18.240.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mtn-za/subscribe/omBl-0dJI-0Tfs-rUqi-rbPI-qBEl-9jiM-g13H/bigthinking/mtn-za/ZA/subscribe/L1OheDfklkWNarQ0QagmvFHm/bigthinking-sportsclub/sportscl263528/EMPTY/EMPTY/ HTTP/1.1
Host: xcis.mobixone.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Date: Mon, 06 Feb 2023 15:36:37 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Referrer-Policy: origin-when-cross-origin
Location: http://doi.mtndep.co.za/service/9094?ext_ref=TXNJpZbZs6pKYCg4
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dvEpmvt1qDNl9G+owsH0/qHCpbx1EiMlYEMmm+Bm7SuKytQp4VjDIpgejqZSOYuN06rOpqZROrU=
x-amz-request-id: G2RYDVM36QDAGKR6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 15:24:59 GMT
age: 698
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
doi.mtndep.co.za/service/9094?ext_ref=TXNJpZbZs6pKYCg4
54.246.197.15302 Found 202 B URL HTTP/1.1 doi.mtndep.co.za/service/9094?ext_ref=TXNJpZbZs6pKYCg4
IP 54.246.197.15:0
File type HTML document, ASCII text, with no line terminators
Hash 30e953a8bdaede150e77b364eb9ef2bc
d077e193abd7851980818c4f0e085f6a9432da22
61bddad8e47d59abaf253204bd88810f7a896c4372fe23c89e228566dd1c8802
GET /service/9094?ext_ref=TXNJpZbZs6pKYCg4 HTTP/1.1
Host: doi.mtndep.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 06 Feb 2023 15:36:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 202
Connection: keep-alive
Server: nginx/1.15.8
X-DNS-Prefetch-Control: off
X-Frame-Options: DENY
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Location: /service/9094?ext_ref=TXNJpZbZs6pKYCg4&rid=0b589ba0a63411edb3e4ada3aa83b02b
Vary: Accept
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:36:37 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 14:51:19 GMT
age: 2718
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15384
Expires: Mon, 06 Feb 2023 19:53:02 GMT
Date: Mon, 06 Feb 2023 15:36:38 GMT
Connection: keep-alive
doi.mtndep.co.za/service/9094?ext_ref=TXNJpZbZs6pKYCg4&rid=0b589ba0a63411edb3e4ada3aa83b02b
54.246.197.15200 OK 44 kB URL HTTP/1.1 doi.mtndep.co.za/service/9094?ext_ref=TXNJpZbZs6pKYCg4&rid=0b589ba0a63411edb3e4ada3aa83b02b
IP 54.246.197.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (62102)
Hash 0b04a2e78530b38b9a0d75d647a2dce8
056607700fdfa5424c268ecdee242b6eae6fd48b
589e1856b63b06d8f03d3f1c1c9b794e7622fc27b7b7fcb02eaf1205da1692b8
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3
GET /service/9094?ext_ref=TXNJpZbZs6pKYCg4&rid=0b589ba0a63411edb3e4ada3aa83b02b HTTP/1.1
Host: doi.mtndep.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 15:36:38 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.15.8
Vary: Accept-Encoding
X-DNS-Prefetch-Control: off
X-Frame-Options: DENY
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
ETag: W/"29952-MyXeOwlUYF2F5SJ348I/ahpisXo"
Content-Encoding: gzip
push.services.mozilla.com/
34.216.206.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.206.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GHDajk+sMcQhiERAiHFopg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RNcQ+UnxVrgwOI2ARPXG7nJFbgA=
doi.mtndep.co.za/css/wap_templates_20210518.min.css
54.246.197.15200 OK 2.6 kB URL HTTP/1.1 doi.mtndep.co.za/css/wap_templates_20210518.min.css
IP 54.246.197.15:0
File type assembler source, ASCII text
Hash 1a59d6ecc194c41870a8df1c5eca5872
01cadaa4626e4ad47d2597718b36789a22743d36
b57dc3041b37622b44e7fb6e269c197b79722a806070177cf4899b1f8295654d
GET /css/wap_templates_20210518.min.css HTTP/1.1
Host: doi.mtndep.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doi.mtndep.co.za/service/9094?ext_ref=TXNJpZbZs6pKYCg4&rid=0b589ba0a63411edb3e4ada3aa83b02b
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 15:36:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.15.8
Vary: Accept-Encoding
Last-Modified: Wed, 07 Dec 2022 18:09:39 GMT
ETag: W/"6390d6e3-2593"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' https://ui-api.dep.mtn.co.za; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com data: blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com https://dep.mtn.co.za http://doi.dep.mtn.co.za http://doi.mtndep.co.za data:; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'
