www.powerplay.com/lp/CA_LP_1000CB/?btag=a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0&siteid=42740
104.18.42.155301 Moved Permanently 0 B URL HTTP/1.1 www.powerplay.com/lp/CA_LP_1000CB/?btag=a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0&siteid=42740
IP 104.18.42.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lp/CA_LP_1000CB/?btag=a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0&siteid=42740 HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 01 Feb 2023 16:10:04 GMT
Content-Length: 0
Connection: keep-alive
Location: https://www.powerplay.com/lp/CA_LP_1000CB/?btag=a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0&siteid=42740
CF-Ray: 792bf480fdcefac4-OSL
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Set-Cookie: __cf_bm=6N9JWdHomTglk_5gLy92qC8UclOKG5n3pAe9XDkhzjc-1675267804-0-AfoyLUcMiPkzb6VeZgmLNWOTErrvQNogDngFLoPrJaYd/sgmQesDcyrBUOcqq6U4bL4GGeZ20Lxd8jIeohcFgKeZ3FQG2tlnob89Ve/oGJAM; path=/; expires=Wed, 01-Feb-23 16:40:04 GMT; domain=.www.powerplay.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7607
Expires: Wed, 01 Feb 2023 18:16:51 GMT
Date: Wed, 01 Feb 2023 16:10:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9353
Expires: Wed, 01 Feb 2023 18:45:57 GMT
Date: Wed, 01 Feb 2023 16:10:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5361
Expires: Wed, 01 Feb 2023 17:39:25 GMT
Date: Wed, 01 Feb 2023 16:10:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 15:43:25 GMT
content-type: application/json
age: 1599
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TNqTPGX4hVhSrzfpm44TLUTGvaxz6+OS1oWyvq9frcOuzYASh8QfNAs6YWNob9FiJgi8Fm/b57A=
x-amz-request-id: GD3D84V67DXQH3JF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 15:51:37 GMT
age: 1107
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:10:04 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d953f6b987a024c751ce57f670d3e148
7b44751d0faef3cb82a7bc6f210929523156aecf
0a7ba2e158fa00edbba9c774ed067bafd94d73ed61d3de4ea91907e2afce168e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4650
Cache-Control: max-age=143403
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 16:10:04 GMT
Etag: "63da09dd-117"
Expires: Fri, 03 Feb 2023 08:00:07 GMT
Last-Modified: Wed, 01 Feb 2023 06:42:37 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 571cf48d9d0b748d8257af0e71891289
25483a548faf28dc524c6b43d2b7e4bf7ad3c49e
9f262e2f0faf7b0e16b5a551ed18c69720cb1f32325b0304106c54ba1c43166a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 16:10:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 Feb 2023 01:17:32 GMT
Expires: Thu, 02 Feb 2023 01:17:32 GMT
ETag: "25483a548faf28dc524c6b43d2b7e4bf7ad3c49e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 16:10:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-NWZ5SDW
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NWZ5SDW
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (15038)
Hash d3b4730b0d1b551e92c8d96bae4908d8
1a5b06daf1cf7f59ace66892ae1621a95f1f900c
91c84757b43d1763712c7b699fa02dd545832dde0015731cf92586f9cd67ecec
GET /gtm.js?id=GTM-NWZ5SDW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Feb 2023 16:10:05 GMT
expires: Wed, 01 Feb 2023 16:10:05 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 Feb 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52840
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 16:10:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 15:41:42 GMT
age: 1703
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
powerplay-content.com/assets/fonts/Montserrat-Regular.woff
160.153.235.136200 OK 55 kB URL HTTP/2 powerplay-content.com/assets/fonts/Montserrat-Regular.woff
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type Web Open Font Format, TrueType, length 55408, version 4.0\012- data
Hash 0e6803eeb55ea3293f82c3493d034309
c0ad0ac5b1f6c6a00b33407dd12a498d259e6ad5
