ww38.0eu-daemon.viaxmr.com/
37.48.65.150200 OK 482 B URL HTTP/1.1 ww38.0eu-daemon.viaxmr.com/
IP 37.48.65.150:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (482), with no line terminators
Hash ec4117eaad589105beab0eb9b17875f5
b730421aff3be075afca3ebd5c1139c416df801b
6b87da02f7953fdcc22785f51aa6f3b29f5e0a844ea8a7edc7df6e392ebee592
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ww38.0eu-daemon.viaxmr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 482
content-type: text/html; charset=utf-8
date: Sun, 25 Sep 2022 06:52:37 GMT
server: nginx
set-cookie: sid=a40e3c38-3c9e-11ed-aeb0-90748c564d9d; path=/; domain=.viaxmr.com; expires=Fri, 13 Oct 2090 10:06:44 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17656
Expires: Sun, 25 Sep 2022 11:46:53 GMT
Date: Sun, 25 Sep 2022 06:52:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 06:14:51 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8XG6s4qlgoBK-K70Ox5PMRCqOcNXpDoNO0jjLHn2mvKuDhC5WQ8TsA==
Age: 2266
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3e81b5bd7bd8e12288a8159e44ceb3f
977945964ffcbf49ac78f840db9da822c50c82f0
4721814da286852318f7ebf9857bd4bf01f0beea2c9eb7ddb9f290e3fa472232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17907
Expires: Sun, 25 Sep 2022 11:51:04 GMT
Date: Sun, 25 Sep 2022 06:52:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QHfAUtgDWqbMksEB+Rir4xjYZ1ubmRZ5TRIuk0o1g7g7OktivOPj3rOtFbDBFfaDffkGG2pkUVk=
x-amz-request-id: ERTT39EC65JYNYQ5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 25 Sep 2022 06:47:59 GMT
age: 278
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 06:52:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ww38.0eu-daemon.viaxmr.com/favicon.ico
37.48.65.150404 Not Found 9 B URL HTTP/1.1 ww38.0eu-daemon.viaxmr.com/favicon.ico
IP 37.48.65.150:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: ww38.0eu-daemon.viaxmr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.0eu-daemon.viaxmr.com/
Cookie: sid=a40e3c38-3c9e-11ed-aeb0-90748c564d9d
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Sun, 25 Sep 2022 06:52:37 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 06:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 07:00:31 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S7wD5TxC_OSco3hN4HWOv_55QyV8WXmqTQ8aLDRhIRTM5ivd-tCYQQ==
Age: 2901
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5660
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 06:52:38 GMT
Last-Modified: Sun, 25 Sep 2022 05:18:18 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ww38.0eu-daemon.viaxmr.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NDA5NTk1NywiaWF0IjoxNjY0MDg4NzU3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2MwZnEzbmNobG9lbG40aDAyaTFudTUiLCJuYmYiOjE2NjQwODg3NTcsInRzIjoxNjY0MDg4NzU3MzMwMjA2fQ.gp-FJLIaZPXe-NMjp-GSjtGKqU_H4uCBtPivbHg6Vnw&sid=a40e3c38-3c9e-11ed-aeb0-90748c564d9d
37.48.65.150302 Found 11 B URL HTTP/1.1 ww38.0eu-daemon.viaxmr.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NDA5NTk1NywiaWF0IjoxNjY0MDg4NzU3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2MwZnEzbmNobG9lbG40aDAyaTFudTUiLCJuYmYiOjE2NjQwODg3NTcsInRzIjoxNjY0MDg4NzU3MzMwMjA2fQ.gp-FJLIaZPXe-NMjp-GSjtGKqU_H4uCBtPivbHg6Vnw&sid=a40e3c38-3c9e-11ed-aeb0-90748c564d9d
IP 37.48.65.150:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NDA5NTk1NywiaWF0IjoxNjY0MDg4NzU3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2MwZnEzbmNobG9lbG40aDAyaTFudTUiLCJuYmYiOjE2NjQwODg3NTcsInRzIjoxNjY0MDg4NzU3MzMwMjA2fQ.gp-FJLIaZPXe-NMjp-GSjtGKqU_H4uCBtPivbHg6Vnw&sid=a40e3c38-3c9e-11ed-aeb0-90748c564d9d HTTP/1.1
Host: ww38.0eu-daemon.viaxmr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.0eu-daemon.viaxmr.com/
Cookie: sid=a40e3c38-3c9e-11ed-aeb0-90748c564d9d
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 25 Sep 2022 06:52:38 GMT
location: http://phoka-mps.com/zcvisitor/a452e9f1-3c9e-11ed-9a09-0a38d9ed8191/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=7e3f9bd0-43cc-11ec-ba04-0a918cbcbb97
server: nginx
set-cookie: sid=a40e3c38-3c9e-11ed-aeb0-90748c564d9d; path=/; domain=.viaxmr.com; expires=Fri, 13 Oct 2090 10:06:45 GMT; max-age=2147483647; HttpOnly
phoka-mps.com/zcvisitor/a452e9f1-3c9e-11ed-9a09-0a38d9ed8191/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=7e3f9bd0-43cc-11ec-ba04-0a918cbcbb97
34.194.66.161200 996 B URL HTTP/1.1 phoka-mps.com/zcvisitor/a452e9f1-3c9e-11ed-9a09-0a38d9ed8191/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=7e3f9bd0-43cc-11ec-ba04-0a918cbcbb97
IP 34.194.66.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 11fc4aeccc4b273f9a3b206d710dbab1
19b2e433500aa423df6f319d2283659cd18681c8
ef30f7edc0349ecb64bbb4a089a4ab6d51d19af3b623851f54875528c05d16b5
Analyzer Verdict Alert fortinet Phishing
GET /zcvisitor/a452e9f1-3c9e-11ed-9a09-0a38d9ed8191/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=7e3f9bd0-43cc-11ec-ba04-0a918cbcbb97 HTTP/1.1
Host: phoka-mps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww38.0eu-daemon.viaxmr.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 25 Sep 2022 06:52:38 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: AccUDcuI
push.services.mozilla.com/
54.149.101.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.101.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aek8LiIW1//W9LyCE0yv5g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DWNu+K1kUj6mba4VGCU9xZVEuBg=