Cache-Control: no-store
Pragma: no-cache
Expires: -1
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
doi.mtndep.co.za/img/mtn-logo.png
54.246.197.15200 OK 1.9 kB URL HTTP/1.1 doi.mtndep.co.za/img/mtn-logo.png
IP 54.246.197.15:0
File type PNG image data, 180 x 92, 8-bit colormap, non-interlaced\012- data
Hash 0dea7b732ecb857b6b67e1a93304d7ed
8e1bf1e3bd90ea4becfe7cd23d3646cb5f8adf78
349123710f9330be65bce7c718519d88f3d1bf51b5fa7f46a0c7402521762f0f
GET /img/mtn-logo.png HTTP/1.1
Host: doi.mtndep.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doi.mtndep.co.za/service/9094?ext_ref=TXNJpZbZs6pKYCg4&rid=0b589ba0a63411edb3e4ada3aa83b02b
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 15:36:38 GMT
Content-Type: image/png
Content-Length: 1933
Connection: keep-alive
Server: nginx/1.15.8
Last-Modified: Wed, 09 Mar 2022 18:05:31 GMT
ETag: "6228ec6b-78d"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' https://ui-api.dep.mtn.co.za; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com data: blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com https://dep.mtn.co.za http://doi.dep.mtn.co.za http://doi.mtndep.co.za data:; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'
Cache-Control: no-store
Pragma: no-cache
Expires: -1
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
web-zmd.secure-d.io/web/v1/content/view/Confirmation/za_mtn/AQ4z3kk1u2-uqedWsGA2HKXIJRoJ0yb4LguNCqLHI8n8CHFFcZ7jYZVJ-amknx4AvfX7
91.241.95.160200 51 B URL HTTP/1.1 web-zmd.secure-d.io/web/v1/content/view/Confirmation/za_mtn/AQ4z3kk1u2-uqedWsGA2HKXIJRoJ0yb4LguNCqLHI8n8CHFFcZ7jYZVJ-amknx4AvfX7
IP 91.241.95.160:0
ASN #49582 Upstream Telecommunications And Software Systems S.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 49cdc214849d5ced018d230677b14076
0e75513436e6b01963759f6a88282445ff2e5b3a
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675
GET /web/v1/content/view/Confirmation/za_mtn/AQ4z3kk1u2-uqedWsGA2HKXIJRoJ0yb4LguNCqLHI8n8CHFFcZ7jYZVJ-amknx4AvfX7 HTTP/1.1
Host: web-zmd.secure-d.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
HTTP/1.1 200
Date: Mon, 06 Feb 2023 15:36:38 GMT
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Pragma: no-cache
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 51
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Set-Cookie: TS01de573e=01b02e3e89121e5fb2e0efc842f9fed10b77f34a1066caffe90278e8bc7d4daf3b86f5c3f78c504946b36eb4b70c534a48e16cc7fe; Path=/; Domain=.web-zmd.secure-d.io
analytics-zmd.securewebfraud.io/web/v1/content/view/Confirmation/za_mtn/AQ4z3kk1u2-uqedWsGA2HKXIJRoJ0yb4LguNCqLHI8n8CHFFcZ7jYZVJ-amknx4AvfX7
91.241.94.108200 51 B URL HTTP/1.1 analytics-zmd.securewebfraud.io/web/v1/content/view/Confirmation/za_mtn/AQ4z3kk1u2-uqedWsGA2HKXIJRoJ0yb4LguNCqLHI8n8CHFFcZ7jYZVJ-amknx4AvfX7
IP 91.241.94.108:0
ASN #49582 Upstream Telecommunications And Software Systems S.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 49cdc214849d5ced018d230677b14076
0e75513436e6b01963759f6a88282445ff2e5b3a
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675
GET /web/v1/content/view/Confirmation/za_mtn/AQ4z3kk1u2-uqedWsGA2HKXIJRoJ0yb4LguNCqLHI8n8CHFFcZ7jYZVJ-amknx4AvfX7 HTTP/1.1
Host: analytics-zmd.securewebfraud.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
HTTP/1.1 200
Date: Mon, 06 Feb 2023 15:36:38 GMT
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Pragma: no-cache
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 51
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Set-Cookie: TS0178889e=01b02e3e89309bfd635e47f264c2e593e5919c0147cc6dedd22c8ecca3b4c8dd67c9921f924a3670a83c7215184a3375d288794e88; Path=/; Domain=.analytics-zmd.securewebfraud.io
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doi.mtndep.co.za/img/wifi-secure-d_66_3295_banner.png
54.246.197.15200 OK 50 kB URL HTTP/1.1 doi.mtndep.co.za/img/wifi-secure-d_66_3295_banner.png
