www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
142.250.74.179301 Moved Permanently 214 B URL HTTP/1.1 www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 9b8eab4861ebf7ae64d96d017db748a1
4d2ca3f1a5f9323ecba2a1e9e60e696be849e4ae
ea56f0fd6aad600a9035a879bed68a90746e850a23a39cee8a73ba86f16dced5
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /2023/02/kartik-aaryans-adorable-dog-katori-cant.html HTTP/1.1
Host: www.worldstoriess.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 03 Feb 2023 21:57:49 GMT
Expires: Fri, 03 Feb 2023 21:57:49 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 214
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3499
Expires: Fri, 03 Feb 2023 22:56:08 GMT
Date: Fri, 03 Feb 2023 21:57:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9313
Expires: Sat, 04 Feb 2023 00:33:02 GMT
Date: Fri, 03 Feb 2023 21:57:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 21:43:35 GMT
content-type: application/json
age: 855
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4528
Expires: Fri, 03 Feb 2023 23:13:18 GMT
Date: Fri, 03 Feb 2023 21:57:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8cu10lDlkb+2DpDErreRPb3JKKsZjv1BKEVYxbegjzQ754V4pTivRQumZ5WcY1SS9lV70YOWLCE=
x-amz-request-id: JRC0RKHYNWSCSKMQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 21:23:42 GMT
age: 2048
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 21:57:50 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/eRpz6DU8KQs
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/eRpz6DU8KQs
IP 142.250.74.163:0
Hash e5b779bd29e91260b87f84366c800c0f
f465b3185bd408737d97a6a6c87a17af3dd57c5c
80b20227cf73c9beebc17223a2c023d92700f8570bc116617acd62820491ffd5
POST /s/gts1d4/eRpz6DU8KQs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 21:07:19 GMT
age: 3031
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16385
Expires: Sat, 04 Feb 2023 02:30:55 GMT
Date: Fri, 03 Feb 2023 21:57:50 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f73b25b85b47513c518f27e63d9a3938
9d71acd2fc1875bac9399e56b6508f4d5cd31a35
fc6073a0b633a99bc296ceb5afc65e32e77cbe1875cbc2ab22ba4a7869853f56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-Y24N9NQ56R
142.250.74.168200 OK 80 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-Y24N9NQ56R
IP 142.250.74.168:0
File type ASCII text, with very long lines (25667)
Hash d5865743c3de74cc6c949d9ad514daf1
6f1566e8d14d74e97c141581f5d11c3f75c6cbd2
9af213e9a220c458682da1eeacc7162aa9182558f15cc85801a79aa2356448e5
GET /gtag/js?id=G-Y24N9NQ56R HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 21:57:50 GMT
expires: Fri, 03 Feb 2023 21:57:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79815
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.41200 OK 17 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (1441)
Hash f18def4ccec463cf908f91e7cba7f2c1
02d95f67edd84a44c82255ca7abcdbf7f4d0cee5
12b91cbf31131a10b1fc2aa05047c027caeac0d6e0ca5deadf418fff63d68082
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 17447
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 15:34:38 GMT
expires: Wed, 31 Jan 2024 15:34:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 15:51:51 GMT
content-type: text/javascript
age: 282192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
142.250.74.179200 OK 126 kB URL HTTP/2 www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (61770)
Size 126 kB (125600 bytes)
Hash 1a9dd0744ab4a69d54d5df60cee764d3
3dbfadfcfb1f02790c2512b277da5b9ef6111713
436a7756d79a13cc41f9b936e5b46495f125a85f197cda59f0ac7db800613d4f
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /2023/02/kartik-aaryans-adorable-dog-katori-cant.html HTTP/1.1
Host: www.worldstoriess.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Fri, 03 Feb 2023 21:57:50 GMT
date: Fri, 03 Feb 2023 21:57:50 GMT
cache-control: private, max-age=0
last-modified: Fri, 03 Feb 2023 21:21:30 GMT
etag: W/"8ff2aa7c4c8ea408a7c132d9a990067f02dcec61f0f81311b94eb9277b113f30"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 125600
server: GSE
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f73b25b85b47513c518f27e63d9a3938
9d71acd2fc1875bac9399e56b6508f4d5cd31a35
fc6073a0b633a99bc296ceb5afc65e32e77cbe1875cbc2ab22ba4a7869853f56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1149436903-widgets.js
142.250.74.41200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1149436903-widgets.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (2221)
Hash b78721b4cce75b522d9ec0d1fae9e007
4ceaa4752e3e81867193004fe928875abc0af5ce
e85f67824ac9f31deedecf0b1d58878b6b3993bad9f2b48e8312928154012f06
GET /static/v1/widgets/1149436903-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 02:15:05 GMT
expires: Thu, 01 Feb 2024 02:15:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 23:23:14 GMT
content-type: text/javascript
age: 243765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.worldstoriess.tk/js/cookienotice.js
142.250.74.179200 OK 2.0 kB URL HTTP/2 www.worldstoriess.tk/js/cookienotice.js
IP 142.250.74.179:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: www.worldstoriess.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Fri, 03 Feb 2023 21:57:50 GMT
expires: Fri, 10 Feb 2023 21:57:50 GMT
cache-control: public, max-age=604800
last-modified: Fri, 03 Feb 2023 19:56:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.70.68.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.68.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VFF1BqZuZmGTFmN3oNKlGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: llGbeZ0eqwN/4TApsq8kyKI10So=
www.worldstoriess.tk/feeds/posts/default/-/Entertainment%20News?alt=json-in-script&callback=related_results_labels&max-results=6
142.250.74.179200 OK 9.8 kB URL HTTP/2 www.worldstoriess.tk/feeds/posts/default/-/Entertainment%20News?alt=json-in-script&callback=related_results_labels&max-results=6
IP 142.250.74.179:0
File type Unicode text, UTF-8 text, with very long lines (33051)
Hash 03f12ac0a7fbdf0bf386c0661fbe2a31
4e40040313590be08d842b8f7aab427c985f53cd
969b9d89c7f8e33c34383375358654843750f2b12858c317eae3e48bce901f26
GET /feeds/posts/default/-/Entertainment%20News?alt=json-in-script&callback=related_results_labels&max-results=6 HTTP/1.1
Host: www.worldstoriess.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"4f91d090292f9a29cc04b47ffa560f274d2bc2157c584b663993b22564673b0a"
date: Fri, 03 Feb 2023 21:57:50 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Fri, 03 Feb 2023 21:57:51 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 21:21:30 GMT
content-encoding: gzip
content-length: 9813
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9664663ab83741a1319726eceb492bd4
4a136246d5bcc669fae2e06c6dc0d3c2c2a11949
2fc46c47d1fb86ac9bcde91cd2173681a55fe745c1c95470692720867c737e70
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2FC46C47D1FB86AC9BCDE91CD2173681A55FE745C1C95470692720867C737E70"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5885
Expires: Fri, 03 Feb 2023 23:35:56 GMT
Date: Fri, 03 Feb 2023 21:57:51 GMT
Connection: keep-alive
pl18065174.highperformancecpmgate.com/109c3984a14b389092aa6b5a0c10e5d9/invoke.js
192.243.59.20200 OK 9.3 kB URL HTTP/1.1 pl18065174.highperformancecpmgate.com/109c3984a14b389092aa6b5a0c10e5d9/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25058), with no line terminators
Hash 51b277d0a31b96c1dc50e91ef206f1f8
17098357814e0f93922054992c581d5d8102a35b
86c3a1d6b83d9bd18a97112f9681190d833f50fa1d6c78eb05fe5f853ee63a71
Analyzer Verdict Alert quad9 Sinkholed
GET /109c3984a14b389092aa6b5a0c10e5d9/invoke.js HTTP/1.1
Host: pl18065174.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f6771aff14ddd13e98e8f0f4f293ab8a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl18065154.highperformancecpmgate.com/87/37/66/87376675201d88f269c8d56321be20f0.js
173.233.137.52200 OK 13 kB URL HTTP/1.1 pl18065154.highperformancecpmgate.com/87/37/66/87376675201d88f269c8d56321be20f0.js
IP 173.233.137.52:0
File type ASCII text, with very long lines (37128), with no line terminators
Hash 64d9ff1661673408dcc05c9918c832d6
a934b42c450126bffca3647403d17d2172980252
0c01aa47501a62e5e3a46ef33d0ede6bba697713d2a8c9197539f057c6fc713f
Analyzer Verdict Alert quad9 Sinkholed
GET /87/37/66/87376675201d88f269c8d56321be20f0.js HTTP/1.1
Host: pl18065154.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 554f7dc5170fd42207445abfb84aee14
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl18089500.highperformancecpmgate.com/12/e3/6b/12e36b88b694a8905b4175d1bfdd6a07.js
192.243.59.13200 OK 21 kB URL HTTP/1.1 pl18089500.highperformancecpmgate.com/12/e3/6b/12e36b88b694a8905b4175d1bfdd6a07.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60143), with no line terminators
Hash 0e61385a0c3fb103e3d65eded402fc64
c0fe173fb5ab53ad766350bf93b3fc2231893ba3
c7cf68281ee50dc4c63b11950a6fdd22635096a0f1a3ab5330577648e0757603
Analyzer Verdict Alert quad9 Sinkholed
GET /12/e3/6b/12e36b88b694a8905b4175d1bfdd6a07.js HTTP/1.1
Host: pl18089500.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 21:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 03e8d77c14e3216bd3a3b316554bd8e8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8ed0aa8323e751dd1b26751a5bbc08b7
1dc77046253b2642a7def68c7a7d33f4a4a47f47
906f154760200d54a0409b9f229b3c2f8e9d96ca751e44228bb92c29468fd371
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-zxnrT9a3Ofw/XmRFpRDiP0I/AAAAAAAAG3M/tXY-lGS4Z1ktmizov2u8wR2hGrKRAgPpwCLcBGAsYHQ/s1600/loader_light.gif
142.250.74.161200 OK 5.3 kB URL HTTP/2 4.bp.blogspot.com/-zxnrT9a3Ofw/XmRFpRDiP0I/AAAAAAAAG3M/tXY-lGS4Z1ktmizov2u8wR2hGrKRAgPpwCLcBGAsYHQ/s1600/loader_light.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 40 x 40\012- data
Hash 8fe366451f18a417d083ddfd9f5f7e2c
041c1e16013a5d8bcba78f059a358e99a8eb8b54
206c3d36392ab3f56b238f9cd3f0dd19f2b63e6f5d78255a7a82f13714b58994
GET /-zxnrT9a3Ofw/XmRFpRDiP0I/AAAAAAAAG3M/tXY-lGS4Z1ktmizov2u8wR2hGrKRAgPpwCLcBGAsYHQ/s1600/loader_light.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="loader_light.gif"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5316
x-xss-protection: 0
date: Fri, 03 Feb 2023 19:06:56 GMT
expires: Thu, 02 Feb 2023 22:11:14 GMT