phoka-mps.com/zcredirect?visitid=a452e9f1-3c9e-11ed-9a09-0a38d9ed8191&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
34.194.66.161200 428 B URL HTTP/1.1 phoka-mps.com/zcredirect?visitid=a452e9f1-3c9e-11ed-9a09-0a38d9ed8191&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP 34.194.66.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e76b9dcf7046950e43dc6c14c7e41da4
ab110393b2770a291874f87705eec3ccaad3fc06
0847ca4e25d93ad57750ed425ac508cbe0d3d3b667d8077c2a4a0db1c74419d6
GET /zcredirect?visitid=a452e9f1-3c9e-11ed-9a09-0a38d9ed8191&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: phoka-mps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://phoka-mps.com/zcvisitor/a452e9f1-3c9e-11ed-9a09-0a38d9ed8191/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=7e3f9bd0-43cc-11ec-ba04-0a918cbcbb97
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 25 Sep 2022 06:52:38 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: DtKFNMeS
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 955d909f1fbd01c26f6b50e62bb1b913
067fedfe403ed555694d63407bf53dd0e7870766
47eeb9cfe0d59525e53c4047fd3b2e8fb31bfd66fc0ab204d81232ddbe5abc5f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 06:52:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 02:26:18 GMT
Expires: Fri, 30 Sep 2022 02:26:17 GMT
Etag: "067fedfe403ed555694d63407bf53dd0e7870766"
Cache-Control: max-age=415418,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7501d696dcbb0b06-OSL
phoka-mps.com/favicon.ico
34.194.66.161404 653 B URL HTTP/1.1 phoka-mps.com/favicon.ico
IP 34.194.66.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: phoka-mps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://phoka-mps.com/zcredirect?visitid=a452e9f1-3c9e-11ed-9a09-0a38d9ed8191&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
HTTP/1.1 404
Date: Sun, 25 Sep 2022 06:52:38 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: fGigbGhQ
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9969
Expires: Sun, 25 Sep 2022 09:38:48 GMT
Date: Sun, 25 Sep 2022 06:52:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9969
Expires: Sun, 25 Sep 2022 09:38:48 GMT
Date: Sun, 25 Sep 2022 06:52:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9969
Expires: Sun, 25 Sep 2022 09:38:48 GMT
Date: Sun, 25 Sep 2022 06:52:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9969
Expires: Sun, 25 Sep 2022 09:38:48 GMT
Date: Sun, 25 Sep 2022 06:52:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00c09f267aacde9465a329542463b9e5
1534aa8a5158dfa9592d65e6fb761b41c0852c58
276ff24598159f62fd7333992575834f901eea7c75a228b9c12d1c049f1df558
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7642
x-amzn-requestid: b0fc9bea-7735-43c0-a176-eae4d5000a6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2ZPtHajIAMF8zQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c08ca-391092bd30ae5bf9692e93ba;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:03:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gc7lA-XfgIAhotpUdrOaihuA2nbdMY2zNiJSHZpSN3yKPaT-k93auQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 07:07:29 GMT
age: 85510
etag: "1534aa8a5158dfa9592d65e6fb761b41c0852c58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a89e7161745036637a66e8ab5b7efdf9
79c83cc27996b2339bd63764dbb2ae9744db6d70
13b990c3c6a9bee6def25d007e14628c52e427b6f4c718895b1817d5e8e59760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8715
x-amzn-requestid: d5e237f4-4c0e-4e3b-b3ae-ea1eb5b7cafc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JmTEAwIAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d22f4-48a975a866edc1755858600f;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sm6N8Un8XKHtGGZwxLd1aYygBns1l8siRvcc2w_9V2imJopvt8Ockw==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 07:18:25 GMT
age: 84854
etag: "79c83cc27996b2339bd63764dbb2ae9744db6d70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d59e1bbd58ff8c5fe5faecb58149601
ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd
c16a2adaeaabbe45801ab5d12ceaeab587b525b4959933f53a9c8dcdb12aec68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7757
x-amzn-requestid: 3092c81c-f703-403a-b718-e18f035f9464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQFUWIAMF7Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-565f665c7e34294079703141;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hc0cpj1kMbAQqcM0ooSgEdS8nPP0m4FJD1bHdY7jN2OENNsJF_gluA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 08:16:28 GMT
age: 81371
etag: "ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 33320
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca8f8393365641de380e9443b37a8581
2fde9899cf74129d7df8868008b323a527dc1170
dbcc05dcbbbf4b89bf0f10999c0f5679e822cce6f9e3437f2cafb913606bd8c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9042
x-amzn-requestid: 8c2e6356-2b43-4162-94b9-efd45249047c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmHRtIAMFwaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-034b1944694141f04debec31;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k1hcUfebiQMb8IRsmeAOkyI02F1vUvh7J9GxgU4qO8Ebp3TQUC2fQQ==
via: 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:24:40 GMT
age: 30479