IP 54.246.197.15:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x520, components 3\012- data
Hash 6400c1085c74b938e856ea0d6ffcce1a
27fa97f07c063fd0b96add7c267ed93a6cd26df0
fa276added784bafed8ab4c1b8a76d944e485a71bb86ab791e28684cf8f49c69
GET /img/wifi-secure-d_66_3295_banner.png HTTP/1.1
Host: doi.mtndep.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doi.mtndep.co.za/service/9094?ext_ref=TXNJpZbZs6pKYCg4&rid=0b589ba0a63411edb3e4ada3aa83b02b
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 15:36:38 GMT
Content-Type: image/png
Content-Length: 49860
Connection: keep-alive
Server: nginx/1.15.8
Last-Modified: Mon, 18 Jul 2022 12:26:05 GMT
ETag: "62d5515d-c2c4"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' https://ui-api.dep.mtn.co.za; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com data: blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com https://dep.mtn.co.za http://doi.dep.mtn.co.za http://doi.mtndep.co.za data:; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'
Cache-Control: no-store
Pragma: no-cache
Expires: -1
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
www.googletagmanager.com/gtm.js?id=GTM-NC3ZRGX
142.250.74.168200 OK 64 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NC3ZRGX
IP 142.250.74.168:0
File type ASCII text, with very long lines (11108)
Hash 8635d0233fddaf8207c4d7eb124c0c1e
ed3c15df4c0525e0fbc26b1a01e965173f49bde7
1384416a20ef10aebcb1905e8e791ceb87eea644ed067c9640482a3e66a4a05e
GET /gtm.js?id=GTM-NC3ZRGX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 15:36:38 GMT
expires: Mon, 06 Feb 2023 15:36:38 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 63646
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-KV7DF92
142.250.74.168200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KV7DF92
IP 142.250.74.168:0
File type ASCII text, with very long lines (25395)
Hash 02b0270315b47ba28ddc1d7a9332465c
4d7e60e43f016e2343a72ab2982c38bd9d530a75
a99cd726622149259bd29a47eaf498e4653ed3186ad97cbf81af299ba3f8ec95
GET /gtm.js?id=GTM-KV7DF92 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 15:36:38 GMT
expires: Mon, 06 Feb 2023 15:36:38 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79436
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
web-zmd.secure-d.io/api/v1/beacon/retrieve?secureSessionId=AQ4z3kk1u2-uqedWsGA2HKXIJRoJ0yb4LguNCqLHI8n8CHFFcZ7jYZVJ-amknx4AvfX7
91.241.95.160200 0 B URL HTTP/1.1 web-zmd.secure-d.io/api/v1/beacon/retrieve?secureSessionId=AQ4z3kk1u2-uqedWsGA2HKXIJRoJ0yb4LguNCqLHI8n8CHFFcZ7jYZVJ-amknx4AvfX7
IP 91.241.95.160:0
ASN #49582 Upstream Telecommunications And Software Systems S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/beacon/retrieve?secureSessionId=AQ4z3kk1u2-uqedWsGA2HKXIJRoJ0yb4LguNCqLHI8n8CHFFcZ7jYZVJ-amknx4AvfX7 HTTP/1.1
Host: web-zmd.secure-d.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://doi.mtndep.co.za
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
HTTP/1.1 200
Date: Mon, 06 Feb 2023 15:36:38 GMT
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Access-Control-Allow-Origin: *
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Set-Cookie: TS01de573e=01b02e3e8933a18a91385d0565c868853a6e66d55c7deb05584a753425c2f8bdeb304ad1fa9823d728df7d6e69d7091d639b30e8f6; Path=/; Domain=.web-zmd.secure-d.io
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 16a00010059b5807d3bc9183a12afe36
9db7a4959203fd4aad2fd5507d906b94d58a872e
3fedb9ff11e2b06dd50e1446a857dcd33f8caa2fefa62bc6ce8fc1af172965f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleoptimize.com/optimize.js?id=OPT-PJNJFRW
142.250.74.174200 OK 44 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-PJNJFRW
IP 142.250.74.174:0
File type ASCII text, with very long lines (1759)
Hash 5e24f89f3b99808e867b1929b5f760ae
50f4a2cd346fe26ba31d1e44b4183ffda5209616
efdaeb8ca681953b1b4f772a6486c7ae9b88e8c91cb7b9caac879e5e77d38f2c
GET /optimize.js?id=OPT-PJNJFRW HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 15:36:38 GMT