9a03a8f19db50c0cd875e36578a3685a3529235f91c62cd19ecbfe6228d7f3f5
GET /assets/fonts/Montserrat-Regular.woff HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://powerplay-content.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:10:05 GMT
content-type: application/font-woff
content-length: 55408
last-modified: Mon, 21 Jun 2021 08:01:14 GMT
etag: "60d0474a-d870"
access-control-allow-origin: https://www.powerplay.com
accept-ranges: bytes
X-Firefox-Spdy: h2
powerplay-content.com/assets/fonts/montserrat-bold-webfont.woff
160.153.235.136200 OK 35 kB URL HTTP/2 powerplay-content.com/assets/fonts/montserrat-bold-webfont.woff
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type Web Open Font Format, TrueType, length 34732, version 1.0\012- data
Hash 78f8642eecd3bcae41d26031c5c53776
6a141dc0ac86d79da000e26e813cd8638a8ed8ca
6c3b04a323f794e1371b690efa88952b365334a6a90919f5f81cf15c45c74aa6
GET /assets/fonts/montserrat-bold-webfont.woff HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://powerplay-content.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:10:05 GMT
content-type: application/font-woff
content-length: 34732
last-modified: Mon, 21 Jun 2021 08:01:14 GMT
etag: "60d0474a-87ac"
access-control-allow-origin: https://www.powerplay.com
accept-ranges: bytes
X-Firefox-Spdy: h2
powerplay-content.com/assets/fonts/MontserratBlack.eot
160.153.235.136200 OK 43 kB URL HTTP/2 powerplay-content.com/assets/fonts/MontserratBlack.eot
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type Embedded OpenType (EOT), Montserrat Black family\012- data
Hash f5ac988c95b53763763dbcdb6dcd2574
f8b6d744e3bd09d85a6cec0e8d113bc5c2f8d5c7
4a1f0f28ac0dc25b4e527a7ca870bf89d2f444dc4bd6953f24f43cb6a8f7b130
GET /assets/fonts/MontserratBlack.eot HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://powerplay-content.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:10:05 GMT
content-type: application/vnd.ms-fontobject
content-length: 42974
last-modified: Mon, 21 Jun 2021 08:01:14 GMT
etag: "60d0474a-a7de"
access-control-allow-origin: https://www.powerplay.com
accept-ranges: bytes
X-Firefox-Spdy: h2
powerplay-content.com/assets/fonts/Montserrat-ExtraBold.woff
160.153.235.136200 OK 108 kB URL HTTP/2 powerplay-content.com/assets/fonts/Montserrat-ExtraBold.woff
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type Web Open Font Format, TrueType, length 107912, version 0.0\012- data
Size 108 kB (107912 bytes)
Hash fc8f6123d2478e474c5087d12b287c7c
85480535f32e9cc89e630de3a1868b157fccc6eb
ca9a0723d0aedf352078a5bbd70ca07307dfa4904d59ce079c8717650d0172d9
GET /assets/fonts/Montserrat-ExtraBold.woff HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://powerplay-content.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:10:05 GMT
content-type: application/font-woff
content-length: 107912
last-modified: Mon, 21 Jun 2021 08:01:14 GMT
etag: "60d0474a-1a588"
access-control-allow-origin: https://www.powerplay.com
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e2d2b00ed4a3970f9b7c4561eec1f2ba
5d51d00a750a05bcad6aac56b5dcd410afff7591
20f4ee50766ee62c45e9a18f9646a856c1ae9b702a055c7d9131026dce630c42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20F4EE50766EE62C45E9A18F9646A856C1AE9B702A055C7D9131026DCE630C42"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5122
Expires: Wed, 01 Feb 2023 17:35:27 GMT
Date: Wed, 01 Feb 2023 16:10:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e2d2b00ed4a3970f9b7c4561eec1f2ba
5d51d00a750a05bcad6aac56b5dcd410afff7591
20f4ee50766ee62c45e9a18f9646a856c1ae9b702a055c7d9131026dce630c42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20F4EE50766EE62C45E9A18F9646A856C1AE9B702A055C7D9131026DCE630C42"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5122
Expires: Wed, 01 Feb 2023 17:35:27 GMT
Date: Wed, 01 Feb 2023 16:10:05 GMT
Connection: keep-alive