cache-control: public, max-age=86400, no-transform
age: 10255
etag: "v1b75"
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8ed0aa8323e751dd1b26751a5bbc08b7
1dc77046253b2642a7def68c7a7d33f4a4a47f47
906f154760200d54a0409b9f229b3c2f8e9d96ca751e44228bb92c29468fd371
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 51587a23f66c8249b593bdd3bc316c26
a44589aa9cf9e0a703e280f130f13783a4dce154
9d3982efed953d409b9ff9e88be9f517be1f563d0569bc8f39ca9c75be104477
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 21:57:52 GMT
Last-Modified: Fri, 03 Feb 2023 20:34:37 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7BAbZdjR72bsNcTGa0Qy2JYa25y7z59T_P9H1p6LpVXXP5ZFzkAudg==
Age: 4996
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 2061eba5d9ed9536ff3ca17e372e4edc
3bddeff8e222f9615c4ad8f2a8e6854e75d8d9b3
c58426b2fb8e187eecf1e025425e027fb44352d95b874369ea459008ec6a5349
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.worldstoriess.tk
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.worldstoriess.tk
access-control-allow-credentials: true
set-cookie: uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1; expires=Mon, 31 Jan 2033 21:57:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2704
Expires: Fri, 03 Feb 2023 22:42:56 GMT
Date: Fri, 03 Feb 2023 21:57:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2704
Expires: Fri, 03 Feb 2023 22:42:56 GMT
Date: Fri, 03 Feb 2023 21:57:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2704
Expires: Fri, 03 Feb 2023 22:42:56 GMT
Date: Fri, 03 Feb 2023 21:57:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2704
Expires: Fri, 03 Feb 2023 22:42:56 GMT
Date: Fri, 03 Feb 2023 21:57:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 61471
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 77568
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e706db8a6107758a148463e916f2532d
4b0b8cb5ced3e3e67b0320a3bbaecd2176e21b81
673f18036a53f8ff297ef6a63fd094e7c41d90f3960f0e687a741cc7dd3f6172
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6791
x-amzn-requestid: 665115ea-728e-4a55-aaf8-b09db3fa67a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffl96FIzIAMFYGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61d25-0abbd7262ca10b7a7d2bf9eb;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:15:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nPgaBSGyLJQnN0ofVRFniW2LqzgKVWchSKYSjYCmuPtpL9Ner81ARQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 19:18:09 GMT
age: 9583
etag: "4b0b8cb5ced3e3e67b0320a3bbaecd2176e21b81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:47:06 GMT
age: 646
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 84599
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 84542
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9e27bb5da2b88c27d27dc9884538b506
35e1dc9863f70107b239cd9d8c0324a8e287a228
dcf69f734c153c581f250517c3b80ea268a54945eeb6456a3a41304836d7e0be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DCF69F734C153C581F250517C3B80EA268A54945EEB6456A3A41304836D7E0BE"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5391
Expires: Fri, 03 Feb 2023 23:27:43 GMT
Date: Fri, 03 Feb 2023 21:57:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash c7f89fdd783e35486b22625cb506da04
7a45defd22786b1ca257b21bb74d758149037426
3a695a81a72e80c5b9ce0889c960c64c9af49fc5e6c7e90a377686943020e4ad
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 03 Feb 2023 21:57:52 GMT
date: Fri, 03 Feb 2023 21:57:52 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 02b4f48fc6759b3b896da81f2346ce91
60be19044474bee69491c91c946aea280ea67abe
fe505ecf0d4de8b9d8755bbbde4e104f320beef1424dcd3732720ed9f95a93e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE505ECF0D4DE8B9D8755BBBDE4E104F320BEEF1424DCD3732720ED9F95A93E3"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3625
Expires: Fri, 03 Feb 2023 22:58:17 GMT
Date: Fri, 03 Feb 2023 21:57:52 GMT
Connection: keep-alive
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 306281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.78200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 03 Feb 2023 21:57:52 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+533; expires=Sun, 02-Feb-2025 21:57:52 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Feb 2023 21:57:52 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.78200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2978
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 03 Feb 2023 21:57:52 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+623; expires=Sun, 02-Feb-2025 21:57:52 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Feb 2023 21:57:52 GMT
X-Firefox-Spdy: h2
pompeydesigning.com/pixel/purst?dl=0&th=0&sc=0&rs=2068&rd=2068&fd=1050&bv=22.10.v.9&tmpl=70
173.233.137.60200 OK 0 B URL HTTP/1.1 pompeydesigning.com/pixel/purst?dl=0&th=0&sc=0&rs=2068&rd=2068&fd=1050&bv=22.10.v.9&tmpl=70
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2068&rd=2068&fd=1050&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: pompeydesigning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:57:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.profitabledisplayformat.com/c7cdb9191724b3013f8e39290b9f61e6/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/c7cdb9191724b3013f8e39290b9f61e6/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26957), with no line terminators
Hash 86295fee54e926cfe2925fd6d76d40a2
b61515431a29e8caf8468c4be68a350ac70e26c9
024e3c01ae47735eab4de29579ea9701c370a67554a78834a8bf57dcad1fc053
Analyzer Verdict Alert quad9 Sinkholed
GET /c7cdb9191724b3013f8e39290b9f61e6/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:57:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 43e9a38ef0b4afae3dd3d1a75c1e7079
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
region1.google-analytics.com/g/collect?v=2&tid=G-Y24N9NQ56R>m=45je3210&_p=358929488&cid=1362390027.1675461505&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675461504&sct=1&seg=0&dl=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&dt=Kartik%20Aaryan%E2%80%99s%20adorable%20dog%20Katori%20can%E2%80%99t%20get%20enough%20of%20her%20human.%20Watch%20video%20%7C%20Bollywood%20-%20World%20Stories&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-Y24N9NQ56R>m=45je3210&_p=358929488&cid=1362390027.1675461505&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675461504&sct=1&seg=0&dl=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&dt=Kartik%20Aaryan%E2%80%99s%20adorable%20dog%20Katori%20can%E2%80%99t%20get%20enough%20of%20her%20human.%20Watch%20video%20%7C%20Bollywood%20-%20World%20Stories&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Y24N9NQ56R>m=45je3210&_p=358929488&cid=1362390027.1675461505&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675461504&sct=1&seg=0&dl=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&dt=Kartik%20Aaryan%E2%80%99s%20adorable%20dog%20Katori%20can%E2%80%99t%20get%20enough%20of%20her%20human.%20Watch%20video%20%7C%20Bollywood%20-%20World%20Stories&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.worldstoriess.tk
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.worldstoriess.tk
date: Fri, 03 Feb 2023 21:57:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.profitabledisplayformat.com/d0ddef2793efa870d3bcb68cac54290a/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/d0ddef2793efa870d3bcb68cac54290a/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash fbf37c28ac43aa7c9edeab354c41002c
c4ae0d52cb4b3888f87d4370f49dfcca91a08894
499e4c6fa89c65218060f07d0f2102782c45874d2c04c022099c8af0e7869f7b
Analyzer Verdict Alert quad9 Sinkholed
GET /d0ddef2793efa870d3bcb68cac54290a/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:57:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a4e44a28245e49d3f4a3a1498bf40b7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 86989
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 16:40:43 GMT
expires: Fri, 02 Feb 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 105429
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47d3156a01937914d3788651a5a1df4e
9f757e95fa9ba9ea3949d29f2617040b3088464a
95796fa7ec26c1f9f6f4d1503b0034405e323786758ae835de2ae53f6e378ec5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95796FA7EC26C1F9F6F4D1503B0034405E323786758AE835DE2AE53F6E378EC5"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10312
Expires: Sat, 04 Feb 2023 00:49:44 GMT
Date: Fri, 03 Feb 2023 21:57:52 GMT
Connection: keep-alive
www.profitabledisplayformat.com/ea2ebc35562540e44e40b02ae98448c6/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/ea2ebc35562540e44e40b02ae98448c6/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Hash c74bc9a8de6743fbc9b15ba1646e48ee
e3904c24384ad32db6c4b8b7e32c1b79fc1d029d
ab54614f0b064550d68e6c6ce86f5ed0e25b63e76f3724e72220d6e2506f62d3
Analyzer Verdict Alert quad9 Sinkholed
GET /ea2ebc35562540e44e40b02ae98448c6/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:57:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e33ef4950dd135e65f2f2e0488a2ba32
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fcfded24631a1b18f0c0f0ca0d37a32d
40a4731eb28232749631636c3ad4924248cfe059
aea7c9ebb4fbbd587bb77a4d1b40674f72a1e573778272ab025186599ea60c2a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEA7C9EBB4FBBD587BB77A4D1B40674F72A1E573778272AB025186599EA60C2A"
Last-Modified: Thu, 02 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2256
Expires: Fri, 03 Feb 2023 22:35:29 GMT
Date: Fri, 03 Feb 2023 21:57:53 GMT
Connection: keep-alive
www.profitabledisplayformat.com/c7cdb9191724b3013f8e39290b9f61e6/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/c7cdb9191724b3013f8e39290b9f61e6/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 9f4dfc94cceae7aaa438453734879d62
14df41414781f55b80291c584ad2af2b3723cfbc
39dfa39e04cc14535332ff736ff57f5505f516c88a16923f64d373a026fe919f
Analyzer Verdict Alert quad9 Sinkholed
GET /c7cdb9191724b3013f8e39290b9f61e6/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 06f65ed9caa83943b6bf4a13b523dfa1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