etag: "2fde9899cf74129d7df8868008b323a527dc1170"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9773faaac4deac40b96cd0802e974f36
db601663fa6ee5564eddaf8d3d84c7b04bf3871c
40e7a573f510ff29db04b3fbfacde2ad6ecd67b4c0be30034e057654c86408a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5305
x-amzn-requestid: df7ba218-d20c-4389-8895-affd870ad15f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JqKGtHoAMFcJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d230d-1854a5420f7091316aa4f211;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v37Rjs_OtmFd6UKau0Flv_J6GAWTe0UdA8hXaDmmn6SmLXQbEHeBVQ==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 03:45:44 GMT
age: 11215
etag: "db601663fa6ee5564eddaf8d3d84c7b04bf3871c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a03c1c1ccac3a81e62cd3088739b2470
da5a433139a29e7ba108b5c02b5327db7cda302f
2d69a5dd3a77613c920d646ba969b6ddcb958eaaecd3db126f674524fdcb2914
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 06:52:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjbGlja19pZCI6ICI3YzNhY2RmZC1iYWM0LTQxZTQtOWUxYi04ZjVkYjdhYmNiYjE6ZWY0NWJmMDRmMjkwMzUxZTQ0ZTdiY2JiZThlOTA1N2Q0NjkwOGFmNiIsICJjb3VudHJ5IjogIk5PIn0=
142.250.74.80200 OK 1.4 kB URL HTTP/2 storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjbGlja19pZCI6ICI3YzNhY2RmZC1iYWM0LTQxZTQtOWUxYi04ZjVkYjdhYmNiYjE6ZWY0NWJmMDRmMjkwMzUxZTQ0ZTdiY2JiZThlOTA1N2Q0NjkwOGFmNiIsICJjb3VudHJ5IjogIk5PIn0=
IP 142.250.74.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 54f99c9e98a5b4f17b219e94417e6d2f
80247746ede724755155d0aa8c0082c8b00542bf
c7f94d1b21fdadbcc934c2d31503832763070136eafd23d65cec53f6e49b5634
GET /tmp-static/instal-impressions/impressions.html?data=eyJjbGlja19pZCI6ICI3YzNhY2RmZC1iYWM0LTQxZTQtOWUxYi04ZjVkYjdhYmNiYjE6ZWY0NWJmMDRmMjkwMzUxZTQ0ZTdiY2JiZThlOTA1N2Q0NjkwOGFmNiIsICJjb3VudHJ5IjogIk5PIn0= HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f5ac6e7aac.smapp.work/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvrd855xCw07xhAi8AJ9ztX98bBYQ_HAp1ltjByNLSkkxlbd3DSJE0Skn36qdWvOxs-cFCWVsGf3xqrIkYcGp0mQtQsnTzH
expires: Sun, 25 Sep 2022 07:52:40 GMT
date: Sun, 25 Sep 2022 06:52:40 GMT
cache-control: public, max-age=3600
last-modified: Mon, 10 Jun 2019 16:09:51 GMT
etag: "54f99c9e98a5b4f17b219e94417e6d2f"
x-goog-generation: 1560182991115409
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1357
content-type: text/html
x-goog-hash: crc32c=+7k9hA==, md5=VPmcnpiltPF7IZ6UQX5tLw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1357
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a03c1c1ccac3a81e62cd3088739b2470
da5a433139a29e7ba108b5c02b5327db7cda302f
2d69a5dd3a77613c920d646ba969b6ddcb958eaaecd3db126f674524fdcb2914
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 06:52:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 955d909f1fbd01c26f6b50e62bb1b913
067fedfe403ed555694d63407bf53dd0e7870766
47eeb9cfe0d59525e53c4047fd3b2e8fb31bfd66fc0ab204d81232ddbe5abc5f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 06:52:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 02:26:18 GMT
Expires: Fri, 30 Sep 2022 02:26:17 GMT
Etag: "067fedfe403ed555694d63407bf53dd0e7870766"
Cache-Control: max-age=415416,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7501d6a0bb3b0b06-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 06:52:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-WKCGS93
142.250.74.72200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WKCGS93
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash b72611376c19cee3c660f30dbc627b5d
038528a4290c293b44e578ac256965ce39d384fc
c9233a89d75af2ddd58f3467f61ef0a70ad0c28fb32f69fceb4355a46e2d7e23
GET /gtm.js?id=GTM-WKCGS93 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://storage.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Sep 2022 06:52:40 GMT
expires: Sun, 25 Sep 2022 06:52:40 GMT
cache-control: private, max-age=900
last-modified: Sun, 25 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44307
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 06:52:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f5ac6e7aac.smapp.work/api/v1/click/confirm.js?data=gAAAAABjL_q44esIdPw2ZFjM57gbWbdxuNRRyi9B4BL0wYBujp9VQDaZUzNeYT3qrpdl-lVat8lF5cEmzATOcXvsuIyLZix23_4LpxncNE7Sa6otRh6G1uc6CLQb95KtRo1dPfLkIWTcEktL59DlrVSjM_xWqyUpDJUcJUlUMHFkQAvvF7xeHRAmwOLokJxH29bkb_bewYzYZMhWsP02tD9mw9mlBVxCTQG--omcxADzZzILy52fbHnLq3a3BdY03uQfrbRav97_-DJ-9NSahoDD4yUhk5Hf8CtJ0LPibxqZIIXM2jy6k11JHGvgbu2LZqJBk0lDEYmnd5R-E30FmxSr0MWNPW0BrcRLgitggzZCmTcByGBpbJjBIrCZqdDJ6Rd-ORuLLA_JcSfhapSyRAxLy9jbp-jE4DwtYtKoXAc_BL0kuBgDXi_U9QoQmJkn9IIWgyFZleNGgzdCNUQnBziSIrMNjqta-sNA5bzuInt-Kq14ogqbCMABSvvmag2OYgphRfrUFijFIJwJ4DIBqsSq31AfTS_ewi4Vl0BnP0kxgLMf5F9lhxGzcd9MAZf_-XRnrSTJB4xkqOLtfEI4_EBuZY6dLMkGLcWxCuODs-rRT0GUxyhplnneeHYmkc_KduLaxEUcaaQb8wvxPlVhfYMUY7Hq-3YwmSXcNlI-2KILV6k2jkGjUmMlM9jma4vx4wl1QQh3Xc5NA3AB8QQ_1fH5yJ-J2-gYLUd15-5RzxAgHw8ul3GxIiGKYlFoit5e5xCozJCqH1Q-K7YUmEjJZ6ih0ma8zoRJqwsTBuZO_hVfjgD1184-svRQKoaEOdsQHHLHRNsF5doMJe7sTx5MtDbSzYId6JTsDDgQEkIGGTUt_4ogENaEQZabWKAjm5C-QnwK6Ft8FSRVgSJonFHA-SVrBQ8iJ8pbZ6QBSYNQ7j5SnnP25yJLtR_IOt1ZTqdtfPcw1fZl3FHPM_nAcMa48bupodngzHxS1QHwsfD-zkWtrqsGJ5Wrg2C-YVoQV4KP1yikthg32Ozyy-dVLoMSKzDcO_Y7LGeZmteMpYguo4IQ8wYN0YKs9VOij12ZP3hsJMg24ZZnfjDaTf5TFnEqEpw2axSh5Z4rEaMNpmoMUSfTgvKgWAaQ0qplmZu5GW9HYZ0RxlUojQ5c4xwKw2Se-FOuTJoXei7c9p4cXRhVjmNiCb2S-NQGaOjDmExD3cMhHRyQ26fOiG4D463o1xF-00Hn9ExyAYBtnLVrOjTNPiCMDfo1gFlZrWWLiLqFhX9VPsGRSAmdDh4qu0m56q6-KgzAJ2t8eR3bq4ddaR0_YU-UMSu5IElUkykuH5Sy1Lgs8wFoly7HgDxPNKbjhTQTyENETwex6nRPkE6PJVyfaFa8_mywlqefqABSyxWaXB8hqlf1OHqdQdcj7OrdcrZFUeG3smiiSALSZK7mo2zenQAcehQwFDnbiorwytjEUHZ6gtg12fQiaShUQSB6KtF0qhzMnnSnztzMAnfO802Qu1aEkz-_yCu2De_c_xtxWJvQQyDwmzWPIxzSSg476Cb9cKoAW8OpuOzgvFHxpIE4u0GRc5bmBFIZBCrA_OToOZlZhiatzF2eb_b5MEABrrwpI2bKbecafcCN7Z1v932rcAy9ddLCK2Zi8AgkVyALUnR8xrEy5iZQpW66XkNaNQv4CpyY_LJWR4ca3CiOf1ABRseIwYVyf3zVEMPaLe7Jdg21r8oMtq-mX7SoPwe5l_H8aBQ4okWUAR8izll6oWSBPMU5Pf1huqTfNrXP_ivC1hzGvUHN9Ln_dJ42PCTLNfgPHsNUe4rXPy_iVAc87epaV7tDmsfhYoPW3JhzKXGdkp_yZqOW3pfTTMON5_zGVNUGabPZKKtdJ5PRTwWT6k-Jsn60zG5wnwjjS1VysaVD4_kBk_lxpjzVcQ1YMnRqp8lvlMU-0VkJezsdJSSFzX87kzpsSV5L8CEWQhwrHedvF059sye6HajkUADgQHPs7A_w9n3KHN8ban0lGvbj-Q5feY9P8TbR7TRBxNJv1j0ir-YybJ3S_YET1qQj2sidg64bIZDjRLBKN_cb99SYPWVVf01RKvbcWYWDap70UBIzNn9BH__B4Hjy-wc-dilURtcizoFCGSzQk1WOs3SyHXwnVG9r4hLMojKWQZGFXR9z-DVnrFJ_NtkdfNeH9LmjEAZL8cxeaPnIgJiV_yaglUiFyA6AmN_JNLRWPee3p4u1DlfXNDnzdOgCmiSokjQF69Uapok0w59yMhkTi69aRch_TL6DIKKQ-9fM744FxJbtAh6gOUTdCUBCCzt9voMY2sLvn8f8eIlIbl8iAxSP6o4qQemXQVS-JqCoTkMenhSDLvDQASngOjFO_b8Jvjpt-bPR5zQayi8zTeaEVHvQFBHqgjRUzkSvQAnwO3TSWKc4JdfsiwGnRaWl5FnUeE4lttSVLcs2N34jRpdaWYPoh6bWKYeDzp8-DR3Ia59fO2KVW1lHjV2Wp6oDr-u2
35.186.250.143200 OK 0 B URL HTTP/2 f5ac6e7aac.smapp.work/api/v1/click/confirm.js?data=gAAAAABjL_q44esIdPw2ZFjM57gbWbdxuNRRyi9B4BL0wYBujp9VQDaZUzNeYT3qrpdl-lVat8lF5cEmzATOcXvsuIyLZix23_4LpxncNE7Sa6otRh6G1uc6CLQb95KtRo1dPfLkIWTcEktL59DlrVSjM_xWqyUpDJUcJUlUMHFkQAvvF7xeHRAmwOLokJxH29bkb_bewYzYZMhWsP02tD9mw9mlBVxCTQG--omcxADzZzILy52fbHnLq3a3BdY03uQfrbRav97_-DJ-9NSahoDD4yUhk5Hf8CtJ0LPibxqZIIXM2jy6k11JHGvgbu2LZqJBk0lDEYmnd5R-E30FmxSr0MWNPW0BrcRLgitggzZCmTcByGBpbJjBIrCZqdDJ6Rd-ORuLLA_JcSfhapSyRAxLy9jbp-jE4DwtYtKoXAc_BL0kuBgDXi_U9QoQmJkn9IIWgyFZleNGgzdCNUQnBziSIrMNjqta-sNA5bzuInt-Kq14ogqbCMABSvvmag2OYgphRfrUFijFIJwJ4DIBqsSq31AfTS_ewi4Vl0BnP0kxgLMf5F9lhxGzcd9MAZf_-XRnrSTJB4xkqOLtfEI4_EBuZY6dLMkGLcWxCuODs-rRT0GUxyhplnneeHYmkc_KduLaxEUcaaQb8wvxPlVhfYMUY7Hq-3YwmSXcNlI-2KILV6k2jkGjUmMlM9jma4vx4wl1QQh3Xc5NA3AB8QQ_1fH5yJ-J2-gYLUd15-5RzxAgHw8ul3GxIiGKYlFoit5e5xCozJCqH1Q-K7YUmEjJZ6ih0ma8zoRJqwsTBuZO_hVfjgD1184-svRQKoaEOdsQHHLHRNsF5doMJe7sTx5MtDbSzYId6JTsDDgQEkIGGTUt_4ogENaEQZabWKAjm5C-QnwK6Ft8FSRVgSJonFHA-SVrBQ8iJ8pbZ6QBSYNQ7j5SnnP25yJLtR_IOt1ZTqdtfPcw1fZl3FHPM_nAcMa48bupodngzHxS1QHwsfD-zkWtrqsGJ5Wrg2C-YVoQV4KP1yikthg32Ozyy-dVLoMSKzDcO_Y7LGeZmteMpYguo4IQ8wYN0YKs9VOij12ZP3hsJMg24ZZnfjDaTf5TFnEqEpw2axSh5Z4rEaMNpmoMUSfTgvKgWAaQ0qplmZu5GW9HYZ0RxlUojQ5c4xwKw2Se-FOuTJoXei7c9p4cXRhVjmNiCb2S-NQGaOjDmExD3cMhHRyQ26fOiG4D463o1xF-00Hn9ExyAYBtnLVrOjTNPiCMDfo1gFlZrWWLiLqFhX9VPsGRSAmdDh4qu0m56q6-KgzAJ2t8eR3bq4ddaR0_YU-UMSu5IElUkykuH5Sy1Lgs8wFoly7HgDxPNKbjhTQTyENETwex6nRPkE6PJVyfaFa8_mywlqefqABSyxWaXB8hqlf1OHqdQdcj7OrdcrZFUeG3smiiSALSZK7mo2zenQAcehQwFDnbiorwytjEUHZ6gtg12fQiaShUQSB6KtF0qhzMnnSnztzMAnfO802Qu1aEkz-_yCu2De_c_xtxWJvQQyDwmzWPIxzSSg476Cb9cKoAW8OpuOzgvFHxpIE4u0GRc5bmBFIZBCrA_OToOZlZhiatzF2eb_b5MEABrrwpI2bKbecafcCN7Z1v932rcAy9ddLCK2Zi8AgkVyALUnR8xrEy5iZQpW66XkNaNQv4CpyY_LJWR4ca3CiOf1ABRseIwYVyf3zVEMPaLe7Jdg21r8oMtq-mX7SoPwe5l_H8aBQ4okWUAR8izll6oWSBPMU5Pf1huqTfNrXP_ivC1hzGvUHN9Ln_dJ42PCTLNfgPHsNUe4rXPy_iVAc87epaV7tDmsfhYoPW3JhzKXGdkp_yZqOW3pfTTMON5_zGVNUGabPZKKtdJ5PRTwWT6k-Jsn60zG5wnwjjS1VysaVD4_kBk_lxpjzVcQ1YMnRqp8lvlMU-0VkJezsdJSSFzX87kzpsSV5L8CEWQhwrHedvF059sye6HajkUADgQHPs7A_w9n3KHN8ban0lGvbj-Q5feY9P8TbR7TRBxNJv1j0ir-YybJ3S_YET1qQj2sidg64bIZDjRLBKN_cb99SYPWVVf01RKvbcWYWDap70UBIzNn9BH__B4Hjy-wc-dilURtcizoFCGSzQk1WOs3SyHXwnVG9r4hLMojKWQZGFXR9z-DVnrFJ_NtkdfNeH9LmjEAZL8cxeaPnIgJiV_yaglUiFyA6AmN_JNLRWPee3p4u1DlfXNDnzdOgCmiSokjQF69Uapok0w59yMhkTi69aRch_TL6DIKKQ-9fM744FxJbtAh6gOUTdCUBCCzt9voMY2sLvn8f8eIlIbl8iAxSP6o4qQemXQVS-JqCoTkMenhSDLvDQASngOjFO_b8Jvjpt-bPR5zQayi8zTeaEVHvQFBHqgjRUzkSvQAnwO3TSWKc4JdfsiwGnRaWl5FnUeE4lttSVLcs2N34jRpdaWYPoh6bWKYeDzp8-DR3Ia59fO2KVW1lHjV2Wp6oDr-u2
IP 35.186.250.143:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/click/confirm.js?data=gAAAAABjL_q44esIdPw2ZFjM57gbWbdxuNRRyi9B4BL0wYBujp9VQDaZUzNeYT3qrpdl-lVat8lF5cEmzATOcXvsuIyLZix23_4LpxncNE7Sa6otRh6G1uc6CLQb95KtRo1dPfLkIWTcEktL59DlrVSjM_xWqyUpDJUcJUlUMHFkQAvvF7xeHRAmwOLokJxH29bkb_bewYzYZMhWsP02tD9mw9mlBVxCTQG--omcxADzZzILy52fbHnLq3a3BdY03uQfrbRav97_-DJ-9NSahoDD4yUhk5Hf8CtJ0LPibxqZIIXM2jy6k11JHGvgbu2LZqJBk0lDEYmnd5R-E30FmxSr0MWNPW0BrcRLgitggzZCmTcByGBpbJjBIrCZqdDJ6Rd-ORuLLA_JcSfhapSyRAxLy9jbp-jE4DwtYtKoXAc_BL0kuBgDXi_U9QoQmJkn9IIWgyFZleNGgzdCNUQnBziSIrMNjqta-sNA5bzuInt-Kq14ogqbCMABSvvmag2OYgphRfrUFijFIJwJ4DIBqsSq31AfTS_ewi4Vl0BnP0kxgLMf5F9lhxGzcd9MAZf_-XRnrSTJB4xkqOLtfEI4_EBuZY6dLMkGLcWxCuODs-rRT0GUxyhplnneeHYmkc_KduLaxEUcaaQb8wvxPlVhfYMUY7Hq-3YwmSXcNlI-2KILV6k2jkGjUmMlM9jma4vx4wl1QQh3Xc5NA3AB8QQ_1fH5yJ-J2-gYLUd15-5RzxAgHw8ul3GxIiGKYlFoit5e5xCozJCqH1Q-K7YUmEjJZ6ih0ma8zoRJqwsTBuZO_hVfjgD1184-svRQKoaEOdsQHHLHRNsF5doMJe7sTx5MtDbSzYId6JTsDDgQEkIGGTUt_4ogENaEQZabWKAjm5C-QnwK6Ft8FSRVgSJonFHA-SVrBQ8iJ8pbZ6QBSYNQ7j5SnnP25yJLtR_IOt1ZTqdtfPcw1fZl3FHPM_nAcMa48bupodngzHxS1QHwsfD-zkWtrqsGJ5Wrg2C-YVoQV4KP1yikthg32Ozyy-dVLoMSKzDcO_Y7LGeZmteMpYguo4IQ8wYN0YKs9VOij12ZP3hsJMg24ZZnfjDaTf5TFnEqEpw2axSh5Z4rEaMNpmoMUSfTgvKgWAaQ0qplmZu5GW9HYZ0RxlUojQ5c4xwKw2Se-FOuTJoXei7c9p4cXRhVjmNiCb2S-NQGaOjDmExD3cMhHRyQ26fOiG4D463o1xF-00Hn9ExyAYBtnLVrOjTNPiCMDfo1gFlZrWWLiLqFhX9VPsGRSAmdDh4qu0