urlquery - report: bbtl-glo.localsearchdrs.com/t/clk

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
admoustache.go2affise.com (1)	84756	2017-05-04 20:13:42 UTC	2022-09-27 04:52:31 UTC	34.91.27.112
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-09-27 04:13:22 UTC	143.204.55.35
go.monetizer.mobi (5)	0	2016-04-21 22:02:55 UTC	2022-09-27 05:00:08 UTC	198.143.165.221	Unknown ranking
www.wewillserv.com (4)	277919	2022-01-13 13:49:54 UTC	2022-09-27 04:52:31 UTC	51.68.85.158
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-09-27 05:14:54 UTC	35.163.147.190
so-glo.yoptv33.com (1)	0	2022-06-02 19:12:53 UTC	2022-09-27 01:06:06 UTC	52.58.131.39	Unknown ranking
img-getpocket.cdn.mozilla.net (5)	1631	2017-09-01 03:40:57 UTC	2022-09-27 04:53:17 UTC	34.120.237.76
ocsp.godaddy.com (1)	698	2012-05-20 19:28:57 UTC	2022-09-26 04:29:02 UTC	192.124.249.22
r3.o.lencr.org (6)	344	2020-12-02 08:52:13 UTC	2022-09-27 04:12:16 UTC	23.36.76.226
firefox.settings.services.mozilla.com (2)	867	2020-05-28 17:26:30 UTC	2022-09-27 05:44:40 UTC	143.204.55.27
ocsp.sca1b.amazontrust.com (1)	1015	2017-03-03 15:20:51 UTC	2019-03-27 04:05:54 UTC	143.204.42.156
ad.marootrack.co (1)	0	2022-03-13 12:22:16 UTC	2022-09-27 05:29:06 UTC	65.60.58.179	Unknown ranking
cdn.addlnk.com (1)	246074	2020-10-20 09:38:38 UTC	2022-09-26 13:40:15 UTC	172.67.191.221
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-09-27 04:52:33 UTC	34.117.237.239
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-09-27 04:15:00 UTC	93.184.220.29
myofferplus.com (1)	0	2016-05-08 22:20:02 UTC	2022-09-26 16:52:28 UTC	104.21.24.76	Unknown ranking
bbtl-glo.localsearchdrs.com (1)	0	2022-06-03 08:29:24 UTC	2022-09-26 08:04:05 UTC	3.64.246.59	Unknown ranking
ocsp.sectigo.com (1)	487	2018-12-17 11:31:55 UTC	2022-09-27 05:02:33 UTC	104.18.32.68
track.gositego.live (1)	0	2022-06-03 05:04:05 UTC	2022-09-27 01:06:09 UTC	34.141.179.97	Unknown ranking

Scan Date	Severity	Indicator	Comment
2022-09-27	2	bbtl-glo.localsearchdrs.com/t/clk	Malware
2022-09-27	2	ad.marootrack.co/sw.js?v=1654466343142	Malware

Date	UQ / IDS / BL	URL	IP
2022-10-08 15:29:14 +0000	0 - 0 - 3	rmut-glo.passionsearchnews.com/t/clk?id=qk49u (...)	52.58.131.39
2022-10-08 04:55:17 +0000	0 - 0 - 4	rmut-glo.passionsearchnews.com/t/clk	52.58.131.39
2022-10-08 02:30:39 +0000	0 - 0 - 2	rmut-glo.passionsearchnews.com/t/clk?id=qk49u (...)	52.58.131.39
2022-10-07 05:04:20 +0000	0 - 0 - 1	lltl-glo.usethisprice.com/t/clk	52.58.131.39
2022-10-06 12:58:27 +0000	0 - 0 - 1	rmut-glo.azurservers.com/t/clk	52.58.131.39

Date	UQ / IDS / BL	URL	IP
2023-02-05 13:41:54 +0000	0 - 1 - 2	www.shbet9999.net/	18.142.133.74
2023-02-05 13:41:47 +0000	0 - 0 - 4	ww25.rbill.netflix.com-bmtwsoavoi.gilliamdent (...)	199.59.243.222
2023-02-05 13:40:26 +0000	0 - 0 - 2	www.advancedmmd.com/ur5k/?Is2Nty7G=sl2UM6wz4u (...)	199.59.243.222
2023-02-05 13:39:43 +0000	0 - 0 - 1	52.218.85.59/	52.218.85.59
2023-02-05 13:35:40 +0000	0 - 2 - 0	dlcf.reaper.fm/6.x/reaper675-install.exe	54.230.111.43

Date	UQ / IDS / BL	URL	IP
2022-09-27 08:04:20 +0000	0 - 0 - 2	bbtl-glo.localsearchdrs.com/t/clk	52.58.131.39

Date	UQ / IDS / BL	URL	IP
2023-02-04 22:49:17 +0000	0 - 0 - 2	m511.store/rd/c101OChHS878pxYI364Myr22656pbgs9	84.54.23.14
2023-02-03 19:16:33 +0000	0 - 0 - 1	youroopportuniity.info/cl/1275_md/77/144/6/22 (...)	77.48.28.244
2023-02-03 19:15:49 +0000	0 - 0 - 1	www.escuela.emprendeconproposito.es/m9BvJcbbb (...)	62.76.228.2
2023-02-03 05:03:19 +0000	0 - 0 - 1	khanavilas.co.uk/cl/615673_md/8/11448/8241/11 (...)	49.12.246.42
2023-02-01 22:30:10 +0000	0 - 0 - 2	522bb63ec418897623b0122e.nmbl.app/api/v1/mess (...)	104.26.1.208