inflectedminimalbits.com/watch.1136817542276.js?key=c7cdb9191724b3013f8e39290b9f61e6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 inflectedminimalbits.com/watch.1136817542276.js?key=c7cdb9191724b3013f8e39290b9f61e6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1136817542276.js?key=c7cdb9191724b3013f8e39290b9f61e6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1 HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.worldstoriess.tk
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.worldstoriess.tk
Access-Control-Allow-Origin: https://www.worldstoriess.tk
Access-Control-Allow-Credentials: true
Location: https://inflectedminimalbits.com/watch.1136817542276.js?key=c7cdb9191724b3013f8e39290b9f61e6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&shu=a2bd79f323c2b6adabc3bc59d49121ac392055943141c4b36e9331a518ac86eef186ad536c068b5e079fd27cca2a96e65caa3764e14ec020f624519fbf81e1542d4d7c59047d4d7c8baee99a33ac8d47511da90b&pst=1675461533&rmtc=t
Set-Cookie: u_pl=17970213; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk3MDIxMywiayI6ImM3Y2RiOTE5MTcyNGIzMDEzZjhlMzkyOTBiOWY2MWU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDc1NDU4LCJwaWQiOjYwODIwMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoiZG11cHNiaTIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cud29ybGRzdG9yaWVzcy50ay8yMDIzLzAyL2thcnRpay1hYXJ5YW5zLWFkb3JhYmxlLWRvZy1rYXRvcmktY2FudC5odG1sIn19.CZXTf8QAAXuZjWqO9Kn6VWgyWw08dF0DKfQEWsqJ0VY; expires=Fri, 03 Feb 2023 21:58:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8d618460dc1dd373b2fb29a3fc53ea85
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.sectigo.com/
172.64.155.188200 OK 280 B IP 172.64.155.188:0
Hash a276193a48c4e77877da81e099a3b504
a641e796e689acb14da9d8f820f6d3795bc69a06
07f6df38eec3e8357decd9388da978f0a43519a76d96be8d03be1a8b6cd64f67
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 04:43:15 GMT
Expires: Thu, 09 Feb 2023 04:43:14 GMT
Etag: "a641e796e689acb14da9d8f820f6d3795bc69a06"
Cache-Control: max-age=455720,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793e6cbf0bc2b4ed-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 055a30c20ae61c2109698676bcd3dc8f
34d0f695b1c3488ae1b9482ed46ce6dc7f8e4177
74736a36c8d7641a4318742068fbc6efc8d8588762af8ee941cf2336b3a6e79a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:53 GMT
Server: ECS (amb/6BC1)
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3e4acd46b234f93b8f66bddfb049e7f1
f606219397d2684ccb9fe3daa394b00145d9ac6b
4cf65578835d4adc49e92099f07b3566d6e5f8a8406acfe7dd1fa4fc45df1033
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CF65578835D4ADC49E92099F07B3566D6E5F8A8406ACFE7DD1FA4FC45DF1033"
Last-Modified: Fri, 03 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7738
Expires: Sat, 04 Feb 2023 00:06:51 GMT
Date: Fri, 03 Feb 2023 21:57:53 GMT
Connection: keep-alive
www.profitabledisplayformat.com/d0ddef2793efa870d3bcb68cac54290a/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/d0ddef2793efa870d3bcb68cac54290a/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 1a3f818c385ff73a32f7aab38cfeb85f
8c7ba56032f6b7e23b5cc610485f4c62699803db
0473bbf8c765e8a023a112ce33f49508cf5576c43db1b26bafbf47618af438b4
Analyzer Verdict Alert quad9 Sinkholed
GET /d0ddef2793efa870d3bcb68cac54290a/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fec152b120b7935f18137d8ecea7e4f9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
subscribestormyapprobation.com/watch.584745681638.js?key=d0ddef2793efa870d3bcb68cac54290a&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 subscribestormyapprobation.com/watch.584745681638.js?key=d0ddef2793efa870d3bcb68cac54290a&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.584745681638.js?key=d0ddef2793efa870d3bcb68cac54290a&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1 HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.worldstoriess.tk
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.worldstoriess.tk
Access-Control-Allow-Origin: https://www.worldstoriess.tk
Access-Control-Allow-Credentials: true
Location: https://subscribestormyapprobation.com/watch.584745681638.js?key=d0ddef2793efa870d3bcb68cac54290a&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&shu=808ee42dea457a9f6daf1d3944aeeeea29c633c7a5d6f1502e07789952201099f87e9a9a79c5490f28efebbf38f6f9a76718f7a1e5f1cf697e766f4149b999c7bae1a7222895d975afa4360e6ab6278211b56db8&pst=1675461533&rmtc=t
Set-Cookie: u_pl=17964665; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk2NDY2NSwiayI6ImQwZGRlZjI3OTNlZmE4NzBkM2JjYjY4Y2FjNTQyOTBhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDc1NDU4LCJwaWQiOjYwODIwMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoaXJ5a3h3ZGMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cud29ybGRzdG9yaWVzcy50ay8yMDIzLzAyL2thcnRpay1hYXJ5YW5zLWFkb3JhYmxlLWRvZy1rYXRvcmktY2FudC5odG1sIn19.M82Ex7IkUetYReSSIz3v2-bn1_7IlNPFPJiEmqEKc7s; expires=Fri, 03 Feb 2023 21:58:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f2e1aa0712d4eeee25b6d13d3720c3da
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fb4ecd839f7ed51e9ba9cac23c7a68e
562d72cdf0d15d346e67cb2b38957f215ef67728
5823262a8ee1332d649246f890c2e4065c27d963dec4aa6afa24cbbd50ef6746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5823262A8EE1332D649246F890C2E4065C27D963DEC4AA6AFA24CBBD50EF6746"
Last-Modified: Thu, 02 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2939
Expires: Fri, 03 Feb 2023 22:46:52 GMT
Date: Fri, 03 Feb 2023 21:57:53 GMT
Connection: keep-alive
inflectedminimalbits.com/watch.1136817542276.js?key=c7cdb9191724b3013f8e39290b9f61e6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&shu=a2bd79f323c2b6adabc3bc59d49121ac392055943141c4b36e9331a518ac86eef186ad536c068b5e079fd27cca2a96e65caa3764e14ec020f624519fbf81e1542d4d7c59047d4d7c8baee99a33ac8d47511da90b&pst=1675461533&rmtc=t
192.243.61.227200 OK 635 B URL HTTP/1.1 inflectedminimalbits.com/watch.1136817542276.js?key=c7cdb9191724b3013f8e39290b9f61e6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&shu=a2bd79f323c2b6adabc3bc59d49121ac392055943141c4b36e9331a518ac86eef186ad536c068b5e079fd27cca2a96e65caa3764e14ec020f624519fbf81e1542d4d7c59047d4d7c8baee99a33ac8d47511da90b&pst=1675461533&rmtc=t
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (581)
Hash 720fa68c60252f6b6bc1a38e06aa2e0a
cefc3054cd44f9a88cfe0d4f52a7c67511b5b18d
ffac61ad29e993fa55dec93478482962a5c411ed1189f826c93bdc052a8841c0
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1136817542276.js?key=c7cdb9191724b3013f8e39290b9f61e6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&shu=a2bd79f323c2b6adabc3bc59d49121ac392055943141c4b36e9331a518ac86eef186ad536c068b5e079fd27cca2a96e65caa3764e14ec020f624519fbf81e1542d4d7c59047d4d7c8baee99a33ac8d47511da90b&pst=1675461533&rmtc=t HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.worldstoriess.tk
Referer: https://www.worldstoriess.tk/
Connection: keep-alive
Cookie: u_pl=17970213; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk3MDIxMywiayI6ImM3Y2RiOTE5MTcyNGIzMDEzZjhlMzkyOTBiOWY2MWU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDc1NDU4LCJwaWQiOjYwODIwMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoiZG11cHNiaTIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cud29ybGRzdG9yaWVzcy50ay8yMDIzLzAyL2thcnRpay1hYXJ5YW5zLWFkb3JhYmxlLWRvZy1rYXRvcmktY2FudC5odG1sIn19.CZXTf8QAAXuZjWqO9Kn6VWgyWw08dF0DKfQEWsqJ0VY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.worldstoriess.tk
Access-Control-Allow-Origin: https://www.worldstoriess.tk
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1; expires=Fri, 10 Feb 2023 21:57:53 GMT; secure; SameSite=None
iprc163ab7c110ae8812dfcf9ee00342101d=2717341; expires=Sat, 04 Feb 2023 23:57:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
uncs32=1; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cbfe15b9eaec597cc22691fb136cd578
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 055a30c20ae61c2109698676bcd3dc8f
34d0f695b1c3488ae1b9482ed46ce6dc7f8e4177
74736a36c8d7641a4318742068fbc6efc8d8588762af8ee941cf2336b3a6e79a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:53 GMT
Last-Modified: Fri, 03 Feb 2023 21:57:53 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
www.profitabledisplayformat.com/ea2ebc35562540e44e40b02ae98448c6/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/ea2ebc35562540e44e40b02ae98448c6/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 8d34308964e23f3032d41b2c7360f184
6aa35f2832a5b754f1dc2f040354330b2ad5f9e9
02cc2f12f778d7c2a4c1f368cddbcaf053bb31c51fbf1c96619e585e2b057967
Analyzer Verdict Alert quad9 Sinkholed
GET /ea2ebc35562540e44e40b02ae98448c6/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0eb2e8c902995526d8d993ff562ee060
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5edf06da7a0227d78287f1137f5790ec
2bc02cdaf7b531e47de186d5a548e3919aa71f6c
5d8d6286284a29aeb2396a779c60cdd70e7a45818170eca4e8531df436843473
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D8D6286284A29AEB2396A779C60CDD70E7A45818170ECA4E8531DF436843473"
Last-Modified: Thu, 02 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4297
Expires: Fri, 03 Feb 2023 23:09:30 GMT
Date: Fri, 03 Feb 2023 21:57:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31ced9359ed0edd56a09608f0ef2fe66
62d577d3b99b0be9d38cffd8e83b0351ee6b93a6
e05a0ba35ee20d920a856974f596e817130ed78369dceaacedd2166ba7c2f732
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E05A0BA35EE20D920A856974F596E817130ED78369DCEAACEDD2166BA7C2F732"
Last-Modified: Thu, 02 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5247
Expires: Fri, 03 Feb 2023 23:25:20 GMT
Date: Fri, 03 Feb 2023 21:57:53 GMT
Connection: keep-alive
publishercounting.com/watch.365510157029?key=c7cdb9191724b3013f8e39290b9f61e6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
173.233.139.164200 OK 1.3 kB URL HTTP/1.1 publishercounting.com/watch.365510157029?key=c7cdb9191724b3013f8e39290b9f61e6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (743)
Hash 4f0ef143261e13fa00859c5b7b9995d6
bcc3aa76ed3cbbf0079208e6d1f67e3466be1931
be05efbe51baa0872a06cd448009a95abbe5baf42ac8146b7475310c6d78c9f2
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.365510157029?key=c7cdb9191724b3013f8e39290b9f61e6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1 HTTP/1.1