m56q6-KgzAJ2t8eR3bq4ddaR0_YU-UMSu5IElUkykuH5Sy1Lgs8wFoly7HgDxPNKbjhTQTyENETwex6nRPkE6PJVyfaFa8_mywlqefqABSyxWaXB8hqlf1OHqdQdcj7OrdcrZFUeG3smiiSALSZK7mo2zenQAcehQwFDnbiorwytjEUHZ6gtg12fQiaShUQSB6KtF0qhzMnnSnztzMAnfO802Qu1aEkz-_yCu2De_c_xtxWJvQQyDwmzWPIxzSSg476Cb9cKoAW8OpuOzgvFHxpIE4u0GRc5bmBFIZBCrA_OToOZlZhiatzF2eb_b5MEABrrwpI2bKbecafcCN7Z1v932rcAy9ddLCK2Zi8AgkVyALUnR8xrEy5iZQpW66XkNaNQv4CpyY_LJWR4ca3CiOf1ABRseIwYVyf3zVEMPaLe7Jdg21r8oMtq-mX7SoPwe5l_H8aBQ4okWUAR8izll6oWSBPMU5Pf1huqTfNrXP_ivC1hzGvUHN9Ln_dJ42PCTLNfgPHsNUe4rXPy_iVAc87epaV7tDmsfhYoPW3JhzKXGdkp_yZqOW3pfTTMON5_zGVNUGabPZKKtdJ5PRTwWT6k-Jsn60zG5wnwjjS1VysaVD4_kBk_lxpjzVcQ1YMnRqp8lvlMU-0VkJezsdJSSFzX87kzpsSV5L8CEWQhwrHedvF059sye6HajkUADgQHPs7A_w9n3KHN8ban0lGvbj-Q5feY9P8TbR7TRBxNJv1j0ir-YybJ3S_YET1qQj2sidg64bIZDjRLBKN_cb99SYPWVVf01RKvbcWYWDap70UBIzNn9BH__B4Hjy-wc-dilURtcizoFCGSzQk1WOs3SyHXwnVG9r4hLMojKWQZGFXR9z-DVnrFJ_NtkdfNeH9LmjEAZL8cxeaPnIgJiV_yaglUiFyA6AmN_JNLRWPee3p4u1DlfXNDnzdOgCmiSokjQF69Uapok0w59yMhkTi69aRch_TL6DIKKQ-9fM744FxJbtAh6gOUTdCUBCCzt9voMY2sLvn8f8eIlIbl8iAxSP6o4qQemXQVS-JqCoTkMenhSDLvDQASngOjFO_b8Jvjpt-bPR5zQayi8zTeaEVHvQFBHqgjRUzkSvQAnwO3TSWKc4JdfsiwGnRaWl5FnUeE4lttSVLcs2N34jRpdaWYPoh6bWKYeDzp8-DR3Ia59fO2KVW1lHjV2Wp6oDr-u2 HTTP/1.1
Host: f5ac6e7aac.smapp.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f5ac6e7aac.smapp.work/trkclk/?pid=6100&cid=3244675&custom1=CPC&fw1=badious-buzzard&aff_sub_id=sierra-tun-1x27e46jln
Cookie: cx_ntsl_i=3304d405-3109-415d-970d-3b930e6e7ce6; instal-cookie="2|1:0|10:1664088760|13:instal-cookie|124:eyIzMjQ0Njc1IjogIjdjM2FjZGZkLWJhYzQtNDFlNC05ZTFiLThmNWRiN2FiY2JiMTplZjQ1YmYwNGYyOTAzNTFlNDRlN2JjYmJlOGU5MDU3ZDQ2OTA4YWY2In0=|ad6748eb5168f5e47ac73e930481bbe9b89931ec77a48b4e65f2032277cc7aa7"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 06:52:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: TornadoServer/4.3
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
championtest.top/betting-survey.html?var=6100_3331&ymid=7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1:ef45bf04f290351e44e7bcbbe8e9057d46908af6&offer_id=2058&z=4654991
104.21.10.131200 OK 64 kB URL HTTP/2 championtest.top/betting-survey.html?var=6100_3331&ymid=7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1:ef45bf04f290351e44e7bcbbe8e9057d46908af6&offer_id=2058&z=4654991
IP 104.21.10.131:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1702)
Hash 5df2b4dbedd74a64237208c273450b90
9b5f2a180e7aa4781d90f149f80b5c82e25dc98b
56c65e478d70eb046e4b2476a138660453e9b380996e028c6c353de568273126
GET /betting-survey.html?var=6100_3331&ymid=7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1:ef45bf04f290351e44e7bcbbe8e9057d46908af6&offer_id=2058&z=4654991 HTTP/1.1
Host: championtest.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f5ac6e7aac.smapp.work/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 06:52:42 GMT
content-type: text/html
last-modified: Fri, 23 Sep 2022 08:10:42 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6U0BJSo6opD%2FJWbqzza68s6%2ByjFAY25%2FIS6iD8tx%2FaY8vgKSScG1AKNtajBEflQEwXT0qO53zDMoCXOEpx2byontU1OybEJ7mGIdyEI9%2FC44b%2F%2BLMO2AoBLX%2BDeJwp91Oyc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7501d6ac0974b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 06:52:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=386558,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7501d6aeace90b06-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7943898f0146643d643c27291eca7b6a
fca307822b8ec2f7420fcda6253b7904b5e8df98
091048ff1ffa7727fa23152d07c2baa5f969bfaecf68b3108ccecc1e6c9f68b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "091048FF1FFA7727FA23152D07C2BAA5F969BFAECF68B3108CCECC1E6C9F68B5"
Last-Modified: Sat, 24 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4925
Expires: Sun, 25 Sep 2022 08:14:47 GMT
Date: Sun, 25 Sep 2022 06:52:42 GMT
Connection: keep-alive
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 573c0796d64a8d5a6765745b78beb13f
f72e57278bbbae96d88767b5dd4f034c813aeda2
77541b9c3a7cb1fd27538ef241e84f8cbc1398ce42146af74975d559aa741b50
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://championtest.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 06:52:42 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://championtest.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=def2a53d1dd24b22be360b8f68e62aae; expires=Mon, 25 Sep 2023 06:52:42 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
itcleffaom.com/track?offer_id=2058&z=4654991&request_var=6100_3331&variable2=7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1:ef45bf04f290351e44e7bcbbe8e9057d46908af6
139.45.197.237200 OK 172 B URL HTTP/2 itcleffaom.com/track?offer_id=2058&z=4654991&request_var=6100_3331&variable2=7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1:ef45bf04f290351e44e7bcbbe8e9057d46908af6
IP 139.45.197.237:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f713314749a960eb594d98698efc9b0d
88fe868caba75c22a1db33ae18983fb10ff6d014
1fdff4f6e1992d4403984e15601c0ecfb01a365ea0119883430c39b1f8a48eec
Analyzer Verdict Alert quad9 Sinkholed
GET /track?offer_id=2058&z=4654991&request_var=6100_3331&variable2=7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1:ef45bf04f290351e44e7bcbbe8e9057d46908af6 HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://championtest.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 06:52:42 GMT