Request	Response
GET /t/clk HTTP/1.1 Host: bbtl-glo.localsearchdrs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: bbtl-glo.localsearchdrs.com/t/clk FQDN: bbtl-glo.localsearchdrs.com IP: 3.64.246.59 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.64.246.59 HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Date: Tue, 27 Sep 2022 08:04:09 GMT Content-Length: 0 Connection: keep-alive Server: nginx/1.12.2 Location: https://so-glo.yoptv33.com/t/clk?id=DQqT5fxjrUGKRmCl&rl=Dkxpn&rcode=R09&rseq=R09,R99,R98 Vary: Cookie, Origin --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1" Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5345 Expires: Tue, 27 Sep 2022 09:33:14 GMT Date: Tue, 27 Sep 2022 08:04:09 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d2560f62890e75b8de444fed96c22f52 Sha1: 334ce0c48e606ee029f31eeb1463af87b1024bb9 Sha256: 4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Tue, 27 Sep 2022 07:15:30 GMT X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: xwlMne8chWXRzzoH6sWDIF21Zh812lD6yjUIVK078uNsEzDtcRKpjQ== Age: 2919 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 2d12f67fe57a87e7366b662d153a5582 Sha1: d7b02d81cc74f24a251d9363e0f4b0a149264ec1 Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.35 HASH: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770 143.204.55.35 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 date: Mon, 26 Sep 2022 09:17:07 GMT last-modified: Sat, 10 Sep 2022 18:47:45 GMT etag: "6113f8408c59aebe188d6af273b90743" content-disposition: attachment accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 5SFSmc25xgQvkOqxlFCU4z9eDeYLt8KsAtfHJ8bniwI_7eSeJwT0RQ== age: 82024 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 6113f8408c59aebe188d6af273b90743 Sha1: 7398873bf00f99944eaa77ad3ebc0d43c23dba6b Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 27 Sep 2022 08:04:10 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.156 HASH: 4465f1d030be739d1f111b6c3811c2925997dd20e330c7e41abe3d69f1c4226a 143.204.42.156 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Cache-Control: 'max-age=158059' Date: Tue, 27 Sep 2022 08:04:10 GMT Server: ECS (dcb/7F18) X-Cache: Miss from cloudfront Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: mJ5NGztOYEc7JDogqbC63BofZLQXl6xNo5SPCn-qa5hhS6Px15gu9w== --- Additional Info --- Magic: data Size: 471 Md5: 53a9e2273b299b9f4b72749b85699599 Sha1: 5e55ec2164eb8fea16d96731c6a4cc93e8094ad2 Sha256: 4465f1d030be739d1f111b6c3811c2925997dd20e330c7e41abe3d69f1c4226a
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600, max-age=3600 Date: Tue, 27 Sep 2022 07:10:46 GMT Expires: Tue, 27 Sep 2022 07:38:30 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: Bk72vK8sQlAe67xrV_Rmk-CPxgT7Rd3yZzigM6r1ddwZRN4DRnq6dA== Age: 3204 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4537 Cache-Control: 'max-age=158059' Date: Tue, 27 Sep 2022 08:04:10 GMT Last-Modified: Tue, 27 Sep 2022 06:48:33 GMT Server: ECS (ska/F710) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 5adb7eb1d103eadeeafac36e663ffdd3 Sha1: 23b784388dd634fa736cd60aed71570661e73d02 Sha256: 5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 8hV9Qea1Rw1ifvh/gkzFNQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.163.147.190 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.163.147.190 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: uYNkmtB7knRW5cgdbDqkAcruBek= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/clk?id=DQqT5fxjrUGKRmCl&rl=Dkxpn&rcode=R09&rseq=R09,R99,R98 HTTP/1.1 Host: so-glo.yoptv33.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: so-glo.yoptv33.com/t/clk?id=DQqT5fxjrUGKRmCl&rl=Dkxpn&r (...) FQDN: so-glo.yoptv33.com IP: 52.58.131.39 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.58.131.39 HTTP/2 302 Found content-type: text/html; charset=utf-8 date: Tue, 27 Sep 2022 08:04:11 GMT content-length: 0 location: https://go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=1&cid=44ba91ca-c0e7-475e-a1b3-5e46c8693f86 server: nginx/1.12.2 cache-control: no-transform x-frame-options: SAMEORIGIN vary: Cookie, Origin set-cookie: uip="[\"7Pzxmv\"\054 {\"7lDMw\": \"lpRgzOm\"}]:1od5Zb:FixMcX_A87daTXYmK2MGukmSv5c"; expires=Thu, 27 Oct 2022 08:04:11 GMT; Max-Age=2592000; Path=/ ydt_69a756d9a2a44370a5365f82fbdfa6e5="[\"44ba91ca-c0e7-475e-a1b3-5e46c8693f86\"]:1od5Zb:Mqfj_UgNG6sQ0VAmhRIF0WMCv04"; expires=Thu, 27 Oct 2022 10:04:11 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41" Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5040 Expires: Tue, 27 Sep 2022 09:28:12 GMT Date: Tue, 27 Sep 2022 08:04:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 639785692dc29802e484e1e1d0ec86c4 Sha1: cf81784351ce6302f540f491f893b44496809677 Sha256: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41" Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5040 Expires: Tue, 27 Sep 2022 09:28:12 GMT Date: Tue, 27 Sep 2022 08:04:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 639785692dc29802e484e1e1d0ec86c4 Sha1: cf81784351ce6302f540f491f893b44496809677 Sha256: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41" Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5040 Expires: Tue, 27 Sep 2022 09:28:12 GMT Date: Tue, 27 Sep 2022 08:04:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 639785692dc29802e484e1e1d0ec86c4 Sha1: cf81784351ce6302f540f491f893b44496809677 Sha256: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41" Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5040 Expires: Tue, 27 Sep 2022 09:28:12 GMT Date: Tue, 27 Sep 2022 08:04:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 639785692dc29802e484e1e1d0ec86c4 Sha1: cf81784351ce6302f540f491f893b44496809677 Sha256: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41" Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5040 Expires: Tue, 27 Sep 2022 09:28:12 GMT Date: Tue, 27 Sep 2022 08:04:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 639785692dc29802e484e1e1d0ec86c4 Sha1: cf81784351ce6302f540f491f893b44496809677 Sha256: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6390 x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZGFJ6Gc_oAMF44g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0 x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Tue, 27 Sep 2022 01:37:50 GMT age: 23182 etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6390 Md5: 14218a43c5e5bbce546735a780c8ccce Sha1: 61676358cdbb2373bc644e66f8a84fbc8cc5daf6 Sha256: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /?utm_term=7147967401911386184&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b180b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b83 HTTP/1.1 Host: go.monetizer.mobi User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=1&cid=44ba91ca-c0e7-475e-a1b3-5e46c8693f86 Cookie: u=d420f9a58e2a5f0ab2b63b7bc6952280 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers	URL: go.monetizer.mobi/?utm_term=7147967401911386184&ver=4vi (...) FQDN: go.monetizer.mobi IP: 198.143.165.221 HASH: 2d97f630b04fd176d6ee1107d733b404294359ea5adbea2dd7852faae7575baf 198.143.165.221 HTTP/2 200 OK content-type: text/html; charset=utf-8 server: nginx date: Tue, 27 Sep 2022 08:04:12 GMT vary: Accept-Encoding x-powered-by: PHP/8.1.9 cache-control: no-store, no-cache, must-revalidate, max-age=0 pragma: no-cache expires: Thu, 01 Jan 1970 00:00:00 GMT strict-transport-security: max-age=31536000; includeSubdomains; content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 10872 Md5: 5602d09d6724175e26f3b057de837a43 Sha1: 1787bcf6d1d32e3f0077b8f5e803f7eba99baab3 Sha256: 2d97f630b04fd176d6ee1107d733b404294359ea5adbea2dd7852faae7575baf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9163 x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZFlKpEZrIAMFS1Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0 x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google date: Mon, 26 Sep 2022 21:39:07 GMT age: 37505 etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9163 Md5: deb8d1e3b6d7fbc8c8ba478269621676 Sha1: 84f5a4c8b38acde814bc790e5b514347718d5bb9 Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4c2184b8150834adf1e9ec807f3175b6fcd574920a98c857db2cfb01b78da2fe 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7701 x-amzn-requestid: 63bfd7b5-f18e-4396-99a8-fb24dee1ee0c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZGCmmGswoAMF2zg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63324af6-04fa1b18525182b7213f844c;Sampled=0 x-amzn-remapped-date: Tue, 27 Sep 2022 00:59:34 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: DiTKUZCtnzzWsLnaX07RzIFfcP2_SiKqzETIMe3RoXWnQOBaB8BhmQ== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google date: Tue, 27 Sep 2022 01:05:14 GMT age: 25138 etag: "2f7876bd0e4b52aa04ccf1c2a45359156eaefb97" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7701 Md5: 9ff2dbdbf6d450f0d9774777b3c5aa6e Sha1: 2f7876bd0e4b52aa04ccf1c2a45359156eaefb97 Sha256: 4c2184b8150834adf1e9ec807f3175b6fcd574920a98c857db2cfb01b78da2fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334b6513-7266-4f03-aae2-328c1b58a30e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 668dba22a0c81c4580637806c293521b176512b18ebcc2fe951be2f27f43134d 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10864 x-amzn-requestid: 104fb4b4-d1cc-47ee-9cc2-9b61e235d43f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y4e41GJUoAMFs6A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632cde9e-55cda4c12c907e8d74ec9730;Sampled=0 x-amzn-remapped-date: Thu, 22 Sep 2022 22:15:58 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: W7NFcpiPV1dBHdWeQnhlOwWtNQ6-opRHWo6U49ECaRYDjyRNbVx9KQ== via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google date: Tue, 27 Sep 2022 07:52:35 GMT age: 697 etag: "2a2fabd9f9792daf9c058fc754d5616267b703f1" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10864 Md5: 56c3768b851e6a5206cbfbe3f5a97cae Sha1: 2a2fabd9f9792daf9c058fc754d5616267b703f1 Sha256: 668dba22a0c81c4580637806c293521b176512b18ebcc2fe951be2f27f43134d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5319 x-amzn-requestid: 74191b02-ebea-48bd-8522-f05bf8080f31 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZFlOKFtsIAMFyGQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63321bf4-1f2daa9d7906bf9812e10953;Sampled=0 x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:00 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: Y0gjPs-l9_JD9F-LSH_i1uL2Nz0UcWCG-9PmDmRH8cN_cNAeSchJTA== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google date: Mon, 26 Sep 2022 21:39:00 GMT etag: "75df3341e30281fcbf78c7074980356fdf0be8e2" age: 37512 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5319 Md5: 46e31aa06b8e86a9a5f9ba1cc3feca08 Sha1: 75df3341e30281fcbf78c7074980356fdf0be8e2 Sha256: d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
GET /favicon.ico HTTP/1.1 Host: go.monetizer.mobi User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://go.monetizer.mobi/?utm_term=7147967401911386184&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b180b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b83 Cookie: u=d420f9a58e2a5f0ab2b63b7bc6952280 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: go.monetizer.mobi/favicon.ico FQDN: go.monetizer.mobi IP: 198.143.165.221 HASH: b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc 198.143.165.221 HTTP/2 200 OK content-type: image/x-icon server: nginx date: Tue, 27 Sep 2022 08:04:12 GMT content-length: 1150 last-modified: Wed, 31 Jul 2019 07:48:51 GMT etag: "5d4147e3-47e" expires: Wed, 28 Sep 2022 08:04:12 GMT cache-control: max-age=86400 strict-transport-security: max-age=31536000; includeSubdomains; accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size: 1150 Md5: 91abe01116ab422c598e9c8af72cf4da Sha1: 0f2815fe8e067d48537ad168225ab4674271fa27 Sha256: b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