Host: publishercounting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17970213; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk3MDIxMywiayI6ImM3Y2RiOTE5MTcyNGIzMDEzZjhlMzkyOTBiOWY2MWU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDc1NDU4LCJwaWQiOjYwODIwMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoiZG11cHNiaTIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cud29ybGRzdG9yaWVzcy50ay8yMDIzLzAyL2thcnRpay1hYXJ5YW5zLWFkb3JhYmxlLWRvZy1rYXRvcmktY2FudC5odG1sIn19.CZXTf8QAAXuZjWqO9Kn6VWgyWw08dF0DKfQEWsqJ0VY; expires=Fri, 03 Feb 2023 21:58:53 GMT; secure; SameSite=None
uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1; expires=Fri, 10 Feb 2023 21:57:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 64da756a545f7164a97d366238c25ed1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
outdilateinterrupt.com/watch.1614453971124?key=ea2ebc35562540e44e40b02ae98448c6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
192.243.59.20200 OK 1.3 kB URL HTTP/1.1 outdilateinterrupt.com/watch.1614453971124?key=ea2ebc35562540e44e40b02ae98448c6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (743)
Hash 50d1317fcf8b03d1cb83552735f4fb71
d66cb3ad00e1c830a1ce4eda9466f281d7b32ec6
b62c6f2e3779e793a35c404704c816fa7e808b1a515839e39e20e77c88d9809c
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1614453971124?key=ea2ebc35562540e44e40b02ae98448c6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1 HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17964710; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk2NDcxMCwiayI6ImVhMmViYzM1NTYyNTQwZTQ0ZTQwYjAyYWU5ODQ0OGM2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDc1NDU4LCJwaWQiOjYwODIwMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidmJtaTRqdmpjciIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy53b3JsZHN0b3JpZXNzLnRrLzIwMjMvMDIva2FydGlrLWFhcnlhbnMtYWRvcmFibGUtZG9nLWthdG9yaS1jYW50Lmh0bWwifX0.xc8ekXngIjQe3EHpxFPuMEhhXvsReWJUAElEmvPy2ao; expires=Fri, 03 Feb 2023 21:58:53 GMT; secure; SameSite=None
uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1; expires=Fri, 10 Feb 2023 21:57:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8e1be56471b130fd9865198a3cd70b04
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
subscribestormyapprobation.com/watch.584745681638?key=d0ddef2793efa870d3bcb68cac54290a&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
192.243.59.13200 OK 1.3 kB URL HTTP/1.1 subscribestormyapprobation.com/watch.584745681638?key=d0ddef2793efa870d3bcb68cac54290a&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (743)
Hash 69e3e3848909a05c4916ad8103d8dc58
a320a9b1a4ae54212ff7bda5db726d7b86daf775
79d18a53d19e30943b28ce14554cb26ac157dea53f0afadc97a1d6c0e9792413
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.584745681638?key=d0ddef2793efa870d3bcb68cac54290a&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1 HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Cookie: u_pl=17964665; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk2NDY2NSwiayI6ImQwZGRlZjI3OTNlZmE4NzBkM2JjYjY4Y2FjNTQyOTBhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDc1NDU4LCJwaWQiOjYwODIwMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoaXJ5a3h3ZGMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cud29ybGRzdG9yaWVzcy50ay8yMDIzLzAyL2thcnRpay1hYXJ5YW5zLWFkb3JhYmxlLWRvZy1rYXRvcmktY2FudC5odG1sIn19.M82Ex7IkUetYReSSIz3v2-bn1_7IlNPFPJiEmqEKc7s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk2NDY2NSwiayI6ImQwZGRlZjI3OTNlZmE4NzBkM2JjYjY4Y2FjNTQyOTBhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDc1NDU4LCJwaWQiOjYwODIwMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoaXJ5a3h3ZGMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3Lndvcmxkc3Rvcmllc3MudGsvMjAyMy8wMi9rYXJ0aWstYWFyeWFucy1hZG9yYWJsZS1kb2cta2F0b3JpLWNhbnQuaHRtbCJ9fQ.rvRz5K8PQNmkG-d7sn_CIhpxgsKKUk1n9FilMa_YsK4; expires=Fri, 03 Feb 2023 21:58:53 GMT; secure; SameSite=None
uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1; expires=Fri, 10 Feb 2023 21:57:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 96b79dd5f9c6baf76a42579d4af9a6fd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
naveljutmistress.com/watch.586609841864?key=ea2ebc35562540e44e40b02ae98448c6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
173.233.137.36200 OK 1.3 kB URL HTTP/1.1 naveljutmistress.com/watch.586609841864?key=ea2ebc35562540e44e40b02ae98448c6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (743)
Hash 4633c9e7efc4d63c05df9882078be5e2
f233524b755811a3b64880500806fb6ad97ac4a1
f868f8bf90dc9cebaddbc6e86a38906f28a0e936102fa9be0a19810f9263da3e
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.586609841864?key=ea2ebc35562540e44e40b02ae98448c6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1 HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17964710; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk2NDcxMCwiayI6ImVhMmViYzM1NTYyNTQwZTQ0ZTQwYjAyYWU5ODQ0OGM2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDc1NDU4LCJwaWQiOjYwODIwMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidmJtaTRqdmpjciIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy53b3JsZHN0b3JpZXNzLnRrLzIwMjMvMDIva2FydGlrLWFhcnlhbnMtYWRvcmFibGUtZG9nLWthdG9yaS1jYW50Lmh0bWwifX0.xc8ekXngIjQe3EHpxFPuMEhhXvsReWJUAElEmvPy2ao; expires=Fri, 03 Feb 2023 21:58:53 GMT; secure; SameSite=None
uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1; expires=Fri, 10 Feb 2023 21:57:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 548ca3713618002ee68b42badc3c4001
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
revolveoppress.com/watch.670397478310?key=d0ddef2793efa870d3bcb68cac54290a&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
192.243.59.20200 OK 1.3 kB URL HTTP/1.1 revolveoppress.com/watch.670397478310?key=d0ddef2793efa870d3bcb68cac54290a&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (743)
Hash 419a1f93e85160c275339ed57d95d1db
5b1b01a85db5525f52f263c537c08862411df026
e58aa73993b97dd0c0ce32310007e43413e16958c157ec321c19b14fabfc0d61
GET /watch.670397478310?key=d0ddef2793efa870d3bcb68cac54290a&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1 HTTP/1.1
Host: revolveoppress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17964665; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk2NDY2NSwiayI6ImQwZGRlZjI3OTNlZmE4NzBkM2JjYjY4Y2FjNTQyOTBhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDc1NDU4LCJwaWQiOjYwODIwMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoaXJ5a3h3ZGMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cud29ybGRzdG9yaWVzcy50ay8yMDIzLzAyL2thcnRpay1hYXJ5YW5zLWFkb3JhYmxlLWRvZy1rYXRvcmktY2FudC5odG1sIn19.M82Ex7IkUetYReSSIz3v2-bn1_7IlNPFPJiEmqEKc7s; expires=Fri, 03 Feb 2023 21:58:53 GMT; secure; SameSite=None
uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1; expires=Fri, 10 Feb 2023 21:57:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e7eed805db160f0a7247efe07ba602c4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
publishercounting.com/watch.365510157029?shu=b6c7578b86ada1029a4ec83b62b43e375f2477bed788b76c3e8f1fef1cca3ab6a47682fea5fe4e35ca986dbe61ce294d377dbfec9d94875e8faa46ab272374c30cc1b8efcf68bab2876d962837acfc43649f180844e1ed7b4c9517a8ab5f655a2e&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=c7cdb9191724b3013f8e39290b9f61e6&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&tz=0&dev=e&res=12.1055
173.233.139.164200 OK 1.8 kB URL HTTP/1.1 publishercounting.com/watch.365510157029?shu=b6c7578b86ada1029a4ec83b62b43e375f2477bed788b76c3e8f1fef1cca3ab6a47682fea5fe4e35ca986dbe61ce294d377dbfec9d94875e8faa46ab272374c30cc1b8efcf68bab2876d962837acfc43649f180844e1ed7b4c9517a8ab5f655a2e&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=c7cdb9191724b3013f8e39290b9f61e6&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&tz=0&dev=e&res=12.1055
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2456)
Hash c2d8b2baf720f8b51bb0c763028ee97a
c84ac3a7160285bf6c361a1c9270b81fcb233e3b
1bf3d425fc1a236f4fb42a0f2619632318757ab4e806e8499341112db2a8888b
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.365510157029?shu=b6c7578b86ada1029a4ec83b62b43e375f2477bed788b76c3e8f1fef1cca3ab6a47682fea5fe4e35ca986dbe61ce294d377dbfec9d94875e8faa46ab272374c30cc1b8efcf68bab2876d962837acfc43649f180844e1ed7b4c9517a8ab5f655a2e&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=c7cdb9191724b3013f8e39290b9f61e6&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: publishercounting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://publishercounting.com/watch.365510157029?key=c7cdb9191724b3013f8e39290b9f61e6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
Cookie: u_pl=17970213; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk3MDIxMywiayI6ImM3Y2RiOTE5MTcyNGIzMDEzZjhlMzkyOTBiOWY2MWU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDc1NDU4LCJwaWQiOjYwODIwMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoiZG11cHNiaTIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cud29ybGRzdG9yaWVzcy50ay8yMDIzLzAyL2thcnRpay1hYXJ5YW5zLWFkb3JhYmxlLWRvZy1rYXRvcmktY2FudC5odG1sIn19.CZXTf8QAAXuZjWqO9Kn6VWgyWw08dF0DKfQEWsqJ0VY; uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
Access-Control-Allow-Origin: https://www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1; expires=Fri, 10 Feb 2023 21:57:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
uncs32=1; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bb2a1302317f6551e097af598b9be68f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.106200 OK 24 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.106:0
Hash 8a0b7b20e462f43957868c446074075a
a6ff17cf31ed978eaf1cb342c90f508165962115
a3acef71e2919a05d091e1905712aa279ba3369576d4714d040d120347c963d2
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.crictimes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 00:57:20 GMT
expires: Sun, 28 Jan 2024 00:57:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 594033
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
subscribestormyapprobation.com/watch.584745681638?shu=41db131e62f1989251ed46a4be54a854f87c448d0884aebd522cadac0acd9f0a500df8692437c3d0cbe2249a313d2687e41d6117dfa268e74cbafcf80f9c34999b27c0de17a924f17b6a0f566e4ee95b210f5e31afbd3a7eae3ac7740a6fcf&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=d0ddef2793efa870d3bcb68cac54290a&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&tz=0&dev=e&res=12.1055