content-type: application/json
content-length: 172
x-trace-id: 6b7d8f8ef300c753088be760d7369f9c
access-control-allow-origin: https://championtest.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 75069aebf686a59029328d0a27e063c9
22835c9ac90c9631168bba87053396e8e6bae7d0
dd4340278378c4bd43359f4dffe5316626a5f79f7866ac4a3160c948020f2143
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD4340278378C4BD43359F4DFFE5316626A5F79F7866AC4A3160C948020F2143"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5025
Expires: Sun, 25 Sep 2022 08:16:27 GMT
Date: Sun, 25 Sep 2022 06:52:42 GMT
Connection: keep-alive
itcleffaom.com/rotate?zz=4326386&var=4654991&ymid=6100_3331&uid=def2a53d1dd24b22be360b8f68e62aae
139.45.197.237200 OK 493 B URL HTTP/2 itcleffaom.com/rotate?zz=4326386&var=4654991&ymid=6100_3331&uid=def2a53d1dd24b22be360b8f68e62aae
IP 139.45.197.237:0
File type JSON data\012- , ASCII text, with very long lines (493), with no line terminators
Hash ddec2a53e7e766e57e33ac079812756b
ae043be312c173974c30f37407e58cfdff15c897
ddff4558551e9a9cf417bf968df706b5627b0e0c8c01fa35281ea95b2f1363b0
Analyzer Verdict Alert quad9 Sinkholed
GET /rotate?zz=4326386&var=4654991&ymid=6100_3331&uid=def2a53d1dd24b22be360b8f68e62aae HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://championtest.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 06:52:42 GMT
content-type: application/javascript
content-length: 493
x-trace-id: 98c3ac7e24a8d3ae32075c6685193d57
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://championtest.top
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=def2a53d1dd24b22be360b8f68e62aae; expires=Mon, 25 Sep 2023 06:52:42 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
172.67.149.153200 OK 26 kB URL HTTP/2 cdntechone.com/stattag.js
IP 172.67.149.153:0
File type Unicode text, UTF-8 text, with very long lines (43256), with no line terminators
Hash 37a740b145d5305c4a3cf43c3c72f788
4b706e3b00d0f638f32fcbbb48884641790afc6b
54661d22597c016bf853de20f2e864c5075fcec7fa365e144f2474ba59bcb110
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 06:52:42 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:17:49 GMT
etag: W/"62ebe31d-a8fa"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4020
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23sx8wvDQzKF94jTfYAgUy6TNSQzoeBq%2B3bv%2F7WZdgtzsbePk6jMuualh6xE216AvqS4YpH0sGSl4SsYFOfP054wRXyOentHGliYKmAdjaLv6hP8FbDKKUajO1bhR%2BkRIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7501d6ae9e06b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e9c12a7a1649b130fc149a1863516420
20ce11749b454211e4ecf308a9c3f9ee0bc3c3de
697eba36f6cf75d9eee0fc1213d1d670fa3b82a557384f30f732fac1fa1af5a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 06:52:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 13:33:19 GMT
Expires: Fri, 30 Sep 2022 13:33:18 GMT
Etag: "20ce11749b454211e4ecf308a9c3f9ee0bc3c3de"
Cache-Control: max-age=455434,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7501d6b02dbe0b06-OSL
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Origin: https://championtest.top
Content-Length: 1777
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 25 Sep 2022 06:52:43 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://championtest.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash c60282aaf753145a7d945cc14ab7a1c2
b2f2f46db218ff3e9012be869d66d3f98c934a76
be21a71c61d87ff71487b7b9a6333f0807bbba7f5d7fd225cd12734ae47ac748
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 06:52:43 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 29 Sep 2022 03:20:34 GMT
ETag: "b2f2f46db218ff3e9012be869d66d3f98c934a76"
Last-Modified: Sun, 25 Sep 2022 03:20:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3192
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7501d6b20cf7b4e8-OSL
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 7a68c8644032413981e4ba5bc0d66c4a
2d46ca8055e8577ae7138140e34a6e633434973c
e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72341
date: Sun, 25 Sep 2022 06:52:43 GMT
access-control-allow-origin: *
etag: "632d6d03-11a95"
expires: Sun, 25 Sep 2022 07:52:43 GMT
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 25 Sep 2022 06:52:43 GMT
access-control-allow-origin: *
etag: "632d6d03-2b"
expires: Sun, 25 Sep 2022 07:52:43 GMT
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A158%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A630635110%3Arqn%3A1%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C64%2C1%2C%2C0%2C%2C63%2C1%2C%2C%2C%2C224%3Ans%3A1664088761069%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
87.250.251.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A158%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A630635110%3Arqn%3A1%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C64%2C1%2C%2C0%2C%2C63%2C1%2C%2C%2C%2C224%3Ans%3A1664088761069%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash dd14ba441003a0a9262cbb2f20f3c9aa
abc29c5fb3ba0d1a14c24404479884268420e706
8ce8b08db2cf398f458fff48f022d0b6f608183638024a16b3fd5367082f978b