GET /sw.js?v=1664265850054 HTTP/1.1 Host: go.monetizer.mobi User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Cookie: u=d420f9a58e2a5f0ab2b63b7bc6952280 Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	URL: go.monetizer.mobi/sw.js?v=1664265850054 FQDN: go.monetizer.mobi IP: 198.143.165.221 HASH: 70d55f6e4bab19ae4b3cc61642e88a78a599b060c72d10c15c5f937e34305ee9 198.143.165.221 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 27 Sep 2022 08:04:12 GMT content-length: 775 last-modified: Fri, 23 Sep 2022 11:12:42 GMT vary: Accept-Encoding etag: "632d94aa-307" content-encoding: gzip content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline'; X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 775 Md5: de06f24ba6d6b0c514015a9847dace54 Sha1: c9662e4339d4f72af3526b21d4d6d68df21b0ba9 Sha256: 70d55f6e4bab19ae4b3cc61642e88a78a599b060c72d10c15c5f937e34305ee9
GET /?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7147967401911386184&website=797-403c551a&placement=797&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84 HTTP/1.1 Host: www.wewillserv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://go.monetizer.mobi/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2 (...) FQDN: www.wewillserv.com IP: 51.68.85.158 HASH: 7076a509a71c0b13b93ac911a7b5dc09edd6f6a5338c8a81f99a531188fe9181 51.68.85.158 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 27 Sep 2022 08:04:12 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-transform --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3751) Size: 5152 Md5: 17251a77824c897a4996aa0bede2d9d3 Sha1: 95b63ef123bce7c4a3c6d636046a20f8bb40f1b1 Sha256: 7076a509a71c0b13b93ac911a7b5dc09edd6f6a5338c8a81f99a531188fe9181
GET /?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7147967401911386184&website=797-403c551a&placement=797&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=07512066c3a403ae84888da54d0e6b92&eyer=0.3066486278977334&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=go.monetizer.mobi HTTP/1.1 Host: www.wewillserv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin	URL: www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2 (...) FQDN: www.wewillserv.com IP: 51.68.85.158 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 51.68.85.158 HTTP/1.1 302 Found Date: Tue, 27 Sep 2022 08:04:12 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-transform Location: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7147967401911386184&website=797-403c551a&placement=797&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=3&eyer=0.3066486278977334&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=go.monetizer.mobi --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7147967401911386184&website=797-403c551a&placement=797&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=3&eyer=0.3066486278977334&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=go.monetizer.mobi HTTP/1.1 Host: www.wewillserv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin	URL: www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2 (...) FQDN: www.wewillserv.com IP: 51.68.85.158 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 51.68.85.158 HTTP/1.1 302 Found Date: Tue, 27 Sep 2022 08:04:12 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-transform Location: https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=3300070d045f8c81a9f241f73638b4af141630927-202209-flb5467509-4538fM7147967401911386184sl_5467509-4538f8c96485cf633ebf3cc9a185e21e679ee16f9f5ef797-403c551a797 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1 Host: www.wewillserv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.wewillserv.com/favicon.ico FQDN: www.wewillserv.com IP: 51.68.85.158 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 51.68.85.158 HTTP/1.1 204 No Content Server: openresty Date: Tue, 27 Sep 2022 08:04:12 GMT Connection: keep-alive --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.godaddy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 75 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.godaddy.com/ FQDN: ocsp.godaddy.com IP: 192.124.249.22 HASH: 0d8438abd1a634d426bf658f2a5f383cfdbab8b6b12a37885895166d8328c7da 192.124.249.22 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Sucuri/Cloudproxy Date: Tue, 27 Sep 2022 08:04:12 GMT Content-Length: 1777 Connection: keep-alive X-Sucuri-ID: 19022 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Mon, 26 Sep 2022 23:43:15 GMT Expires: Tue, 27 Sep 2022 23:43:15 GMT ETag: "49b873c2bff6f2eba87397c2ba244b04b3c317eb" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA" --- Additional Info --- Magic: data Size: 1777 Md5: 98917b3482df1fb9b63778a65d8de247 Sha1: 49b873c2bff6f2eba87397c2ba244b04b3c317eb Sha256: 0d8438abd1a634d426bf658f2a5f383cfdbab8b6b12a37885895166d8328c7da
GET /sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=3300070d045f8c81a9f241f73638b4af141630927-202209-flb5467509-4538fM7147967401911386184sl_5467509-4538f8c96485cf633ebf3cc9a185e21e679ee16f9f5ef797-403c551a797 HTTP/1.1 Host: admoustache.go2affise.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: afclick=63328366af91a700014a254e Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6 (...) FQDN: admoustache.go2affise.com IP: 34.91.27.112 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 34.91.27.112 HTTP/2 302 Found server: nginx date: Tue, 27 Sep 2022 08:04:13 GMT content-length: 0 location: https://myofferplus.com/rc/a91581ead4?affclick=6332ae7da00dbc000180203d&pubid=503 set-cookie: afclick=6332ae7da00dbc000180203d; expires=Wed, 27 Sep 2023 08:04:13 GMT; secure; SameSite=None access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rc/a91581ead4?affclick=6332ae7da00dbc000180203d&pubid=503 HTTP/1.1 Host: myofferplus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: AWSALB=LMmEf+FFaAzsaEqg7SGweSl5Fi6tyaakNnnbIkyQwr7D+6a/eFoW/qTPCWSu9Rd56pf7kYrKAeO/wQI8DOXdwRMYm1YofE4FwZX2Vk3FAnkFbmnX6254arylQFCg Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: myofferplus.com/rc/a91581ead4?affclick=6332ae7da00dbc00 (...) FQDN: myofferplus.com IP: 104.21.24.76 HASH: e6aaa1eb5a368ca4818df779981425f03abe28cceefe2e9d49ae49a124d84119 104.21.24.76 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Tue, 27 Sep 2022 08:04:13 GMT set-cookie: AWSALB=/9b/8RBJ4QhbEGqem6D5+Y355V8K7lC0Lm5/9cC4JK17LDuXECu6tawGE0DJzx//IhDN62zUR/11YFORhC+Ixb5wxie3BCuzspZBdItUWT4FpZD+UzDnouPkXN2Q; Expires=Tue, 04 Oct 2022 08:04:13 GMT; Path=/ AWSALBCORS=/9b/8RBJ4QhbEGqem6D5+Y355V8K7lC0Lm5/9cC4JK17LDuXECu6tawGE0DJzx//IhDN62zUR/11YFORhC+Ixb5wxie3BCuzspZBdItUWT4FpZD+UzDnouPkXN2Q; Expires=Tue, 04 Oct 2022 08:04:13 GMT; Path=/; SameSite=None vary: Accept-Encoding, Accept-Language, Cookie content-language: en cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6kw9GqkRLyEADLht0mFw4Xl35kIVd1C%2B%2F9EuxJeKFOIwZp2j3AJjr6DYOGNqU15FlDFwIftVhtUPSHza6rvUTm2Gn%2FK3UKPXEkyAOSeh%2FUqx4ZOo2L5BWixsKqYEVQ6eBE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7512ba2de8680b39-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 541 Md5: 64c865527649abc08d78e9ff135af14f Sha1: 35e3a352fc9bbd91637d0e2d8dd399100547429f Sha256: e6aaa1eb5a368ca4818df779981425f03abe28cceefe2e9d49ae49a124d84119
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 2482c0c2c56d26d8c0d1fe12306fe844aecf06f8f0764cad3830dce9ab9bb9b9 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 27 Sep 2022 08:04:13 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 24 Sep 2022 15:34:05 GMT Expires: Sat, 01 Oct 2022 15:34:04 GMT Etag: "1b57ca2f86f1dc79909eb7f5815b99bf6b70b8eb" Cache-Control: max-age=371990,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7512ba302c90b512-OSL --- Additional Info --- Magic: data Size: 471 Md5: b9602d1366474983dad2660731a5703f Sha1: 1b57ca2f86f1dc79909eb7f5815b99bf6b70b8eb Sha256: 2482c0c2c56d26d8c0d1fe12306fe844aecf06f8f0764cad3830dce9ab9bb9b9
GET /sl?id=62dfc1354b8cd38db57f7466&pid=930&sub1=pub3d5c190a962c44648be121c943e6b146&sub2=81b90edf_503 HTTP/1.1 Host: track.gositego.live User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://myofferplus.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: track.gositego.live/sl?id=62dfc1354b8cd38db57f7466&pid= (...) FQDN: track.gositego.live IP: 34.141.179.97 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 34.141.179.97 HTTP/2 302 Found server: nginx date: Tue, 27 Sep 2022 08:04:13 GMT content-length: 0 location: https://ad.marootrack.co/?utm_medium=b48a60e30e5ae28afe72ddce32915e721ea2ff28&utm_campaign=Globlallink1&1=930_81b90edf_503&cid=6332ae7da3289b00017df76c set-cookie: afclick=6332ae7da3289b00017df76c; expires=Wed, 27 Sep 2023 08:04:13 GMT; secure; SameSite=None access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw.js?v=1654466343142 HTTP/1.1 Host: ad.marootrack.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	URL: ad.marootrack.co/sw.js?v=1654466343142 FQDN: ad.marootrack.co IP: 65.60.58.179 HASH: 70d55f6e4bab19ae4b3cc61642e88a78a599b060c72d10c15c5f937e34305ee9 65.60.58.179 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 27 Sep 2022 08:04:14 GMT content-length: 775 last-modified: Fri, 23 Sep 2022 11:12:42 GMT vary: Accept-Encoding etag: "632d94aa-307" content-encoding: gzip content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline'; X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 775 Md5: de06f24ba6d6b0c514015a9847dace54 Sha1: c9662e4339d4f72af3526b21d4d6d68df21b0ba9 Sha256: 70d55f6e4bab19ae4b3cc61642e88a78a599b060c72d10c15c5f937e34305ee9 Alerts: Blocklists: - fortinet: Malware
GET /proc.php?4026fd6dd7236cd81dc7867e28426faea412e6e7 HTTP/1.1 Host: go.monetizer.mobi User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://go.monetizer.mobi/?utm_term=7147967401911386184&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b180b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b83 Cookie: u=d420f9a58e2a5f0ab2b63b7bc6952280 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers	URL: go.monetizer.mobi/proc.php?4026fd6dd7236cd81dc7867e2842 (...) FQDN: go.monetizer.mobi IP: 198.143.165.221 198.143.165.221 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 27 Sep 2022 08:04:12 GMT location: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7147967401911386184&website=797-403c551a&placement=797 vary: Accept-Encoding x-powered-by: PHP/8.1.9 cache-control: no-store, no-cache, must-revalidate, max-age=0 pragma: no-cache expires: Thu, 01 Jan 1970 00:00:00 GMT strict-transport-security: max-age=31536000; includeSubdomains; content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /redirect.css HTTP/1.1 Host: cdn.addlnk.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://myofferplus.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.addlnk.com/redirect.css FQDN: cdn.addlnk.com IP: 172.67.191.221 172.67.191.221 HTTP/2 200 OK content-type: text/css date: Tue, 27 Sep 2022 08:04:13 GMT cf-bgj: minify cf-polished: origSize=1680 etag: W/"3ae56d32551602b41f9046c14d1cfde2" last-modified: Wed, 13 Mar 2019 00:03:12 GMT x-amz-id-2: BUW6rlWHZvzQnvJHp4gBkVRIGc8DfdhWdOpgruWqMqu7ownlHIapox/IYSueiBqz+QseNtzP+2A= x-amz-request-id: KYXF7EGSHW20KRRM cf-cache-status: HIT age: 4761 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdWx3fJwCo5fpdmzXzV05Y14TOyRe%2FE0vM%2FGFp3Q0A8fH6lUGGfHAmhlhYIMX8erYK7FCFapqZNGQ6nT7Xtdg5BxcZYSRoE2B5fsbW4TSrNsZ0r%2FSjZ8lsuivSn%2BrFMw4w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7512ba2efead0b45-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=1&cid=44ba91ca-c0e7-475e-a1b3-5e46c8693f86 HTTP/1.1 Host: go.monetizer.mobi User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d6 (...) FQDN: go.monetizer.mobi IP: 198.143.165.221 198.143.165.221 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 27 Sep 2022 08:04:11 GMT location: https://go.monetizer.mobi/?utm_term=7147967401911386184&ver=4viyaptcjo vary: Accept-Encoding x-powered-by: PHP/8.1.9 cache-control: no-store, no-cache, must-revalidate, max-age=0 pragma: no-cache expires: Thu, 01 Jan 1970 00:00:00 GMT set-cookie: u=d420f9a58e2a5f0ab2b63b7bc6952280; expires=Wed, 27-Sep-2023 08:04:11 GMT; Max-Age=31536000; path=/ strict-transport-security: max-age=31536000; includeSubdomains; content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1" 