powerplay-content.com/assets/fonts/MontserratBlack.woff
160.153.235.136200 OK 21 kB URL HTTP/2 powerplay-content.com/assets/fonts/MontserratBlack.woff
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type Web Open Font Format, TrueType, length 20964, version 0.0\012- data
Hash 49d1e4af8c8098bb9a9ace080784bdb6
8f73604a3d017092eccd929734c1bface16f4d4e
5e9cd127b94f934093fa5a258464ea145c6ad8c9c950bdf80af56367d1aed8f2
GET /assets/fonts/MontserratBlack.woff HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://powerplay-content.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:10:05 GMT
content-type: application/font-woff
content-length: 20964
last-modified: Mon, 21 Jun 2021 08:01:14 GMT
etag: "60d0474a-51e4"
access-control-allow-origin: https://www.powerplay.com
accept-ranges: bytes
X-Firefox-Spdy: h2
my.rtmark.net/p.js?f=sync&lr=1&partner=52864f820dd3c23ced7f97ddf958a3c34eb6ec6729f377638d8ff5ebbf8d4ce8
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=52864f820dd3c23ced7f97ddf958a3c34eb6ec6729f377638d8ff5ebbf8d4ce8
IP 139.45.195.8:0
Hash ed7e8ad18e0f3bd2c70c7abd1695e09a
54e80479d3910d125a36866be752fc55aadf62a9
531afb8d462c60b454489c1041538a5db9767de6a24793df88a509a35a6398b5
GET /p.js?f=sync&lr=1&partner=52864f820dd3c23ced7f97ddf958a3c34eb6ec6729f377638d8ff5ebbf8d4ce8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:10:05 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 163c81769cb3796185876ae84c820f48
f81ee1d4a647472c2f1d0e6c51c3339dec723908
74ee8c33a88f0c4bcb7fa66194a7969692047212483d10847395d6996ce5fed0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 16:10:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 08:20:01 GMT
Expires: Sun, 05 Feb 2023 08:20:00 GMT
Etag: "f81ee1d4a647472c2f1d0e6c51c3339dec723908"
Cache-Control: max-age=316794,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792bf487bcdeb4ff-OSL
zz.connextra.com/dcs/tagController/tag/770b6a2a5625/landingpage
104.85.191.64200 OK 17 kB URL HTTP/2 zz.connextra.com/dcs/tagController/tag/770b6a2a5625/landingpage
IP 104.85.191.64:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2774)
Hash f94ba887c97648eab7ce2f6dbbb142aa
2a34b09b24fa6191d1a1d510288f950c6b53fd42
7e60201af9b44fd6ccfb48c0f31e231517f9a1fa6614be08fc82e577bbbe1005
GET /dcs/tagController/tag/770b6a2a5625/landingpage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
content-length: 16610
server: istio-envoy
content-encoding: gzip
x-envoy-upstream-service-time: 2
cache-control: must-revalidate, max-age=300
expires: Wed, 01 Feb 2023 16:15:05 GMT
date: Wed, 01 Feb 2023 16:10:05 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
my.rtmark.net/p.js?f=sync&lr=1&partner=9403e23e5c2aba337796ba9cfd81756032c1ed5a3c8bbb94a820b4f32396f4dc
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=9403e23e5c2aba337796ba9cfd81756032c1ed5a3c8bbb94a820b4f32396f4dc
IP 139.45.195.8:0
Hash 0a83632b91c4814fb4ca5fdaeaf8feb6
e7f4f82e1c0f9228e531dfb335cd595de2785fb5
48aba20e2721ef10913638f8c60a47bf9a46772817687ae9b33ce8cb7cd3de27
GET /p.js?f=sync&lr=1&partner=9403e23e5c2aba337796ba9cfd81756032c1ed5a3c8bbb94a820b4f32396f4dc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:10:05 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=20568435&t=1
185.89.211.12307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=20568435&t=1
IP 185.89.211.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=20568435&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 01 Feb 2023 16:10:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20568435%26t%3D1
AN-X-Request-Uuid: 951fd355-b7c1-4e1b-866d-f909a98e2458
Set-Cookie: uuid2=71094499289885342; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 02-May-2023 16:10:05 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/px?id=1233559&t=1
185.89.211.12307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=1233559&t=1