expires: Mon, 06 Feb 2023 15:36:38 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44265
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
10278135.fls.doubleclick.net/activityi;src=10278135;type=alp_ply0;cat=subbu0;ord=6727275381227;gtm=45He3210;auiddc=1965726423.1675697844;~oref=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b?
142.250.74.6200 OK 305 B URL HTTP/2 10278135.fls.doubleclick.net/activityi;src=10278135;type=alp_ply0;cat=subbu0;ord=6727275381227;gtm=45He3210;auiddc=1965726423.1675697844;~oref=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b?
IP 142.250.74.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (535), with no line terminators
Hash 34540d1882f159c01173eb2e59812387
ff9efefe550d2377974e51aa77b4a3bec30813d7
e161904e75d8a9dea9c310d60fa212ece847d4ef604583e01bd7a5d4ebc3e00b
GET /activityi;src=10278135;type=alp_ply0;cat=subbu0;ord=6727275381227;gtm=45He3210;auiddc=1965726423.1675697844;~oref=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b? HTTP/1.1
Host: 10278135.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 15:36:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 305
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 06-Feb-2023 15:51:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 6be8b2ce04295ae7f7d435162c43840a
0cb3e01e773a8205739c1947cc927f85c249d5e8
91c6569460931db4245c25b8130c4e2fe5e015d23e95709b46d438cc4d67a8c4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 15:36:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 10 Feb 2023 11:48:30 GMT
ETag: "0cb3e01e773a8205739c1947cc927f85c249d5e8"
Last-Modified: Mon, 06 Feb 2023 11:48:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1451
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7954f66aebbab523-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a1b0adb1c8292e353e84a56a163dddf0
e72fe20524a0cc1d6077eeef4445bd24cae46a60
d82c206adfc4b455e24ae565256cca03e48944af39dbbef0c704ddfc1cce501a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=10278135;type=alp_ply0;cat=subbu0;ord=6727275381227;gtm=45He3210;auiddc=1965726423.1675697844;~oref=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b
142.250.74.2200 OK 306 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10278135;type=alp_ply0;cat=subbu0;ord=6727275381227;gtm=45He3210;auiddc=1965726423.1675697844;~oref=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (534), with no line terminators
Hash 259e455bab90cfc160007c86187f22a7
a9412e51e53fe1e410727f9fcd20b6174cdc12ae
8b222a86aca4404607983bb5ebc1c87e2cb81a8970a096ee79d81bdef5f35ca6
GET /ddm/fls/i/src=10278135;type=alp_ply0;cat=subbu0;ord=6727275381227;gtm=45He3210;auiddc=1965726423.1675697844;~oref=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10278135.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 15:36:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 306
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=10278135;type=alp_ply0;cat=subbu0;ord=6727275381227;gtm=45He3210;auiddc=1965726423.1675697844;~oref=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b
142.250.74.34200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10278135;type=alp_ply0;cat=subbu0;ord=6727275381227;gtm=45He3210;auiddc=1965726423.1675697844;~oref=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=10278135;type=alp_ply0;cat=subbu0;ord=6727275381227;gtm=45He3210;auiddc=1965726423.1675697844;~oref=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 15:36:38 GMT
expires: Mon, 06 Feb 2023 15:36:38 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dtm-dre.platform.hicloud.com/download/web/dtm.js?id=DTM-ac1262027c6e10a2817cc06442e74a12
80.158.18.121200 OK 46 kB URL HTTP/1.1 dtm-dre.platform.hicloud.com/download/web/dtm.js?id=DTM-ac1262027c6e10a2817cc06442e74a12
IP 80.158.18.121:0
ASN #6878 T-Systems International GmbH
File type ASCII text, with very long lines (35529)
Hash bce218b4df08c591de540bf37521b472
9781daa63caa8c99c9b9b31b5e0f7d07112a6a2e
f78076c88dc1857960ecdcb0b9e32d22ec71921e25bfbbd4ea5285c33d8606c9