192.243.59.13200 OK 1.8 kB URL HTTP/1.1 subscribestormyapprobation.com/watch.584745681638?shu=41db131e62f1989251ed46a4be54a854f87c448d0884aebd522cadac0acd9f0a500df8692437c3d0cbe2249a313d2687e41d6117dfa268e74cbafcf80f9c34999b27c0de17a924f17b6a0f566e4ee95b210f5e31afbd3a7eae3ac7740a6fcf&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=d0ddef2793efa870d3bcb68cac54290a&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&tz=0&dev=e&res=12.1055
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2433)
Hash 3ac11ab68cf1083244869b002b7abfd8
60eca793ad0254b81e08a2723d7fc9667efd02bb
36b973dee8007b937c44a615ed5da19fc66092eeba0a7b87fd4cf0ffe0f01e19
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.584745681638?shu=41db131e62f1989251ed46a4be54a854f87c448d0884aebd522cadac0acd9f0a500df8692437c3d0cbe2249a313d2687e41d6117dfa268e74cbafcf80f9c34999b27c0de17a924f17b6a0f566e4ee95b210f5e31afbd3a7eae3ac7740a6fcf&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=d0ddef2793efa870d3bcb68cac54290a&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://subscribestormyapprobation.com/watch.584745681638?key=d0ddef2793efa870d3bcb68cac54290a&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
Cookie: u_pl=17964665; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk2NDY2NSwiayI6ImQwZGRlZjI3OTNlZmE4NzBkM2JjYjY4Y2FjNTQyOTBhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDc1NDU4LCJwaWQiOjYwODIwMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoaXJ5a3h3ZGMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3Lndvcmxkc3Rvcmllc3MudGsvMjAyMy8wMi9rYXJ0aWstYWFyeWFucy1hZG9yYWJsZS1kb2cta2F0b3JpLWNhbnQuaHRtbCJ9fQ.rvRz5K8PQNmkG-d7sn_CIhpxgsKKUk1n9FilMa_YsK4; uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
Access-Control-Allow-Origin: https://www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1; expires=Fri, 10 Feb 2023 21:57:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bc966245491cdf411c29827a12caca0e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b7a276cc2dd7702e41c8cb504052743
ad22cf4130abcc28cc5375d53f869d6660290d28
4c30703e963824fe0e0e3adcac647939a81fb68586cf1e816ab408c5abbc661c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C30703E963824FE0E0E3ADCAC647939A81FB68586CF1E816AB408C5ABBC661C"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13127
Expires: Sat, 04 Feb 2023 01:36:41 GMT
Date: Fri, 03 Feb 2023 21:57:54 GMT
Connection: keep-alive
naveljutmistress.com/watch.586609841864?shu=e62d6d58e04c43354f1b0ac0022a5afbd9dbb3448f97e4c3ff2ebb620362c87b9843d76788a2d595aeef861bbf4fb1fa242f92a342568be1393d94ce051ebb5118c5db1faf755d1ca237444924f7e0221942df8cb79c6f2f3b54fe170e9507ecfc&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=ea2ebc35562540e44e40b02ae98448c6&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D
173.233.137.36200 OK 1.8 kB URL HTTP/1.1 naveljutmistress.com/watch.586609841864?shu=e62d6d58e04c43354f1b0ac0022a5afbd9dbb3448f97e4c3ff2ebb620362c87b9843d76788a2d595aeef861bbf4fb1fa242f92a342568be1393d94ce051ebb5118c5db1faf755d1ca237444924f7e0221942df8cb79c6f2f3b54fe170e9507ecfc&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=ea2ebc35562540e44e40b02ae98448c6&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2486)
Hash 6cece5ff31f72ba1416e0300be433444
5a0444793c5b300d978432f68afb661353ff5232
87558469a5b624409930a9d0a0c14c60db2f10ed9ace5833c2c29bc8e3832d2d
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.586609841864?shu=e62d6d58e04c43354f1b0ac0022a5afbd9dbb3448f97e4c3ff2ebb620362c87b9843d76788a2d595aeef861bbf4fb1fa242f92a342568be1393d94ce051ebb5118c5db1faf755d1ca237444924f7e0221942df8cb79c6f2f3b54fe170e9507ecfc&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=ea2ebc35562540e44e40b02ae98448c6&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naveljutmistress.com/watch.586609841864?key=ea2ebc35562540e44e40b02ae98448c6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
Cookie: u_pl=17964710; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk2NDcxMCwiayI6ImVhMmViYzM1NTYyNTQwZTQ0ZTQwYjAyYWU5ODQ0OGM2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDc1NDU4LCJwaWQiOjYwODIwMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidmJtaTRqdmpjciIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy53b3JsZHN0b3JpZXNzLnRrLzIwMjMvMDIva2FydGlrLWFhcnlhbnMtYWRvcmFibGUtZG9nLWthdG9yaS1jYW50Lmh0bWwifX0.xc8ekXngIjQe3EHpxFPuMEhhXvsReWJUAElEmvPy2ao; uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:57:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
Access-Control-Allow-Origin: https://www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1; expires=Fri, 10 Feb 2023 21:57:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
uncs23=1; expires=Sat, 04 Feb 2023 21:57:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 32ccd1b6c62087873f29e24f19068ab2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
static.a-ads.com/a-ads-banners/406681/300x250?region=eu-central-1
46.4.20.137200 OK 503 B URL HTTP/2 static.a-ads.com/a-ads-banners/406681/300x250?region=eu-central-1
IP 46.4.20.137:0
ASN #24940 Hetzner Online GmbH
Hash 604c3cbda1f304eef93aa15329e8e7ac
d9f25abc81500d2740265d4a2b11fa7e2d251d1f
5b0938197333a46575fa5d665e649f70b3268e27d0f3cbcac04065cc70acf9c5
GET /a-ads-banners/406681/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 21:57:53 GMT
content-type: image/gif
content-length: 621339
x-amz-id-2: NYA97pW7iMa36wiv1U+yscd5BERXa+Ll4fRXDP5IIM3eu3IZETycFrPX8MN/X+8c28n8K8mLCmc=
x-amz-request-id: BHMT9FYHNSZM77NV
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Aug 2022 08:12:39 GMT
etag: "c8694e7d5d3b9a928d4d57026ac2b68b"
cache-control: max-age=315360000
x-amz-version-id: 4E6UO4Ah7Y9Th7PfdrLCDL4YiygucdkX
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
revolveoppress.com/watch.670397478310?shu=fc7ac0123f2a4ad27788f1053900cae3d74f91418f820a61f961f153c42e8cb2dfbc6e36260d9ea332040d37759a5bf3725e24f8df2a1d350ba198c7d695fb107517239c58a2a0bb17865ec886f0ba1f13eefa&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=d0ddef2793efa870d3bcb68cac54290a&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&tz=0&dev=e&res=12.1055
192.243.59.20200 OK 1.8 kB URL HTTP/1.1 revolveoppress.com/watch.670397478310?shu=fc7ac0123f2a4ad27788f1053900cae3d74f91418f820a61f961f153c42e8cb2dfbc6e36260d9ea332040d37759a5bf3725e24f8df2a1d350ba198c7d695fb107517239c58a2a0bb17865ec886f0ba1f13eefa&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=d0ddef2793efa870d3bcb68cac54290a&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&tz=0&dev=e&res=12.1055
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2505)
Hash dcd8cf9dfb4abed5cc38b25757a418cc
7e8851b64bb12517180858fe57e433d5daa09a80
dc9ce93d892f17bb571bca99371f46d750ac9395c00e9217a3f282b8ee2c041d
GET /watch.670397478310?shu=fc7ac0123f2a4ad27788f1053900cae3d74f91418f820a61f961f153c42e8cb2dfbc6e36260d9ea332040d37759a5bf3725e24f8df2a1d350ba198c7d695fb107517239c58a2a0bb17865ec886f0ba1f13eefa&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=d0ddef2793efa870d3bcb68cac54290a&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: revolveoppress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revolveoppress.com/watch.670397478310?key=d0ddef2793efa870d3bcb68cac54290a&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
Cookie: u_pl=17964665; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk2NDY2NSwiayI6ImQwZGRlZjI3OTNlZmE4NzBkM2JjYjY4Y2FjNTQyOTBhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDc1NDU4LCJwaWQiOjYwODIwMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoaXJ5a3h3ZGMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cud29ybGRzdG9yaWVzcy50ay8yMDIzLzAyL2thcnRpay1hYXJ5YW5zLWFkb3JhYmxlLWRvZy1rYXRvcmktY2FudC5odG1sIn19.M82Ex7IkUetYReSSIz3v2-bn1_7IlNPFPJiEmqEKc7s; uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:57:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
Access-Control-Allow-Origin: https://www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1; expires=Fri, 10 Feb 2023 21:57:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 21:57:54 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 21:57:54 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 04 Feb 2023 21:57:54 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 04 Feb 2023 21:57:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb6972cf383983047cd4b77a42499a61
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
outdilateinterrupt.com/watch.1614453971124?shu=4a20d9917fab296e2ededadb7651a61986a0a207a0be103a50901b754e83e554ec1a33885062fd76db9f33fa61671d48c86e9918b0231c163a8046dc07da454c0cc236f6c5ca784b0f78a5f0ab7e418257d222d4&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=ea2ebc35562540e44e40b02ae98448c6&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&tz=0&dev=e&res=12.1055
192.243.59.20200 OK 1.8 kB URL HTTP/1.1 outdilateinterrupt.com/watch.1614453971124?shu=4a20d9917fab296e2ededadb7651a61986a0a207a0be103a50901b754e83e554ec1a33885062fd76db9f33fa61671d48c86e9918b0231c163a8046dc07da454c0cc236f6c5ca784b0f78a5f0ab7e418257d222d4&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=ea2ebc35562540e44e40b02ae98448c6&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&tz=0&dev=e&res=12.1055
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2539)
Hash 7432132ed15aa8dcd485a5745b1d1b08
fea05d70cf019b220b406ab734b9022baf2a68ca
0b9d98654542c638f847d9a4539af04f56157bc138353dd2c185e34f47066274
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1614453971124?shu=4a20d9917fab296e2ededadb7651a61986a0a207a0be103a50901b754e83e554ec1a33885062fd76db9f33fa61671d48c86e9918b0231c163a8046dc07da454c0cc236f6c5ca784b0f78a5f0ab7e418257d222d4&pst=1675461533&rmtc=t&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1&pii=&in=false&key=ea2ebc35562540e44e40b02ae98448c6&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outdilateinterrupt.com/watch.1614453971124?key=ea2ebc35562540e44e40b02ae98448c6&kw=%5B%22kartik%22%2C%22aaryan%E2%80%99s%22%2C%22adorable%22%2C%22dog%22%2C%22katori%22%2C%22can%E2%80%99t%22%2C%22get%22%2C%22enough%22%2C%22of%22%2C%22her%22%2C%22human%22%2C%22watch%22%2C%22video%22%2C%22bollywood%22%2C%22-%22%2C%22world%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F2023%2F02%2Fkartik-aaryans-adorable-dog-katori-cant.html&tz=0&dev=e&res=12.1055&uuid=9513f881-d1ad-4e4f-a448-066659850bf5%3A2%3A1