GET /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A158%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A630635110%3Arqn%3A1%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C64%2C1%2C%2C0%2C%2C63%2C1%2C%2C%2C%2C224%3Ans%3A1664088761069%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://championtest.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Sun, 25 Sep 2022 06:52:43 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://championtest.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 06:52:43 GMT
last-modified: Sun, 25-Sep-2022 06:52:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonSurveyStart&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A572861629%3Arqn%3A2%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1182%2C1182%2C1%2C%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonSurveyStart&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A572861629%3Arqn%3A2%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1182%2C1182%2C1%2C%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonSurveyStart&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A572861629%3Arqn%3A2%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1182%2C1182%2C1%2C%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 77
Origin: https://championtest.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 25 Sep 2022 06:52:43 GMT
access-control-allow-origin: https://championtest.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 06:52:43 GMT
last-modified: Sun, 25-Sep-2022 06:52:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonUnique&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A293698609%3Arqn%3A4%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonUnique&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A293698609%3Arqn%3A4%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonUnique&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A293698609%3Arqn%3A4%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://championtest.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 25 Sep 2022 06:52:43 GMT
access-control-allow-origin: https://championtest.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 06:52:43 GMT
last-modified: Sun, 25-Sep-2022 06:52:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A158%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A630635110%3Arqn%3A1%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C64%2C1%2C%2C0%2C%2C63%2C1%2C%2C%2C%2C224%3Ans%3A1664088761069%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.251.119302 Found 43 B URL HTTP/2 mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A158%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A630635110%3Arqn%3A1%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C64%2C1%2C%2C0%2C%2C63%2C1%2C%2C%2C%2C224%3Ans%3A1664088761069%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A158%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A630635110%3Arqn%3A1%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C64%2C1%2C%2C0%2C%2C63%2C1%2C%2C%2C%2C224%3Ans%3A1664088761069%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://championtest.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A158%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A630635110%3Arqn%3A1%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C64%2C1%2C%2C0%2C%2C63%2C1%2C%2C%2C%2C224%3Ans%3A1664088761069%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Sun, 25 Sep 2022 06:52:43 GMT
access-control-allow-origin: https://championtest.top
set-cookie: yandexuid=1962692751664088763; Expires=Mon, 25-Sep-2023 06:52:43 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1962692751664088763; Expires=Mon, 25-Sep-2023 06:52:43 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2036135211664088763; Path=/; SameSite=None; Secure
i=k8pE0ML68AAA8QliWuzK1YbO2EPdsTcwkMReZz07exwXCzxYniT47qfocZugHlitPo142mpLSbMGObhNxCVg1nHMBeI=; Expires=Wed, 22-Sep-2032 06:52:39 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695624763.yrts.1664088763#1695624763.yrtsi.1664088763; Expires=Mon, 25-Sep-2023 06:52:43 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 06:52:43 GMT
last-modified: Sun, 25-Sep-2022 06:52:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonAdexLoad&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A127317565%3Arqn%3A6%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonAdexLoad&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A127317565%3Arqn%3A6%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonAdexLoad&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A127317565%3Arqn%3A6%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://championtest.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 25 Sep 2022 06:52:43 GMT
access-control-allow-origin: https://championtest.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 06:52:43 GMT
last-modified: Sun, 25-Sep-2022 06:52:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonStepChange&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A245256595%3Arqn%3A5%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonStepChange&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A245256595%3Arqn%3A5%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonStepChange&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A245256595%3Arqn%3A5%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://championtest.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 25 Sep 2022 06:52:43 GMT