GET /download/web/dtm.js?id=DTM-ac1262027c6e10a2817cc06442e74a12 HTTP/1.1
Host: dtm-dre.platform.hicloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 15:36:31 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private,max-age=900
Content-Disposition: inline
X-XSS-Protection: 1; mode=block
X-frame-options: SAMEORIGIN
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: elb
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 06 Feb 2023 13:45:20 GMT
expires: Mon, 06 Feb 2023 15:45:20 GMT
cache-control: public, max-age=7200
age: 6679
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1c08839b04520623798a6d3752711147
535035b7350cf8a4324eb69ffda7dfaaa1a29918
5ddf0cfbfe95f4690768f8ca167dcdd47f0fa7c6d076cbee0bdb225bba697429
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6178
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:39 GMT
Last-Modified: Mon, 06 Feb 2023 13:53:41 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Mon, 06 Feb 2023 15:36:39 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-57Q9E221SZ&cid=1682399650.1675697844>m=45je3210&aip=1&z=991860162
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-57Q9E221SZ&cid=1682399650.1675697844>m=45je3210&aip=1&z=991860162
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-57Q9E221SZ&cid=1682399650.1675697844>m=45je3210&aip=1&z=991860162 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 15:36:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: oxrYEwaP29e1QzPwUwWJ8dnEtBzRTiSFDofxCrSnN01kW5LfdxR3G5e6MLEBtNkiOmkfz7gmty0IlLF/ntQG0A==
content-length: 27843
x-fb-trip-id: 1904183273
date: Mon, 06 Feb 2023 15:36:39 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j99&a=1362633245&t=pageview&_s=1&dl=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&ul=en-us&de=UTF-8&dt=17768%2CBigThinking%2CSportsclub%2CM%20by%20Mobixone%20(Pty)%20Ltd%20%7C%20MTN&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YCDAgEABQAAAAAgAI~&jid=1823910470&gjid=928616145&cid=1682399650.1675697844&tid=UA-11133282-52&_gid=1345235510.1675697845>m=45He3210n81NC3ZRGX&cd2=prod&cd3=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&cd4=2023-02-06T15%3A37%3A24.294%2B00%3A00&z=175985846
142.250.74.46200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j99&a=1362633245&t=pageview&_s=1&dl=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&ul=en-us&de=UTF-8&dt=17768%2CBigThinking%2CSportsclub%2CM%20by%20Mobixone%20(Pty)%20Ltd%20%7C%20MTN&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YCDAgEABQAAAAAgAI~&jid=1823910470&gjid=928616145&cid=1682399650.1675697844&tid=UA-11133282-52&_gid=1345235510.1675697845>m=45He3210n81NC3ZRGX&cd2=prod&cd3=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&cd4=2023-02-06T15%3A37%3A24.294%2B00%3A00&z=175985846
IP 142.250.74.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j99&a=1362633245&t=pageview&_s=1&dl=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&ul=en-us&de=UTF-8&dt=17768%2CBigThinking%2CSportsclub%2CM%20by%20Mobixone%20(Pty)%20Ltd%20%7C%20MTN&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YCDAgEABQAAAAAgAI~&jid=1823910470&gjid=928616145&cid=1682399650.1675697844&tid=UA-11133282-52&_gid=1345235510.1675697845>m=45He3210n81NC3ZRGX&cd2=prod&cd3=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&cd4=2023-02-06T15%3A37%3A24.294%2B00%3A00&z=175985846 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Mon, 06 Feb 2023 10:15:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 19257
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1c08839b04520623798a6d3752711147
535035b7350cf8a4324eb69ffda7dfaaa1a29918
5ddf0cfbfe95f4690768f8ca167dcdd47f0fa7c6d076cbee0bdb225bba697429
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6178
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:39 GMT
Last-Modified: Mon, 06 Feb 2023 13:53:41 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-11133282-52&cid=1682399650.1675697844&jid=1823910470&gjid=928616145&_gid=1345235510.1675697845&_u=YCDAgEABQAAAAEgAI~&z=743710364