Cookie: u_pl=17964710; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk2NDcxMCwiayI6ImVhMmViYzM1NTYyNTQwZTQ0ZTQwYjAyYWU5ODQ0OGM2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDc1NDU4LCJwaWQiOjYwODIwMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidmJtaTRqdmpjciIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy53b3JsZHN0b3JpZXNzLnRrLzIwMjMvMDIva2FydGlrLWFhcnlhbnMtYWRvcmFibGUtZG9nLWthdG9yaS1jYW50Lmh0bWwifX0.xc8ekXngIjQe3EHpxFPuMEhhXvsReWJUAElEmvPy2ao; uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:57:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
Access-Control-Allow-Origin: https://www.worldstoriess.tk/2023/02/kartik-aaryans-adorable-dog-katori-cant.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9513f881-d1ad-4e4f-a448-066659850bf5:2:1; expires=Fri, 10 Feb 2023 21:57:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 21:57:54 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 21:57:54 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sat, 04 Feb 2023 21:57:54 GMT; secure; SameSite=None
uncs23=1; expires=Sat, 04 Feb 2023 21:57:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 40c5ad2900d2edebc4ecf668b30cba00
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/2b/01/7a/2b017a9d88eb8d322026381fed5dcab7/1663334838.png
45.133.44.9200 OK 26 kB URL HTTP/2 cdn.cloudimagesb.com/cti/2b/01/7a/2b017a9d88eb8d322026381fed5dcab7/1663334838.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash 391366bcddc18750b0ec5d69aa98a04a
65fd4b76a4e48e9252fc48b7835c4028b16ac2f6
7c033631e5c2b57de9c62be11f285180988b72730d50d43ffd951eb009bf0dad
GET /cti/2b/01/7a/2b017a9d88eb8d322026381fed5dcab7/1663334838.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://publishercounting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:54 GMT
content-type: image/png
content-length: 26172
server: nginx/1.17.6
last-modified: Fri, 16 Sep 2022 13:27:26 GMT
etag: "632479be-663c"
expires: Sun, 05 Feb 2023 21:57:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
192.243.59.13200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 21:57:54 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1b3fd8fe6c0574e42b70fb8fa3d6d4d1
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/b2/af/8a/b2af8ac2a38a3a519d5e4c5787c1d9cb/1663335057.png
45.133.44.9200 OK 60 kB URL HTTP/2 cdn.cloudimagesb.com/cti/b2/af/8a/b2af8ac2a38a3a519d5e4c5787c1d9cb/1663335057.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash dcc2cb1dabee57e298b368c25b4d72c7
05742ee7c81b766aa3f2ce0ca0bc222acbef8d62
df8034422253387414eaf1c24f9ee191d84b0fcd534e31100b4a5960b04ed4ed
GET /cti/b2/af/8a/b2af8ac2a38a3a519d5e4c5787c1d9cb/1663335057.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naveljutmistress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:54 GMT
content-type: image/png
content-length: 60299
server: nginx/1.17.6
last-modified: Fri, 16 Sep 2022 13:31:05 GMT
etag: "63247a99-eb8b"
expires: Sun, 05 Feb 2023 21:57:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/c8/d8/67/c8d8673ced1eaa7e51baa9035243a09a/1627915868.png
45.133.44.9200 OK 108 kB URL HTTP/2 cdn.cloudimagesb.com/cti/c8/d8/67/c8d8673ced1eaa7e51baa9035243a09a/1627915868.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGB, non-interlaced\012- data
Size 108 kB (107711 bytes)
Hash d5d8bc18ba152c6e850417cdf9dfbbff
888bf155775a9879f26faf0e7faaff5803296e8e
b481f86a9731573e3cfd04880209d5ecb5c163caa0e2656a9f740321c5e637c8
GET /cti/c8/d8/67/c8d8673ced1eaa7e51baa9035243a09a/1627915868.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://subscribestormyapprobation.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:54 GMT
content-type: image/png
content-length: 107711
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 14:51:18 GMT
etag: "61080666-1a4bf"
expires: Sun, 05 Feb 2023 21:57:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/37/9e/02/379e020ebae4723959b41c13a914a506/1659524633.jpg
45.133.44.9200 OK 22 kB URL HTTP/2 cdn.cloudimagesb.com/bi/37/9e/02/379e020ebae4723959b41c13a914a506/1659524633.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 300x250, components 3\012- data
Hash 48437a3063405aad4f0f3c53c0aa2575
ec531ad70ab8fd520edb8f96a6df666ff537957d
0c797c51a2584979dc87681b44688870f27b040c7dbe10acef419548c517f999
GET /bi/37/9e/02/379e020ebae4723959b41c13a914a506/1659524633.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revolveoppress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:54 GMT
content-type: image/jpeg
content-length: 21582
server: nginx/1.17.6
last-modified: Wed, 03 Aug 2022 11:04:01 GMT
etag: "62ea5621-544e"
expires: Sun, 05 Feb 2023 21:57:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/1d/44/5a/1d445ad695fa63681abc1d1c4668120e/1671198855.jpg
45.133.44.9200 OK 54 kB URL HTTP/2 cdn.cloudimagesb.com/bi/1d/44/5a/1d445ad695fa63681abc1d1c4668120e/1671198855.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2022:12:01 14:38:34], baseline, precision 8, 728x90, components 3\012- data
Hash eafbd1827969e27ac60968322f5bfbb0
0aa71a8434f9cbbde1bb48a9648d72fd6689c657
7b3c4c202a974c475cb2f465afe5c8d09123bef274d61f8e034b85391342f21a
GET /bi/1d/44/5a/1d445ad695fa63681abc1d1c4668120e/1671198855.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outdilateinterrupt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:54 GMT
content-type: image/jpeg
content-length: 53971
server: nginx/1.17.6
last-modified: Fri, 16 Dec 2022 13:54:23 GMT
etag: "639c788f-d2d3"
expires: Sun, 05 Feb 2023 21:57:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17970213
192.243.59.12200 OK 1.2 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17970213
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 4ebf0270e54d08b743b16389466f4171
7d2c5a506ff6e1c8d37ba39583c1643fd9e7de83
81e6c16453f7aa8e18c6687af31d49a989e6cded5d1868e87527e5e98313f81c
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17970213 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Cookie: u_pl=15184015; iprc6fbd22a10dc2112c7a000c030dbe5589=3991454; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 21:57:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=15184015,16122660; expires=Sat, 04 Feb 2023 21:57:54 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc5NzAyMTMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cud29ybGRzdG9yaWVzcy50ay8ifX0.Yzb_YZR5BnDWGHFcg-VJvPuMapk_zay1cy2zh8Tqrvg; expires=Fri, 03 Feb 2023 21:58:54 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bce966489a6e2f063099ea8efc474b67
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?shu=78b4293c7f3657fe1d37092e28760919ee67b76986ad179e5e194805cfef2031492286e34cd0b75c30d35962ac5335813b9ebbb141b95424885886bc629aabb80219e2d08ce73479d60bc2e5e6e72582f0db7a0a&pst=1675461534&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F&psid=17970213
192.243.59.12302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=78b4293c7f3657fe1d37092e28760919ee67b76986ad179e5e194805cfef2031492286e34cd0b75c30d35962ac5335813b9ebbb141b95424885886bc629aabb80219e2d08ce73479d60bc2e5e6e72582f0db7a0a&pst=1675461534&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F&psid=17970213
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=78b4293c7f3657fe1d37092e28760919ee67b76986ad179e5e194805cfef2031492286e34cd0b75c30d35962ac5335813b9ebbb141b95424885886bc629aabb80219e2d08ce73479d60bc2e5e6e72582f0db7a0a&pst=1675461534&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.worldstoriess.tk%2F&psid=17970213 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=15184015,16122660; iprc6fbd22a10dc2112c7a000c030dbe5589=3991454; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc5NzAyMTMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cud29ybGRzdG9yaWVzcy50ay8ifX0.Yzb_YZR5BnDWGHFcg-VJvPuMapk_zay1cy2zh8Tqrvg; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 21:57:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: uncs=2; expires=Sat, 04 Feb 2023 21:57:54 GMT
uncs28=2; expires=Sat, 04 Feb 2023 21:57:54 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 47cf2cdb6acf86306227919407dd0c8d
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
23.36.79.43307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 03 Feb 2023 21:57:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 03 Feb 2023 21:57:55 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; domain=.unibet.com; expires=Sun, 03-Feb-3022 21:57:55 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=144
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 21:57:55 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node08btuo0skddmbmubuzcskfpts1800072.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node08btuo0skddmbmubuzcskfpts1; Path=/; Domain=.unibet.nu; Expires=Sun, 02-Feb-2025 21:57:55 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sun, 02-Feb-2025 21:57:55 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://jennyvisits.com/"; Path=/; Domain=.unibet.nu; Expires=Sun, 02-Feb-2025 21:57:55 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_8B4315F754F94704BE9EE991A848AFBC; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fjennyvisits.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_8B4315F754F94704BE9EE991A848AFBC%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://jennyvisits.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Fri, 03 Feb 2023 21:57:55 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: __ucbt=node08btuo0skddmbmubuzcskfpts1; uniattr=ST.0.T; uniattr_ref="https://jennyvisits.com/"; affiliateId=1; B-TAG=127656177_8B4315F754F94704BE9EE991A848AFBC; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fjennyvisits.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_8B4315F754F94704BE9EE991A848AFBC%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 21:57:55 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Fri, 03 Feb 2023 21:57:55 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5c6eae7356c7c117d75d88d84420f61