access-control-allow-origin: https://championtest.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 06:52:43 GMT
last-modified: Sun, 25-Sep-2022 06:52:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A695777191%3Arqn%3A7%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A695777191%3Arqn%3A7%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A695777191%3Arqn%3A7%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Origin: https://championtest.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 25 Sep 2022 06:52:43 GMT
access-control-allow-origin: https://championtest.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 06:52:43 GMT
last-modified: Sun, 25-Sep-2022 06:52:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A345507609%3Arqn%3A9%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A345507609%3Arqn%3A9%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A345507609%3Arqn%3A9%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://championtest.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 25 Sep 2022 06:52:43 GMT
access-control-allow-origin: https://championtest.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 06:52:43 GMT
last-modified: Sun, 25-Sep-2022 06:52:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonTrackImpression&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A1786578%3Arqn%3A8%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonTrackImpression&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A1786578%3Arqn%3A8%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.top%2FonTrackImpression&page-ref=https%3A%2F%2Fchampiontest.top%2Fbetting-survey.html%3Fvar%3D6100_3331%26ymid%3D7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1%253Aef45bf04f290351e44e7bcbbe8e9057d46908af6%26offer_id%3D2058%26z%3D4654991%26utm_campaign%3D6100_3331%26utm_medium%3D4654991%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664088763_97eab2b3ac9bf63f9f8de8f6ad36b961ebd51e7c3e49786ed8a457992b8e344c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A365811406046%3Ahid%3A227358118%3Az%3A0%3Ai%3A20220925065242%3Aet%3A1664088762%3Ac%3A1%3Arn%3A1786578%3Arqn%3A8%3Au%3A1664088762174402016%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664088761069%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664088762%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 190
Origin: https://championtest.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 25 Sep 2022 06:52:43 GMT
access-control-allow-origin: https://championtest.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 06:52:43 GMT
last-modified: Sun, 25-Sep-2022 06:52:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff440191a-84ee-43b5-bafa-0bb36c962f39.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff440191a-84ee-43b5-bafa-0bb36c962f39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b156552f4d76fd964b279ebcf8cd1f8e
6a02487368bbe41b87feeef1f70f7320392d72a3
ceddf1a515c64d0071a4d90c26de60a27ee2bf2af341bf1572fb05743d2cc644
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff440191a-84ee-43b5-bafa-0bb36c962f39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5293
x-amzn-requestid: a35423bc-9112-48da-85e0-93ac41794d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PkGehoAMF1pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-450fad077885fae416572443;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IAon_ZYxu87A9OB775Q1unI4sdLHdE-Ij9QNYaB2mqftP0IoAsgnvQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:22 GMT
age: 33204
etag: "6a02487368bbe41b87feeef1f70f7320392d72a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a73599d11bb9b59d4714249c4c4e010f
03a8ef020daced8cf01c3e3a2141ebbff3dcb9d8
dd6afff8985c1f3737d0b7ba6cf9fd6dca0b9e6ef90ccf9fdde8defd54968f92
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD6AFFF8985C1F3737D0B7BA6CF9FD6DCA0B9E6EF90CCF9FDDE8DEFD54968F92"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5130
Expires: Sun, 25 Sep 2022 08:18:16 GMT
Date: Sun, 25 Sep 2022 06:52:46 GMT
Connection: keep-alive
f5ac6e7aac.smapp.work/trkclk/?pid=6100&cid=3244675&custom1=CPC&fw1=badious-buzzard&aff_sub_id=sierra-tun-1x27e46jln
35.186.250.143200 OK 0 B URL HTTP/2 f5ac6e7aac.smapp.work/trkclk/?pid=6100&cid=3244675&custom1=CPC&fw1=badious-buzzard&aff_sub_id=sierra-tun-1x27e46jln
IP 35.186.250.143:0
GET /trkclk/?pid=6100&cid=3244675&custom1=CPC&fw1=badious-buzzard&aff_sub_id=sierra-tun-1x27e46jln HTTP/1.1
Host: f5ac6e7aac.smapp.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://phoka-mps.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 06:52:40 GMT
content-type: text/html; charset=UTF-8
clickid: 7c3acdfd-bac4-41e4-9e1b-8f5db7abcbb1:ef45bf04f290351e44e7bcbbe8e9057d46908af6
set-cookie: cx_ntsl_i=3304d405-3109-415d-970d-3b930e6e7ce6; expires=Mon, 21 Sep 2037 06:52:40 GMT; Path=/
instal-cookie="2|1:0|10:1664088760|13:instal-cookie|124:eyIzMjQ0Njc1IjogIjdjM2FjZGZkLWJhYzQtNDFlNC05ZTFiLThmNWRiN2FiY2JiMTplZjQ1YmYwNGYyOTAzNTFlNDRlN2JjYmJlOGU5MDU3ZDQ2OTA4YWY2In0=|ad6748eb5168f5e47ac73e930481bbe9b89931ec77a48b4e65f2032277cc7aa7"; expires=Tue, 25 Oct 2022 06:52:40 GMT; Path=/; SameSite=None; secure
server: TornadoServer/4.3
etag: W/"a8faa55dda852ac01a63e3961b3409a4ecf443f5"
x-frame-options: SAMEORIGIN
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2