64.233.161.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-11133282-52&cid=1682399650.1675697844&jid=1823910470&gjid=928616145&_gid=1345235510.1675697845&_u=YCDAgEABQAAAAEgAI~&z=743710364
IP 64.233.161.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-11133282-52&cid=1682399650.1675697844&jid=1823910470&gjid=928616145&_gid=1345235510.1675697845&_u=YCDAgEABQAAAAEgAI~&z=743710364 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://doi.mtndep.co.za
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://doi.mtndep.co.za
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Feb 2023 15:36:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 572620cb77de22225e0ca350d2ad6bed
5f2fba4ba9595cbec8b719afdf97c57b253495ed
d16deaf9eb1392e916247d6c6de5c619cee3edd22da50442179845b6c8a054ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5992
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:39 GMT
Last-Modified: Mon, 06 Feb 2023 13:56:47 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t.co/i/adsct?bci=3&eci=2&event_id=e77e158a-ba80-424d-ad6f-df68523ade0e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8a61121e-e677-4f34-b6c3-4df2e1a78d10&tw_document_href=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxkpr&type=javascript&version=2.3.29
104.244.42.197200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=e77e158a-ba80-424d-ad6f-df68523ade0e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8a61121e-e677-4f34-b6c3-4df2e1a78d10&tw_document_href=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxkpr&type=javascript&version=2.3.29
IP 104.244.42.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=e77e158a-ba80-424d-ad6f-df68523ade0e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8a61121e-e677-4f34-b6c3-4df2e1a78d10&tw_document_href=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxkpr&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 15:36:38 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=009de337-a0c9-4959-953c-992bc9b041e5; Max-Age=63072000; Expires=Wed, 05 Feb 2025 15:36:39 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 7444ddb0c6245381
strict-transport-security: max-age=0
x-response-time: 110
x-connection-hash: 000c3f2dd2cf61970c94924cfb8e5df2da8c7ca09bb0be6ffff67f0c136c0118
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11522
Expires: Mon, 06 Feb 2023 18:48:41 GMT
Date: Mon, 06 Feb 2023 15:36:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11522
Expires: Mon, 06 Feb 2023 18:48:41 GMT
Date: Mon, 06 Feb 2023 15:36:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11522
Expires: Mon, 06 Feb 2023 18:48:41 GMT
Date: Mon, 06 Feb 2023 15:36:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11522
Expires: Mon, 06 Feb 2023 18:48:41 GMT
Date: Mon, 06 Feb 2023 15:36:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 62745
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6107217bc206ebf204dfcf832cffc04
4f370e81106ef09ce9294eaa074ff6922197ded0
2cc25b8ddf56ceb274bd147d4e54f3fc386a97f984aa3a7bcc19f083fe68b94f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3943
x-amzn-requestid: 918fd8d6-0118-4548-9380-e3078577a876
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzWBtEdKoAMFwnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de03a4-6d8ffde860d89fbc513a20f9;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:05:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZRVPNp0hKlSBXYjgbVfF8MGqNMHCKF2T4fAqflvZz8z-Uy9bKR9HhA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 07:09:53 GMT
age: 30406
etag: "4f370e81106ef09ce9294eaa074ff6922197ded0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c0c18b789b296a2b3cc9adb04c94e6f7
a0fa241f813c414178f5dffd30d5c2b82d16669b
95ec61ae9d1384fdbcee256ec441d6db4e3243ed3f8e1801b3607ce3c2e1e3f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 000cb25b2cb4fa30ce745582dafbab99
a5227f79e64bcab8d8f03822e6d408400a03a23e
7f6a2a99bff95672d34b41489d0dd1132ab8654b745e728e15ed95e987b7ed62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10582