ef1bf1756057d56ff2070537f5cff02827ced62b
96e9d535daeb01ba5cb4409ac40f2d74540db1505510a5ddbe9e9090ec772cc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96E9D535DAEB01BA5CB4409AC40F2D74540DB1505510A5DDBE9E9090EC772CC4"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8983
Expires: Sat, 04 Feb 2023 00:27:38 GMT
Date: Fri, 03 Feb 2023 21:57:55 GMT
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
104.18.24.188200 OK 5.2 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
IP 104.18.24.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2392)
Hash 47c14e9298ebf3cccbdd2bef62c63b9b
9f8bd1ba01e0601ad3a9d17ce109d50109b26cc7
7189ad04986c5911f3e9f459b0a59230743a0efd8339ec7a1364096c1f0ebe1e
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: djoKeCzytkLU3NSdQsOPbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
x-ms-request-id: 104d9d77-f01e-0005-0c1a-38c0d9000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=127656177_8B4315F754F94704BE9EE991A848AFBC;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 793e6ccdba79b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.a-ads.com/2137471?size=300x250
46.4.20.137200 OK 35 kB URL HTTP/2 ad.a-ads.com/2137471?size=300x250
IP 46.4.20.137:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (53065)
Hash e74c908f8f90692914e27b2010db8939
da9fdecc28a0aea4bb6ca1e6c483ad41018645fe
47a4e4402f976ccf67184c1ad7ed5adb2a06c630a91e62ac396590eca5f67273
GET /2137471?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 21:57:53 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://www.worldstoriess.tk/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
104.18.24.188200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP 104.18.24.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DAFF991565B252"
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 3cf155d6-101e-000d-3081-31dad6000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 120447
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6cd0c8c1b4ee-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
104.18.24.188200 OK 11 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
IP 104.18.24.188:0
File type Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Hash 0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: font/woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: "0x8DAFF991816B1DF"
x-ms-request-id: 17c1ab9c-c01e-0043-7481-31f45e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 120439
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6cd0d8d3b4ee-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/widget/betslip/betslip.js
104.18.24.188200 OK 4.3 kB URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP 104.18.24.188:0
File type ASCII text, with very long lines (693)
Hash 8d8b84e03cc19e66393b9661d97ff446
fcc1526fc17aafde2c80daa83dcd93189cb24ef4
873cc5acb70131c78fe1a717134e16f8b9c1e3d7fb842a9660536fa31a99103a
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393920
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6cd07ff5b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
172.64.132.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP 172.64.132.15:0
File type Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Hash 3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: font/woff2
content-length: 74320
x-amz-id-2: 4ZsRjMmDPjRMooDgmchiwENcteCKgPXvccY2NlrGASEiKfJ5RYrzpfCSdJ8K6Y1YDdi5bDsfnGk=
x-amz-request-id: QEVRCHNESH8P615C
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2565349
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rnh4ueo9teyyL%2BOJZKzkTxxcj0I7FdJlGL%2B7bZyEyiq%2F9MzKYiLQ5JM8jlzzDBHSyzg%2BMNMrY17S%2BNA7Ua8iLw6ji%2BdmRAJuftRs6TE1ze8PtUghSmNpSr7wK5fub5khdKmLKmD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793e6cd0e81a240e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 431756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 82 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash 986f695aeee99087dd0f53f4e7f397ab
88501eccbdc269b9d09ecf9b19fb1b9ff310273a
17290f2160fde4cde0cc6289009d48e168ad07bff42142abefd2e966075b78c4
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 223557
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:26:49 GMT
expires: Sun, 28 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 559867
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
104.18.24.188200 OK 705 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP 104.18.24.188:0
File type PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash bb28f187caa85f5367b4d78323850c77
8a2e2f01b2f629b32bec6eee92cbac1afbcff9a9
4b7c5e1b1638e347c58aee1d2e1fa6d14f67635f17b20d1ffe85b78541c82519
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:56 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914F4D898"
x-ms-request-id: e6735b96-c01e-0021-0381-313679000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 120441
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6cd179fcb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
185.89.210.212307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 185.89.210.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 03 Feb 2023 21:57:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: efcfa932-f5d6-4ecc-a7eb-a98ebe80f0f4
Set-Cookie: uuid2=2236700111519670004; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 04-May-2023 21:57:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.24.188200 OK 1.5 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3207), with no line terminators
Hash 32b12a427b8305bbfb87a42ba2afa41c
69b3b3bf5c29fd99e73691f3b7d1479473fe4fc8
61e3543b102598cd62f0ae605b176268c61c6b92c81526269349bbab43ee3783
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915A7459F"
x-ms-request-id: e677fb13-901e-0061-5581-313141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 120449
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6ccfade1b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
104.19.148.8200 OK 365 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP 104.19.148.8:0
File type JSON data\012- , ASCII text, with very long lines (704), with no line terminators
Hash a0a528a09943d929527d38f1e0706023
047182b4b13f7cc086a431d2ec4fc0f7eb8f0e2a
ecd0aef6dc15937860f650b46e25207a571a65961872c120e331d04a233fed8e
GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:56 GMT
content-type: application/json
content-length: 365
access-control-expose-headers: CE-Version
ce-version: 11.5.22
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Fri, 03 Feb 2023 18:01:46 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 14170
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6cd2cedc0afa-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
185.89.210.212200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 185.89.210.212:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 03 Feb 2023 21:57:56 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: d1d1ee34-29eb-4207-a63b-243f0016c81d
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E>tu[`#h!@wnf-Te9(>wL5L!!'U1$kLbG; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 04-May-2023 21:57:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675461508811
52.213.97.196200 OK 498 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675461508811
IP 52.213.97.196:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash 1a6d15a80a1b785fc4b39728787103d2
740121a747e14e2c6071134b30538185778f3300
173df1ba52b36c1324bf2ed8019896a29f4e00eeae017914986d88109c0d5116
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675461508811 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-085e2ce89.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=37644985495421125282497681206557968775; Max-Age=15552000; Expires=Wed, 02 Aug 2023 21:57:56 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: suMJevchRag=
Content-Length: 498
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f625763f5802c7b8926de24c6c220f1d
93b348c68d0920f8f28f2db6b9065a6664e1fd51
f6695e1ca1c3be928cc9d8231d168e903d85bc95718d45f41fb8ec9c37f2d4ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1754
Cache-Control: max-age=143406
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:56 GMT
Etag: "63dd09b8-118"
Expires: Sun, 05 Feb 2023 13:48:02 GMT
Last-Modified: Fri, 03 Feb 2023 13:18:48 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.24.188200 OK 4.7 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Hash 200db447f4dba189acc6da74d4da43bd
33419d72e946130a902a57742df6d5ad1f57562a
37c40be5b041624d925ee015df93d75901826c7fa995e107221d06bc3ae066d0
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99183CF8FA"
x-ms-request-id: d4160c8c-201e-0016-7481-31e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 120448
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6ccfadf3b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f625763f5802c7b8926de24c6c220f1d
93b348c68d0920f8f28f2db6b9065a6664e1fd51
f6695e1ca1c3be928cc9d8231d168e903d85bc95718d45f41fb8ec9c37f2d4ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3692
Cache-Control: max-age=145344
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:56 GMT
Etag: "63dd09b8-118"
Expires: Sun, 05 Feb 2023 14:20:20 GMT
Last-Modified: Fri, 03 Feb 2023 13:18:48 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fdeefe9d1e614e31fbdedba482c240b0
8aa5be14360b16448239aaf48bf53a6b366d7bc5
0f4daaa241c690d5b7529d44fab951e6f57e43a61e795762ffee646293e5e551
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6143
Cache-Control: max-age=127279
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:57:56 GMT
Etag: "63dcb994-1d7"
Expires: Sun, 05 Feb 2023 09:19:15 GMT
Last-Modified: Fri, 03 Feb 2023 07:36:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
script.crazyegg.com/pages/scripts/0012/9242.js
104.19.148.8200 OK 3.8 kB URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP 104.19.148.8:0
Hash 58f89875eeb7520812eac5eaa713e7cd
f11ae458372d3519c88dd16c30c6f0116c903e85
1288dc33151d53b84cb5f1ff8ace2d5106798e422bb9d0c500eec587b7eb5b36
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:56 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.22