                                        
                                            
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5345 

                                        
                                            
Expires: Tue, 27 Sep 2022 09:33:14 GMT 

                                        
                                            
Date: Tue, 27 Sep 2022 08:04:09 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    d2560f62890e75b8de444fed96c22f52

                                                Sha1:   334ce0c48e606ee029f31eeb1463af87b1024bb9

                                                Sha256: 4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.35

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
content-length: 5348 

                                        
                                            
date: Mon, 26 Sep 2022 09:17:07 GMT 

                                        
                                            
last-modified: Sat, 10 Sep 2022 18:47:45 GMT 

                                        
                                            
etag: "6113f8408c59aebe188d6af273b90743" 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
x-amz-cf-id: 5SFSmc25xgQvkOqxlFCU4z9eDeYLt8KsAtfHJ8bniwI_7eSeJwT0RQ== 

                                        
                                            
age: 82024 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    6113f8408c59aebe188d6af273b90743

                                                Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b

                                                Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         143.204.42.156

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Tue, 27 Sep 2022 08:04:10 GMT 

                                        
                                            
Server: ECS (dcb/7F18) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: mJ5NGztOYEc7JDogqbC63BofZLQXl6xNo5SPCn-qa5hhS6Px15gu9w== 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    53a9e2273b299b9f4b72749b85699599

                                                Sha1:   5e55ec2164eb8fea16d96731c6a4cc93e8094ad2

                                                Sha256: 4465f1d030be739d1f111b6c3811c2925997dd20e330c7e41abe3d69f1c4226a

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4537 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Tue, 27 Sep 2022 08:04:10 GMT 

                                        
                                            
Last-Modified: Tue, 27 Sep 2022 06:48:33 GMT 

                                        
                                            
Server: ECS (ska/F710) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    5adb7eb1d103eadeeafac36e663ffdd3

                                                Sha1:   23b784388dd634fa736cd60aed71570661e73d02

                                                Sha256: 5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9

                                        
                                            GET /t/clk?id=DQqT5fxjrUGKRmCl&rl=Dkxpn&rcode=R09&rseq=R09,R99,R98 HTTP/1.1 

                                        
                                            
Host: so-glo.yoptv33.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: none 

                                        
                                            
Sec-Fetch-User: ?1

                                         52.58.131.39

                                        
                                            HTTP/2 302 Found 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
date: Tue, 27 Sep 2022 08:04:11 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
location: https://go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=1&cid=44ba91ca-c0e7-475e-a1b3-5e46c8693f86 

                                        
                                            
server: nginx/1.12.2 

                                        
                                            
cache-control: no-transform 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
vary: Cookie, Origin 

                                        
                                            
set-cookie: uip="[\"7Pzxmv\"\054 {\"7lDMw\": \"lpRgzOm\"}]:1od5Zb:FixMcX_A87daTXYmK2MGukmSv5c"; expires=Thu, 27 Oct 2022 08:04:11 GMT; Max-Age=2592000; Path=/
ydt_69a756d9a2a44370a5365f82fbdfa6e5="[\"44ba91ca-c0e7-475e-a1b3-5e46c8693f86\"]:1od5Zb:Mqfj_UgNG6sQ0VAmhRIF0WMCv04"; expires=Thu, 27 Oct 2022 10:04:11 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41" 

                                        
                                            
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5040 

                                        
                                            
Expires: Tue, 27 Sep 2022 09:28:12 GMT 

                                        
                                            
Date: Tue, 27 Sep 2022 08:04:12 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    639785692dc29802e484e1e1d0ec86c4

                                                Sha1:   cf81784351ce6302f540f491f893b44496809677

                                                Sha256: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41" 

                                        
                                            
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5040 

                                        
                                            
Expires: Tue, 27 Sep 2022 09:28:12 GMT 

                                        
                                            
Date: Tue, 27 Sep 2022 08:04:12 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    639785692dc29802e484e1e1d0ec86c4

                                                Sha1:   cf81784351ce6302f540f491f893b44496809677

                                                Sha256: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6390 

                                        
                                            
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZGFJ6Gc_oAMF44g= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w== 

                                        
                                            
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 27 Sep 2022 01:37:50 GMT 

                                        
                                            
age: 23182 

                                        
                                            