x-amzn-requestid: e18bacd8-6d0e-4957-93ab-97def7442f8c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okSFKKIAMFlUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214e-05486d9b283cedc008cba781;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: p1ToWLG__PFWEMRxlPZcouvOTijPoUcMr7ubDCNcy2wMwgusbBjGPA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:34 GMT
etag: "a5227f79e64bcab8d8f03822e6d408400a03a23e"
content-type: image/jpeg
age: 62585
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0f48a44e1aece8d271028a7b0684cac
9f7247a3bb9248cd281c568ebba6e52b38b00149
0a34b5dc66f170403e79b2315a7cacef1703ce3777a20914525f86d46c0cd637
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11481
x-amzn-requestid: b50de2d1-c23b-4908-8fc3-e84eea0382a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRFL-oAMFnSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-0254cda141886e0f39e8f8b3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KIJ6iTpVC0gVV6Q0dd_-ZTWkwm3q0vP52N3088Rd7O9pb8D39XfnBg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:55:31 GMT
age: 63668
etag: "9f7247a3bb9248cd281c568ebba6e52b38b00149"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dbe304b5138a360ff07a9842bcf6a7f
00572f7667e322c9ef34bc35b7998c1c172dd34c
d63c58d6c96e23c61b92272de8c2aab01f4cf85f3420cc434c05447d355b1c77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9108
x-amzn-requestid: a3bffa19-86ce-4a59-b826-551deddb3e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fostZG2xIAMF0wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9c188-18acd7311c6190c9486e86ac;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 01:34:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oTDUyAr6LGDkH6Q8QCyx0Rc-wCE-fh5sEfjFm5jheeApNuv7VLh4Ow==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:45:42 GMT
age: 64257
etag: "00572f7667e322c9ef34bc35b7998c1c172dd34c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 5dbf37a16b69ce482c9b2562b388a439
632c650fe69062d62a54af8c03f2360ac95f0388
005e07c64ace48c6068bb02a11469e2a6bda16b7db86cdcb26a7e29d18abb98c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 753
Cache-Control: max-age=160271
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:36:39 GMT
Etag: "63e0eaa5-13a"
Expires: Wed, 08 Feb 2023 12:07:50 GMT
Last-Modified: Mon, 06 Feb 2023 11:55:17 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11133282-52&cid=1682399650.1675697844&jid=1823910470&_u=YCDAgEABQAAAAEgAI~&z=1049388536
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11133282-52&cid=1682399650.1675697844&jid=1823910470&_u=YCDAgEABQAAAAEgAI~&z=1049388536
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11133282-52&cid=1682399650.1675697844&jid=1823910470&_u=YCDAgEABQAAAAEgAI~&z=1049388536 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 15:36:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11133282-52&cid=1682399650.1675697844&jid=1229807816&_u=YCDAAEABQAAAAGgAI~&z=1595489700
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11133282-52&cid=1682399650.1675697844&jid=1229807816&_u=YCDAAEABQAAAAGgAI~&z=1595489700
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11133282-52&cid=1682399650.1675697844&jid=1229807816&_u=YCDAAEABQAAAAGgAI~&z=1595489700 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 15:36:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=544558509536440&ev=PageView&dl=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&rl=&if=false&ts=1675697845004&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.2.1675697845003.75388659&it=1675697844668&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=544558509536440&ev=PageView&dl=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&rl=&if=false&ts=1675697845004&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.2.1675697845003.75388659&it=1675697844668&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=544558509536440&ev=PageView&dl=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&rl=&if=false&ts=1675697845004&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.2.1675697845003.75388659&it=1675697844668&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 06 Feb 2023 15:36:39 GMT