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Fri, 03 Feb 2023 18:01:45 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 14171
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6cd1adca0afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
34.251.47.116200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 34.251.47.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 3 Feb 2023 21:57:56 GMT
DCS: dcs-prod-irl1-2-v045-07bcfe959.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 9 Nov 2022 04:23:32 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 0/YZe8sFTG8=
Content-Length: 2791
Connection: keep-alive
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s57119753604174?AQB=1&ndh=1&pf=1&t=3%2F1%2F2023%2021%3A58%3A29%205%200&mid=37607547722172458352497041641395581980&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_8B4315F754F94704BE9EE991A848AFBC%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_8B4315F754F94704BE9EE991A848AFBC%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=9%3A58%20PM%7CFriday&v6=9%3A58%20PM%7CFriday&v11=GBP&c14=New&v14=New&c16=1675461509&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_8B4315F754F94704BE9EE991A848AFBC&v126=68246908&v127=37950&v134=1675461508&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
15.236.117.205200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s57119753604174?AQB=1&ndh=1&pf=1&t=3%2F1%2F2023%2021%3A58%3A29%205%200&mid=37607547722172458352497041641395581980&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_8B4315F754F94704BE9EE991A848AFBC%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_8B4315F754F94704BE9EE991A848AFBC%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=9%3A58%20PM%7CFriday&v6=9%3A58%20PM%7CFriday&v11=GBP&c14=New&v14=New&c16=1675461509&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_8B4315F754F94704BE9EE991A848AFBC&v126=68246908&v127=37950&v134=1675461508&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 15.236.117.205:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s57119753604174?AQB=1&ndh=1&pf=1&t=3%2F1%2F2023%2021%3A58%3A29%205%200&mid=37607547722172458352497041641395581980&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_8B4315F754F94704BE9EE991A848AFBC%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_8B4315F754F94704BE9EE991A848AFBC%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=9%3A58%20PM%7CFriday&v6=9%3A58%20PM%7CFriday&v11=GBP&c14=New&v14=New&c16=1675461509&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_8B4315F754F94704BE9EE991A848AFBC&v126=68246908&v127=37950&v134=1675461508&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Fri, 03 Feb 2023 21:57:56 GMT
expires: Thu, 02 Feb 2023 21:57:56 GMT
last-modified: Sat, 04 Feb 2023 21:57:56 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3598026124559122432-4619877796905543277
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.24.188200 OK 996 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Hash 3eb8bc678fcefaf147c490b86fe1a549
c328afb4ff19f8db21f1182ddc8c9a2829f03673
f6c8c94cb6ba20d23d221b9cea1cd150f5f0ce33f4cba29e13934ba222635115
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99174612EA"
x-ms-request-id: 82c2bcc2-201e-0029-1081-312c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 120448
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6ccfbe03b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
cm.everesttech.net/cm/dd?d_uuid=37644985495421125282497681206557968775
54.229.62.148302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=37644985495421125282497681206557968775
IP 54.229.62.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=37644985495421125282497681206557968775 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 03 Feb 2023 21:57:56 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y92DZAAAALc0mQN-; Domain=.everesttech.net; Expires=Sat, 03-Feb-2024 21:57:56 GMT; Path=/
everest_session_v2=Y92DZAAAALc0mgN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y92DZAAAALc0mQN-
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y92DZAAAALc0mQN-
52.213.97.196302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y92DZAAAALc0mQN-
IP 52.213.97.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y92DZAAAALc0mQN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0ed41892e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y92DZAAAALc0mQN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=70782290648852247672722234597768729746; Max-Age=15552000; Expires=Wed, 02 Aug 2023 21:57:56 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: sSinJjy2TLI=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y92DZAAAALc0mQN-
52.213.97.196200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y92DZAAAALc0mQN-
IP 52.213.97.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y92DZAAAALc0mQN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-04fb65ba6.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: qaSbXIU6SEI=
Content-Length: 59
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF991898A021"
x-ms-request-id: e9253db8-601e-0075-8081-31792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 120443
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6ccfadcfb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99173FAB3F"
x-ms-request-id: af16bb2e-701e-0046-1c81-312685000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 120448
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6ccfadffb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99184AD9A4"
x-ms-request-id: fa9ed380-a01e-0027-7f81-3105c6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 120448
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6ccfadf8b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914DE94BB"
x-ms-request-id: 580bcb77-701e-0034-8081-3121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 120443
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6ccf9dc5b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.24.188404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: application/xml
x-ms-request-id: f47af6f8-801e-000f-5e1a-38646e000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 240
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6ccfbe0cb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
104.16.172.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP 104.16.172.188:0
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:56 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 50
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6cd36e24b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.24.188404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: application/xml
x-ms-request-id: f47af6f8-801e-000f-5e1a-38646e000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 240
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6cd0b893b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF991835F51F"
x-ms-request-id: 1328b90b-701e-0024-5c81-31e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 120449
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6ccfadefb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.132.15:0
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: text/css
x-amz-id-2: kBpjnAujkCQOW3Zr0P8Ew6IrWjg48N7+8LpZ64VVWljlBbzpY3QoGqj3PKT7OmPBh8WXfTwfBYk=
x-amz-request-id: F3FX4D4WZDEMXQ23
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2565343
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhEZsLffYfFDMulhIIMD7vAu4%2FLiw23pT7ePqYv%2FdO894OjAzItc53zgdk5PGtWRVsSsfUrWBF%2BQt0rmCL9%2FY2Zd3m3rS6xx9OE67q956ekXw70Akz4WGPnEaYUa6mpE3QYFytNT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793e6cd01eba240e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF99188E686E"
x-ms-request-id: fae4441f-101e-0040-4d81-31153a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 120449
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6ccf9dc8b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
widget.crictimes.org/
104.21.12.138200 OK 0 B IP 104.21.12.138:0
GET / HTTP/1.1
Host: widget.crictimes.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.worldstoriess.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:53 GMT
content-type: text/html
last-modified: Thu, 24 Nov 2022 12:46:16 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jTe3J2gdNtTWEkWk%2Blg8PKu%2BB2q6SfIiHoiETqJFrebK8G1e3FBp4BydrJHAtyPmv19wxCxJV%2BR%2Ft07udQtUMOyblW0oRmkzJqcnPwhqcxY0ReukOe4449Hn9K9KNTkqvEILC8kNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793e6cbf9e1d0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.24.188:0
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393920
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6ccfadddb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js?465405
104.19.148.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?465405
IP 104.19.148.8:0
GET /pages/scripts/0012/9242.js?465405 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:56 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.22
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Fri, 03 Feb 2023 18:01:45 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 14171
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6cd1bddc0afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915D02464"
x-ms-request-id: 9ee27f41-c01e-000e-3881-313bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 120447
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6ccfbe11b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 21:57:55 GMT
date: Fri, 03 Feb 2023 21:57:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_8B4315F754F94704BE9EE991A848AFBC&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675461475163)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023232157%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228778011508%7c1%22%7d%5d; btag=127656177_8B4315F754F94704BE9EE991A848AFBC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:57:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF99157C1D3C"
x-ms-request-id: ec6073d8-501e-0051-6881-318f8e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 120449
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e6ccfadeab4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2