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6390

                                                Md5:    14218a43c5e5bbce546735a780c8ccce

                                                Sha1:   61676358cdbb2373bc644e66f8a84fbc8cc5daf6

                                                Sha256: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9163 

                                        
                                            
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZFlKpEZrIAMFS1Q= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw== 

                                        
                                            
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 26 Sep 2022 21:39:07 GMT 

                                        
                                            
age: 37505 

                                        
                                            
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9163

                                                Md5:    deb8d1e3b6d7fbc8c8ba478269621676

                                                Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9

                                                Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334b6513-7266-4f03-aae2-328c1b58a30e.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10864 

                                        
                                            
x-amzn-requestid: 104fb4b4-d1cc-47ee-9cc2-9b61e235d43f 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: Y4e41GJUoAMFs6A= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-632cde9e-55cda4c12c907e8d74ec9730;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 22 Sep 2022 22:15:58 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: W7NFcpiPV1dBHdWeQnhlOwWtNQ6-opRHWo6U49ECaRYDjyRNbVx9KQ== 

                                        
                                            
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 27 Sep 2022 07:52:35 GMT 

                                        
                                            
age: 697 

                                        
                                            
etag: "2a2fabd9f9792daf9c058fc754d5616267b703f1" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10864

                                                Md5:    56c3768b851e6a5206cbfbe3f5a97cae

                                                Sha1:   2a2fabd9f9792daf9c058fc754d5616267b703f1

                                                Sha256: 668dba22a0c81c4580637806c293521b176512b18ebcc2fe951be2f27f43134d

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: go.monetizer.mobi

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://go.monetizer.mobi/?utm_term=7147967401911386184&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b180b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b83 

                                        
                                            
Cookie: u=d420f9a58e2a5f0ab2b63b7bc6952280 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         198.143.165.221

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/x-icon

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 27 Sep 2022 08:04:12 GMT 

                                        
                                            
content-length: 1150 

                                        
                                            
last-modified: Wed, 31 Jul 2019 07:48:51 GMT 

                                        
                                            
etag: "5d4147e3-47e" 

                                        
                                            
expires: Wed, 28 Sep 2022 08:04:12 GMT 

                                        
                                            
cache-control: max-age=86400 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubdomains; 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data

                                                Size:   1150

                                                Md5:    91abe01116ab422c598e9c8af72cf4da

                                                Sha1:   0f2815fe8e067d48537ad168225ab4674271fa27

                                                Sha256: b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

                                        
                                            GET /?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7147967401911386184&website=797-403c551a&placement=797&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84 HTTP/1.1 

                                        
                                            
Host: www.wewillserv.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://go.monetizer.mobi/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         51.68.85.158

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Date: Tue, 27 Sep 2022 08:04:12 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cache-Control: no-transform 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3751)

                                                Size:   5152

                                                Md5:    17251a77824c897a4996aa0bede2d9d3

                                                Sha1:   95b63ef123bce7c4a3c6d636046a20f8bb40f1b1

                                                Sha256: 7076a509a71c0b13b93ac911a7b5dc09edd6f6a5338c8a81f99a531188fe9181

                                        
                                            GET /?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7147967401911386184&website=797-403c551a&placement=797&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=3&eyer=0.3066486278977334&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=go.monetizer.mobi HTTP/1.1 

                                        
                                            
Host: www.wewillserv.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         51.68.85.158

                                        
                                            HTTP/1.1 302 Found

                                        

                                        
                                            
Date: Tue, 27 Sep 2022 08:04:12 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cache-Control: no-transform 

                                        
                                            
Location: https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=3300070d045f8c81a9f241f73638b4af141630927-202209-flb*5467509-4538f*M7147967401911386184*sl_5467509-4538f*8c96485cf633ebf3cc9a185e21e679ee16f9f5ef*797-403c551a*797 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.godaddy.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 75 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         192.124.249.22

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: Sucuri/Cloudproxy 

                                        
                                            
Date: Tue, 27 Sep 2022 08:04:12 GMT 

                                        
                                            
Content-Length: 1777 

                                        
                                            
Connection: keep-alive 

                                        
                                            
X-Sucuri-ID: 19022 

                                        
                                            
Content-Transfer-Encoding: Binary 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate 

                                        
                                            
Last-Modified: Mon, 26 Sep 2022 23:43:15 GMT 

                                        
                                            
Expires: Tue, 27 Sep 2022 23:43:15 GMT 

                                        
                                            
ETag: "49b873c2bff6f2eba87397c2ba244b04b3c317eb" 

                                        
                                            
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1777

                                                Md5:    98917b3482df1fb9b63778a65d8de247

                                                Sha1:   49b873c2bff6f2eba87397c2ba244b04b3c317eb

                                                Sha256: 0d8438abd1a634d426bf658f2a5f383cfdbab8b6b12a37885895166d8328c7da

                                        
                                            GET /rc/a91581ead4?affclick=6332ae7da00dbc000180203d&pubid=503 HTTP/1.1 

                                        
                                            
Host: myofferplus.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: AWSALB=LMmEf+FFaAzsaEqg7SGweSl5Fi6tyaakNnnbIkyQwr7D+6a/eFoW/qTPCWSu9Rd56pf7kYrKAeO/wQI8DOXdwRMYm1YofE4FwZX2Vk3FAnkFbmnX6254arylQFCg 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.21.24.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
date: Tue, 27 Sep 2022 08:04:13 GMT 

                                        
                                            
set-cookie: AWSALB=/9b/8RBJ4QhbEGqem6D5+Y355V8K7lC0Lm5/9cC4JK17LDuXECu6tawGE0DJzx//IhDN62zUR/11YFORhC+Ixb5wxie3BCuzspZBdItUWT4FpZD+UzDnouPkXN2Q; Expires=Tue, 04 Oct 2022 08:04:13 GMT; Path=/
AWSALBCORS=/9b/8RBJ4QhbEGqem6D5+Y355V8K7lC0Lm5/9cC4JK17LDuXECu6tawGE0DJzx//IhDN62zUR/11YFORhC+Ixb5wxie3BCuzspZBdItUWT4FpZD+UzDnouPkXN2Q; Expires=Tue, 04 Oct 2022 08:04:13 GMT; Path=/; SameSite=None 

                                        
                                            
vary: Accept-Encoding, Accept-Language, Cookie 

                                        
                                            
content-language: en 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6kw9GqkRLyEADLht0mFw4Xl35kIVd1C%2B%2F9EuxJeKFOIwZp2j3AJjr6DYOGNqU15FlDFwIftVhtUPSHza6rvUTm2Gn%2FK3UKPXEkyAOSeh%2FUqx4ZOo2L5BWixsKqYEVQ6eBE%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7512ba2de8680b39-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   541

                                                Md5:    64c865527649abc08d78e9ff135af14f

                                                Sha1:   35e3a352fc9bbd91637d0e2d8dd399100547429f

                                                Sha256: e6aaa1eb5a368ca4818df779981425f03abe28cceefe2e9d49ae49a124d84119

                                        
                                            GET /sl?id=62dfc1354b8cd38db57f7466&pid=930&sub1=pub3d5c190a962c44648be121c943e6b146&sub2=81b90edf_503 HTTP/1.1 

                                        
                                            
Host: track.gositego.live

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://myofferplus.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.141.179.97

                                        
                                            HTTP/2 302 Found

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 27 Sep 2022 08:04:13 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
location: https://ad.marootrack.co/?utm_medium=b48a60e30e5ae28afe72ddce32915e721ea2ff28&utm_campaign=Globlallink1&1=930_81b90edf_503&cid=6332ae7da3289b00017df76c 

                                        
                                            
set-cookie: afclick=6332ae7da3289b00017df76c; expires=Wed, 27 Sep 2023 08:04:13 GMT; secure; SameSite=None 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /proc.php?4026fd6dd7236cd81dc7867e28426faea412e6e7 HTTP/1.1 

                                        
                                            
Host: go.monetizer.mobi

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://go.monetizer.mobi/?utm_term=7147967401911386184&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b180b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b83 

                                        
                                            
Cookie: u=d420f9a58e2a5f0ab2b63b7bc6952280 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         198.143.165.221

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 27 Sep 2022 08:04:12 GMT 

                                        
                                            
location: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7147967401911386184&website=797-403c551a&placement=797 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-powered-by: PHP/8.1.9 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate, max-age=0 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Thu, 01 Jan 1970 00:00:00 GMT 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubdomains; 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=1&cid=44ba91ca-c0e7-475e-a1b3-5e46c8693f86 HTTP/1.1 

                                        
                                            
Host: go.monetizer.mobi

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: none 

                                        
                                            