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-57Q9E221SZ>m=45je3210&_p=1362633245&_gaz=1&ul=&cid=1682399650.1675697844&sr=1280x1024&uaW=1&_s=1&dl=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&sid=1675697844&sct=1&seg=0&dt=17768%2CBigThinking%2CSportsclub%2CM%20by%20Mobixone%20(Pty)%20Ltd%20%7C%20MTN&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_debug_mode=false&ep.timestamp=2023-02-06T15%3A37%3A24.285%2B00%3A00&ep.gtm_version=11&ep.environment=prod&ep.data_template=wifi-secure-d&ep.data_playcategory=Entertainment&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-57Q9E221SZ>m=45je3210&_p=1362633245&_gaz=1&ul=&cid=1682399650.1675697844&sr=1280x1024&uaW=1&_s=1&dl=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&sid=1675697844&sct=1&seg=0&dt=17768%2CBigThinking%2CSportsclub%2CM%20by%20Mobixone%20(Pty)%20Ltd%20%7C%20MTN&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_debug_mode=false&ep.timestamp=2023-02-06T15%3A37%3A24.285%2B00%3A00&ep.gtm_version=11&ep.environment=prod&ep.data_template=wifi-secure-d&ep.data_playcategory=Entertainment&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-57Q9E221SZ>m=45je3210&_p=1362633245&_gaz=1&ul=&cid=1682399650.1675697844&sr=1280x1024&uaW=1&_s=1&dl=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&sid=1675697844&sct=1&seg=0&dt=17768%2CBigThinking%2CSportsclub%2CM%20by%20Mobixone%20(Pty)%20Ltd%20%7C%20MTN&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_debug_mode=false&ep.timestamp=2023-02-06T15%3A37%3A24.285%2B00%3A00&ep.gtm_version=11&ep.environment=prod&ep.data_template=wifi-secure-d&ep.data_playcategory=Entertainment&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://doi.mtndep.co.za
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://doi.mtndep.co.za
date: Mon, 06 Feb 2023 15:36:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e77e158a-ba80-424d-ad6f-df68523ade0e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8a61121e-e677-4f34-b6c3-4df2e1a78d10&tw_document_href=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxkpr&type=javascript&version=2.3.29
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e77e158a-ba80-424d-ad6f-df68523ade0e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8a61121e-e677-4f34-b6c3-4df2e1a78d10&tw_document_href=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxkpr&type=javascript&version=2.3.29
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=e77e158a-ba80-424d-ad6f-df68523ade0e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8a61121e-e677-4f34-b6c3-4df2e1a78d10&tw_document_href=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9094%3Fext_ref%3DTXNJpZbZs6pKYCg4%26rid%3D0b589ba0a63411edb3e4ada3aa83b02b&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxkpr&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 15:36:39 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_A5FDOt7aHN1e4nA62pziOQ=="; Max-Age=63072000; Expires=Wed, 05 Feb 2025 15:36:39 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 204180d162bb6a0e
strict-transport-security: max-age=631138519
x-response-time: 111
x-connection-hash: 123400fc56ac875698b7f4646320669584d2f7fe013db739f7b60f2ff94b84a1
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad2298793399bf73c51c7d60952065c1
816bd4c36ceea2c46489ae72fde0b4a94c7c4bef
dc540d64e5e0835c7007e89ca3b5dd620b43a87e13309f323f3843a5f908a199
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8649
x-amzn-requestid: f85f3c9d-95c1-4db6-af5f-595070fe46c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHzboAMFQCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-6eed72bf20887cac6dc1a56a;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z7HTSLYJmhfIGlCjeG2EeN3q2Cd9vKlq71nqo3iIuhwkgwlEAlRPmQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:51:02 GMT
age: 63944
etag: "816bd4c36ceea2c46489ae72fde0b4a94c7c4bef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2