Sec-Fetch-User: ?1

                                         198.143.165.221

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 27 Sep 2022 08:04:11 GMT 

                                        
                                            
location: https://go.monetizer.mobi/?utm_term=7147967401911386184&ver=4viyaptcjo 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-powered-by: PHP/8.1.9 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate, max-age=0 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Thu, 01 Jan 1970 00:00:00 GMT 

                                        
                                            
set-cookie: u=d420f9a58e2a5f0ab2b63b7bc6952280; expires=Wed, 27-Sep-2023 08:04:11 GMT; Max-Age=31536000; path=/ 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubdomains; 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	bbtl-glo.localsearchdrs.com/t/clk
IP	52.58.131.39 (Germany)
ASN	#16509 AMAZON-02
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-09-27 08:04:20 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	2
urlquery alerts	No alerts detected
Tags	None

Request	Response
GET /t/clk HTTP/1.1 Host: bbtl-glo.localsearchdrs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: bbtl-glo.localsearchdrs.com/t/clk FQDN: bbtl-glo.localsearchdrs.com IP: 3.64.246.59 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.64.246.59 HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Date: Tue, 27 Sep 2022 08:04:09 GMT Content-Length: 0 Connection: keep-alive Server: nginx/1.12.2 Location: https://so-glo.yoptv33.com/t/clk?id=DQqT5fxjrUGKRmCl&rl=Dkxpn&rcode=R09&rseq=R09,R99,R98 Vary: Cookie, Origin --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1" Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5345 Expires: Tue, 27 Sep 2022 09:33:14 GMT Date: Tue, 27 Sep 2022 08:04:09 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d2560f62890e75b8de444fed96c22f52 Sha1: 334ce0c48e606ee029f31eeb1463af87b1024bb9 Sha256: 4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Tue, 27 Sep 2022 07:15:30 GMT X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: xwlMne8chWXRzzoH6sWDIF21Zh812lD6yjUIVK078uNsEzDtcRKpjQ== Age: 2919 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 2d12f67fe57a87e7366b662d153a5582 Sha1: d7b02d81cc74f24a251d9363e0f4b0a149264ec1 Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.35 HASH: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770 143.204.55.35 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 date: Mon, 26 Sep 2022 09:17:07 GMT last-modified: Sat, 10 Sep 2022 18:47:45 GMT etag: "6113f8408c59aebe188d6af273b90743" content-disposition: attachment accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 5SFSmc25xgQvkOqxlFCU4z9eDeYLt8KsAtfHJ8bniwI_7eSeJwT0RQ== age: 82024 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 6113f8408c59aebe188d6af273b90743 Sha1: 7398873bf00f99944eaa77ad3ebc0d43c23dba6b Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 27 Sep 2022 08:04:10 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.156 HASH: 4465f1d030be739d1f111b6c3811c2925997dd20e330c7e41abe3d69f1c4226a 143.204.42.156 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Cache-Control: 'max-age=158059' Date: Tue, 27 Sep 2022 08:04:10 GMT Server: ECS (dcb/7F18) X-Cache: Miss from cloudfront Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: mJ5NGztOYEc7JDogqbC63BofZLQXl6xNo5SPCn-qa5hhS6Px15gu9w== --- Additional Info --- Magic: data Size: 471 Md5: 53a9e2273b299b9f4b72749b85699599 Sha1: 5e55ec2164eb8fea16d96731c6a4cc93e8094ad2 Sha256: 4465f1d030be739d1f111b6c3811c2925997dd20e330c7e41abe3d69f1c4226a
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600, max-age=3600 Date: Tue, 27 Sep 2022 07:10:46 GMT Expires: Tue, 27 Sep 2022 07:38:30 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: Bk72vK8sQlAe67xrV_Rmk-CPxgT7Rd3yZzigM6r1ddwZRN4DRnq6dA== Age: 3204 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4537 Cache-Control: 'max-age=158059' Date: Tue, 27 Sep 2022 08:04:10 GMT Last-Modified: Tue, 27 Sep 2022 06:48:33 GMT Server: ECS (ska/F710) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 5adb7eb1d103eadeeafac36e663ffdd3 Sha1: 23b784388dd634fa736cd60aed71570661e73d02 Sha256: 5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 8hV9Qea1Rw1ifvh/gkzFNQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.163.147.190 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.163.147.190 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: uYNkmtB7knRW5cgdbDqkAcruBek= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/clk?id=DQqT5fxjrUGKRmCl&rl=Dkxpn&rcode=R09&rseq=R09,R99,R98 HTTP/1.1 Host: so-glo.yoptv33.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: so-glo.yoptv33.com/t/clk?id=DQqT5fxjrUGKRmCl&rl=Dkxpn&r (...) FQDN: so-glo.yoptv33.com IP: 52.58.131.39 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.58.131.39 HTTP/2 302 Found content-type: text/html; charset=utf-8 date: Tue, 27 Sep 2022 08:04:11 GMT content-length: 0 location: https://go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=1&cid=44ba91ca-c0e7-475e-a1b3-5e46c8693f86 server: nginx/1.12.2 cache-control: no-transform x-frame-options: SAMEORIGIN vary: Cookie, Origin set-cookie: uip="[\"7Pzxmv\"\054 {\"7lDMw\": \"lpRgzOm\"}]:1od5Zb:FixMcX_A87daTXYmK2MGukmSv5c"; expires=Thu, 27 Oct 2022 08:04:11 GMT; Max-Age=2592000; Path=/ ydt_69a756d9a2a44370a5365f82fbdfa6e5="[\"44ba91ca-c0e7-475e-a1b3-5e46c8693f86\"]:1od5Zb:Mqfj_UgNG6sQ0VAmhRIF0WMCv04"; expires=Thu, 27 Oct 2022 10:04:11 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41" Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5040 Expires: Tue, 27 Sep 2022 09:28:12 GMT Date: Tue, 27 Sep 2022 08:04:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 639785692dc29802e484e1e1d0ec86c4 Sha1: cf81784351ce6302f540f491f893b44496809677 Sha256: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41" Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5040 Expires: Tue, 27 Sep 2022 09:28:12 GMT Date: Tue, 27 Sep 2022 08:04:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 639785692dc29802e484e1e1d0ec86c4 Sha1: cf81784351ce6302f540f491f893b44496809677 Sha256: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41" Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5040 Expires: Tue, 27 Sep 2022 09:28:12 GMT Date: Tue, 27 Sep 2022 08:04:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 639785692dc29802e484e1e1d0ec86c4 Sha1: cf81784351ce6302f540f491f893b44496809677 Sha256: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41" Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5040 Expires: Tue, 27 Sep 2022 09:28:12 GMT Date: Tue, 27 Sep 2022 08:04:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 639785692dc29802e484e1e1d0ec86c4 Sha1: cf81784351ce6302f540f491f893b44496809677 Sha256: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41" Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5040 Expires: Tue, 27 Sep 2022 09:28:12 GMT Date: Tue, 27 Sep 2022 08:04:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 639785692dc29802e484e1e1d0ec86c4 Sha1: cf81784351ce6302f540f491f893b44496809677 Sha256: 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6390 x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZGFJ6Gc_oAMF44g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0 x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Tue, 27 Sep 2022 01:37:50 GMT age: 23182 etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6390 Md5: 14218a43c5e5bbce546735a780c8ccce Sha1: 61676358cdbb2373bc644e66f8a84fbc8cc5daf6 Sha256: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /?utm_term=7147967401911386184&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b180b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b83 HTTP/1.1 Host: go.monetizer.mobi User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=1&cid=44ba91ca-c0e7-475e-a1b3-5e46c8693f86 Cookie: u=d420f9a58e2a5f0ab2b63b7bc6952280 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers	URL: go.monetizer.mobi/?utm_term=7147967401911386184&ver=4vi (...) FQDN: go.monetizer.mobi IP: 198.143.165.221 HASH: 2d97f630b04fd176d6ee1107d733b404294359ea5adbea2dd7852faae7575baf 198.143.165.221 HTTP/2 200 OK content-type: text/html; charset=utf-8 server: nginx date: Tue, 27 Sep 2022 08:04:12 GMT vary: Accept-Encoding x-powered-by: PHP/8.1.9 cache-control: no-store, no-cache, must-revalidate, max-age=0 pragma: no-cache expires: Thu, 01 Jan 1970 00:00:00 GMT strict-transport-security: max-age=31536000; includeSubdomains; content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 10872 Md5: 5602d09d6724175e26f3b057de837a43 Sha1: 1787bcf6d1d32e3f0077b8f5e803f7eba99baab3 Sha256: 2d97f630b04fd176d6ee1107d733b404294359ea5adbea2dd7852faae7575baf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9163 x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZFlKpEZrIAMFS1Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0 x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google date: Mon, 26 Sep 2022 21:39:07 GMT age: 37505 etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9163 Md5: deb8d1e3b6d7fbc8c8ba478269621676 Sha1: 84f5a4c8b38acde814bc790e5b514347718d5bb9 Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4c2184b8150834adf1e9ec807f3175b6fcd574920a98c857db2cfb01b78da2fe 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7701 x-amzn-requestid: 63bfd7b5-f18e-4396-99a8-fb24dee1ee0c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZGCmmGswoAMF2zg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63324af6-04fa1b18525182b7213f844c;Sampled=0 x-amzn-remapped-date: Tue, 27 Sep 2022 00:59:34 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: DiTKUZCtnzzWsLnaX07RzIFfcP2_SiKqzETIMe3RoXWnQOBaB8BhmQ== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google date: Tue, 27 Sep 2022 01:05:14 GMT age: 25138 etag: "2f7876bd0e4b52aa04ccf1c2a45359156eaefb97" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7701 Md5: 9ff2dbdbf6d450f0d9774777b3c5aa6e Sha1: 2f7876bd0e4b52aa04ccf1c2a45359156eaefb97 Sha256: 4c2184b8150834adf1e9ec807f3175b6fcd574920a98c857db2cfb01b78da2fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334b6513-7266-4f03-aae2-328c1b58a30e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 668dba22a0c81c4580637806c293521b176512b18ebcc2fe951be2f27f43134d 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10864 x-amzn-requestid: 104fb4b4-d1cc-47ee-9cc2-9b61e235d43f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y4e41GJUoAMFs6A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632cde9e-55cda4c12c907e8d74ec9730;Sampled=0 x-amzn-remapped-date: Thu, 22 Sep 2022 22:15:58 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: W7NFcpiPV1dBHdWeQnhlOwWtNQ6-opRHWo6U49ECaRYDjyRNbVx9KQ== via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google date: Tue, 27 Sep 2022 07:52:35 GMT age: 697 etag: "2a2fabd9f9792daf9c058fc754d5616267b703f1" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10864 Md5: 56c3768b851e6a5206cbfbe3f5a97cae Sha1: 2a2fabd9f9792daf9c058fc754d5616267b703f1 Sha256: 668dba22a0c81c4580637806c293521b176512b18ebcc2fe951be2f27f43134d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5319 x-amzn-requestid: 74191b02-ebea-48bd-8522-f05bf8080f31 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZFlOKFtsIAMFyGQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63321bf4-1f2daa9d7906bf9812e10953;Sampled=0 x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:00 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: Y0gjPs-l9_JD9F-LSH_i1uL2Nz0UcWCG-9PmDmRH8cN_cNAeSchJTA== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google date: Mon, 26 Sep 2022 21:39:00 GMT etag: "75df3341e30281fcbf78c7074980356fdf0be8e2" age: 37512 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5319 Md5: 46e31aa06b8e86a9a5f9ba1cc3feca08 Sha1: 75df3341e30281fcbf78c7074980356fdf0be8e2 Sha256: d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
GET /favicon.ico HTTP/1.1 Host: go.monetizer.mobi User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://go.monetizer.mobi/?utm_term=7147967401911386184&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b180b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b83 Cookie: u=d420f9a58e2a5f0ab2b63b7bc6952280 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: go.monetizer.mobi/favicon.ico FQDN: go.monetizer.mobi IP: 198.143.165.221 HASH: b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc 198.143.165.221 HTTP/2 200 OK content-type: image/x-icon server: nginx date: Tue, 27 Sep 2022 08:04:12 GMT content-length: 1150 last-modified: Wed, 31 Jul 2019 07:48:51 GMT etag: "5d4147e3-47e" expires: Wed, 28 Sep 2022 08:04:12 GMT cache-control: max-age=86400 strict-transport-security: max-age=31536000; includeSubdomains; accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size: 1150 Md5: 91abe01116ab422c598e9c8af72cf4da Sha1: 0f2815fe8e067d48537ad168225ab4674271fa27 Sha256: b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
GET /sw.js?v=1664265850054 HTTP/1.1 Host: go.monetizer.mobi User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Cookie: u=d420f9a58e2a5f0ab2b63b7bc6952280 Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	URL: go.monetizer.mobi/sw.js?v=1664265850054 FQDN: go.monetizer.mobi IP: 198.143.165.221 HASH: 70d55f6e4bab19ae4b3cc61642e88a78a599b060c72d10c15c5f937e34305ee9 198.143.165.221 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 27 Sep 2022 08:04:12 GMT content-length: 775 last-modified: Fri, 23 Sep 2022 11:12:42 GMT vary: Accept-Encoding etag: "632d94aa-307" content-encoding: gzip content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline'; X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 775 Md5: de06f24ba6d6b0c514015a9847dace54 Sha1: c9662e4339d4f72af3526b21d4d6d68df21b0ba9 Sha256: 70d55f6e4bab19ae4b3cc61642e88a78a599b060c72d10c15c5f937e34305ee9
GET /?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7147967401911386184&website=797-403c551a&placement=797&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84 HTTP/1.1 Host: www.wewillserv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://go.monetizer.mobi/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2 (...) FQDN: www.wewillserv.com IP: 51.68.85.158 HASH: 7076a509a71c0b13b93ac911a7b5dc09edd6f6a5338c8a81f99a531188fe9181 51.68.85.158 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 27 Sep 2022 08:04:12 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-transform --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3751) Size: 5152 Md5: 17251a77824c897a4996aa0bede2d9d3 Sha1: 95b63ef123bce7c4a3c6d636046a20f8bb40f1b1 Sha256: 7076a509a71c0b13b93ac911a7b5dc09edd6f6a5338c8a81f99a531188fe9181
GET /?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7147967401911386184&website=797-403c551a&placement=797&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=07512066c3a403ae84888da54d0e6b92&eyer=0.3066486278977334&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=go.monetizer.mobi HTTP/1.1 Host: www.wewillserv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin	URL: www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2 (...) FQDN: www.wewillserv.com IP: 51.68.85.158 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 51.68.85.158 HTTP/1.1 302 Found Date: Tue, 27 Sep 2022 08:04:12 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-transform Location: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7147967401911386184&website=797-403c551a&placement=797&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=3&eyer=0.3066486278977334&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=go.monetizer.mobi --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7147967401911386184&website=797-403c551a&placement=797&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84&eyeg=3&eyer=0.3066486278977334&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=go.monetizer.mobi HTTP/1.1 Host: www.wewillserv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin	URL: www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2 (...) FQDN: www.wewillserv.com IP: 51.68.85.158 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 51.68.85.158 HTTP/1.1 302 Found Date: Tue, 27 Sep 2022 08:04:12 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-transform Location: https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=3300070d045f8c81a9f241f73638b4af141630927-202209-flb5467509-4538fM7147967401911386184sl_5467509-4538f8c96485cf633ebf3cc9a185e21e679ee16f9f5ef797-403c551a797 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1 Host: www.wewillserv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.wewillserv.com/favicon.ico FQDN: www.wewillserv.com IP: 51.68.85.158 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 51.68.85.158 HTTP/1.1 204 No Content Server: openresty Date: Tue, 27 Sep 2022 08:04:12 GMT Connection: keep-alive --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.godaddy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 75 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.godaddy.com/ FQDN: ocsp.godaddy.com IP: 192.124.249.22 HASH: 0d8438abd1a634d426bf658f2a5f383cfdbab8b6b12a37885895166d8328c7da 192.124.249.22 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Sucuri/Cloudproxy Date: Tue, 27 Sep 2022 08:04:12 GMT Content-Length: 1777 Connection: keep-alive X-Sucuri-ID: 19022 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Mon, 26 Sep 2022 23:43:15 GMT Expires: Tue, 27 Sep 2022 23:43:15 GMT ETag: "49b873c2bff6f2eba87397c2ba244b04b3c317eb" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA" --- Additional Info --- Magic: data Size: 1777 Md5: 98917b3482df1fb9b63778a65d8de247 Sha1: 49b873c2bff6f2eba87397c2ba244b04b3c317eb Sha256: 0d8438abd1a634d426bf658f2a5f383cfdbab8b6b12a37885895166d8328c7da
GET /sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=3300070d045f8c81a9f241f73638b4af141630927-202209-flb5467509-4538fM7147967401911386184sl_5467509-4538f8c96485cf633ebf3cc9a185e21e679ee16f9f5ef797-403c551a797 HTTP/1.1 Host: admoustache.go2affise.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: afclick=63328366af91a700014a254e Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6 (...) FQDN: admoustache.go2affise.com IP: 34.91.27.112 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 34.91.27.112 HTTP/2 302 Found server: nginx date: Tue, 27 Sep 2022 08:04:13 GMT content-length: 0 location: https://myofferplus.com/rc/a91581ead4?affclick=6332ae7da00dbc000180203d&pubid=503 set-cookie: afclick=6332ae7da00dbc000180203d; expires=Wed, 27 Sep 2023 08:04:13 GMT; secure; SameSite=None access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rc/a91581ead4?affclick=6332ae7da00dbc000180203d&pubid=503 HTTP/1.1 Host: myofferplus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: AWSALB=LMmEf+FFaAzsaEqg7SGweSl5Fi6tyaakNnnbIkyQwr7D+6a/eFoW/qTPCWSu9Rd56pf7kYrKAeO/wQI8DOXdwRMYm1YofE4FwZX2Vk3FAnkFbmnX6254arylQFCg Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: myofferplus.com/rc/a91581ead4?affclick=6332ae7da00dbc00 (...) FQDN: myofferplus.com IP: 104.21.24.76 HASH: e6aaa1eb5a368ca4818df779981425f03abe28cceefe2e9d49ae49a124d84119 104.21.24.76 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Tue, 27 Sep 2022 08:04:13 GMT set-cookie: AWSALB=/9b/8RBJ4QhbEGqem6D5+Y355V8K7lC0Lm5/9cC4JK17LDuXECu6tawGE0DJzx//IhDN62zUR/11YFORhC+Ixb5wxie3BCuzspZBdItUWT4FpZD+UzDnouPkXN2Q; Expires=Tue, 04 Oct 2022 08:04:13 GMT; Path=/ AWSALBCORS=/9b/8RBJ4QhbEGqem6D5+Y355V8K7lC0Lm5/9cC4JK17LDuXECu6tawGE0DJzx//IhDN62zUR/11YFORhC+Ixb5wxie3BCuzspZBdItUWT4FpZD+UzDnouPkXN2Q; Expires=Tue, 04 Oct 2022 08:04:13 GMT; Path=/; SameSite=None vary: Accept-Encoding, Accept-Language, Cookie content-language: en cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6kw9GqkRLyEADLht0mFw4Xl35kIVd1C%2B%2F9EuxJeKFOIwZp2j3AJjr6DYOGNqU15FlDFwIftVhtUPSHza6rvUTm2Gn%2FK3UKPXEkyAOSeh%2FUqx4ZOo2L5BWixsKqYEVQ6eBE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7512ba2de8680b39-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 541 Md5: 64c865527649abc08d78e9ff135af14f Sha1: 35e3a352fc9bbd91637d0e2d8dd399100547429f Sha256: e6aaa1eb5a368ca4818df779981425f03abe28cceefe2e9d49ae49a124d84119
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 2482c0c2c56d26d8c0d1fe12306fe844aecf06f8f0764cad3830dce9ab9bb9b9 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 27 Sep 2022 08:04:13 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 24 Sep 2022 15:34:05 GMT Expires: Sat, 01 Oct 2022 15:34:04 GMT Etag: "1b57ca2f86f1dc79909eb7f5815b99bf6b70b8eb" Cache-Control: max-age=371990,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7512ba302c90b512-OSL --- Additional Info --- Magic: data Size: 471 Md5: b9602d1366474983dad2660731a5703f Sha1: 1b57ca2f86f1dc79909eb7f5815b99bf6b70b8eb Sha256: 2482c0c2c56d26d8c0d1fe12306fe844aecf06f8f0764cad3830dce9ab9bb9b9
GET /sl?id=62dfc1354b8cd38db57f7466&pid=930&sub1=pub3d5c190a962c44648be121c943e6b146&sub2=81b90edf_503 HTTP/1.1 Host: track.gositego.live User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://myofferplus.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: track.gositego.live/sl?id=62dfc1354b8cd38db57f7466&pid= (...) FQDN: track.gositego.live IP: 34.141.179.97 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 34.141.179.97 HTTP/2 302 Found server: nginx date: Tue, 27 Sep 2022 08:04:13 GMT content-length: 0 location: https://ad.marootrack.co/?utm_medium=b48a60e30e5ae28afe72ddce32915e721ea2ff28&utm_campaign=Globlallink1&1=930_81b90edf_503&cid=6332ae7da3289b00017df76c set-cookie: afclick=6332ae7da3289b00017df76c; expires=Wed, 27 Sep 2023 08:04:13 GMT; secure; SameSite=None access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw.js?v=1654466343142 HTTP/1.1 Host: ad.marootrack.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	URL: ad.marootrack.co/sw.js?v=1654466343142 FQDN: ad.marootrack.co IP: 65.60.58.179 HASH: 70d55f6e4bab19ae4b3cc61642e88a78a599b060c72d10c15c5f937e34305ee9 65.60.58.179 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 27 Sep 2022 08:04:14 GMT content-length: 775 last-modified: Fri, 23 Sep 2022 11:12:42 GMT vary: Accept-Encoding etag: "632d94aa-307" content-encoding: gzip content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline'; X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 775 Md5: de06f24ba6d6b0c514015a9847dace54 Sha1: c9662e4339d4f72af3526b21d4d6d68df21b0ba9 Sha256: 70d55f6e4bab19ae4b3cc61642e88a78a599b060c72d10c15c5f937e34305ee9 Alerts: Blocklists: - fortinet: Malware
GET /proc.php?4026fd6dd7236cd81dc7867e28426faea412e6e7 HTTP/1.1 Host: go.monetizer.mobi User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://go.monetizer.mobi/?utm_term=7147967401911386184&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b180b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b83 Cookie: u=d420f9a58e2a5f0ab2b63b7bc6952280 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers	URL: go.monetizer.mobi/proc.php?4026fd6dd7236cd81dc7867e2842 (...) FQDN: go.monetizer.mobi IP: 198.143.165.221 198.143.165.221 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 27 Sep 2022 08:04:12 GMT location: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7147967401911386184&website=797-403c551a&placement=797 vary: Accept-Encoding x-powered-by: PHP/8.1.9 cache-control: no-store, no-cache, must-revalidate, max-age=0 pragma: no-cache expires: Thu, 01 Jan 1970 00:00:00 GMT strict-transport-security: max-age=31536000; includeSubdomains; content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /redirect.css HTTP/1.1 Host: cdn.addlnk.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://myofferplus.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.addlnk.com/redirect.css FQDN: cdn.addlnk.com IP: 172.67.191.221 172.67.191.221 HTTP/2 200 OK content-type: text/css date: Tue, 27 Sep 2022 08:04:13 GMT cf-bgj: minify cf-polished: origSize=1680 etag: W/"3ae56d32551602b41f9046c14d1cfde2" last-modified: Wed, 13 Mar 2019 00:03:12 GMT x-amz-id-2: BUW6rlWHZvzQnvJHp4gBkVRIGc8DfdhWdOpgruWqMqu7ownlHIapox/IYSueiBqz+QseNtzP+2A= x-amz-request-id: KYXF7EGSHW20KRRM cf-cache-status: HIT age: 4761 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdWx3fJwCo5fpdmzXzV05Y14TOyRe%2FE0vM%2FGFp3Q0A8fH6lUGGfHAmhlhYIMX8erYK7FCFapqZNGQ6nT7Xtdg5BxcZYSRoE2B5fsbW4TSrNsZ0r%2FSjZ8lsuivSn%2BrFMw4w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7512ba2efead0b45-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=1&cid=44ba91ca-c0e7-475e-a1b3-5e46c8693f86 HTTP/1.1 Host: go.monetizer.mobi User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d6 (...) FQDN: go.monetizer.mobi IP: 198.143.165.221 198.143.165.221 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 27 Sep 2022 08:04:11 GMT location: https://go.monetizer.mobi/?utm_term=7147967401911386184&ver=4viyaptcjo vary: Accept-Encoding x-powered-by: PHP/8.1.9 cache-control: no-store, no-cache, must-revalidate, max-age=0 pragma: no-cache expires: Thu, 01 Jan 1970 00:00:00 GMT set-cookie: u=d420f9a58e2a5f0ab2b63b7bc6952280; expires=Wed, 27-Sep-2023 08:04:11 GMT; Max-Age=31536000; path=/ strict-transport-security: max-age=31536000; includeSubdomains; content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---

Overview

Domain Summary (19)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 52.58.131.39

Last 5 reports on ASN: AMAZON-02

Last 1 reports on domain: localsearchdrs.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (8)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (36)

Overview

Domain Summary (19)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 52.58.131.39

Last 5 reports on ASN: AMAZON-02

Last 1 reports on domain: localsearchdrs.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (8)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (36)

Network Intrusion Detection Systems