IP 185.89.211.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=1233559&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 01 Feb 2023 16:10:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1233559%26t%3D1
AN-X-Request-Uuid: 17d285ef-a30e-4fb8-ad94-7ce36d115f77
Set-Cookie: uuid2=2335042651208103385; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 02-May-2023 16:10:05 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20568435%26t%3D1
185.89.211.12200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20568435%26t%3D1
IP 185.89.211.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D20568435%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 01 Feb 2023 16:10:05 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: b02e6db9-00a4-47fb-bbac-bf42f4187df4
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GU$uUeIW!]tbP6j2F-XstGt!@DbH$m2mW; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 02-May-2023 16:10:05 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1233559%26t%3D1
185.89.211.12200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D1233559%26t%3D1
IP 185.89.211.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fpx%3Fid%3D1233559%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 01 Feb 2023 16:10:05 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 0aa475c6-dded-4d88-ab78-c9b8b012b574
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4547
Expires: Wed, 01 Feb 2023 17:25:52 GMT
Date: Wed, 01 Feb 2023 16:10:05 GMT
Connection: keep-alive
d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/CA/1000depositbonus/DT_CA-EN_LP_1000CB.jpg
54.230.245.131200 OK 146 kB URL HTTP/2 d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/CA/1000depositbonus/DT_CA-EN_LP_1000CB.jpg
IP 54.230.245.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1366x526, components 3\012- data
Size 146 kB (146399 bytes)
Hash 434eecd6fc0f1f24e35ef7778c2c8d7b
1adac9fa6a6ab83200f26379d7125a7794c62002
8d405bfaaf9ecbc1ebb18881d2d77026f7e17312b64d3969c64b625c0aa47b42
GET /img/newcss_landing/img/en/CA/1000depositbonus/DT_CA-EN_LP_1000CB.jpg HTTP/1.1
Host: d1l906mtvq85kd.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 146399
last-modified: Mon, 23 Jan 2023 15:35:35 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 13:50:13 GMT
etag: "434eecd6fc0f1f24e35ef7778c2c8d7b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2P-m746ffV3QNOcLW5BZ1Pk6hIV4m6jq_5M-b5Yag10rbhu8fehv8A==
age: 8393
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.78200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 01 Feb 2023 15:45:20 GMT
expires: Wed, 01 Feb 2023 17:45:20 GMT
cache-control: public, max-age=7200
age: 1485
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.powerplay.com/images/favicon-96x96.png
172.64.145.101200 OK 1.2 kB URL HTTP/2 www.powerplay.com/images/favicon-96x96.png
IP 172.64.145.101:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6856d6c8d3a2699b27ae4ab88a785a8c
357fe6c974731c0e250b16f137b7b259a20a688f
e4e75bc467daa47d8f6d66717a327e2880de4c656c51a5e7b1e822dac684794d
GET /images/favicon-96x96.png HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/lp/CA_LP_1000CB/?btag=a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0&siteid=42740
Cookie: JSESSIONID="ADubVcxgS9hd8k4lb3k7wXsxyj0PQXEPHUTEfYYU.tc-app6.rs.fsbtech.com:tc-app6.rs.fsbtech.com-wildfly"; currencyCode=USD; languageId=1; localeKey=en; siteId=222; SERVERID=tc-app6|Y9qO3|Y9qO3; __cf_bm=y.0vxo5FdMjn5yqeUFmEETRPsamZBR72Su6RpkmjjEA-1675267804-0-AdCrsl51DjHnZ03cwOKzNe0FuSmCmX+bEYvyOXEjU8+nItThaB7tE1ZJrD0lUjzBw3uUHRaLXFPhq6fi4aX0KMGphBIn2HPogf4X3k4XLV/g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 16:10:05 GMT
content-type: image/webp
content-length: 1222
cf-ray: 792bf488d90dfac0-OSL
accept-ranges: bytes
cache-control: public, max-age=31536000
content-disposition: inline; filename="favicon-96x96.webp"
etag: "5f3fd70e-b50"
expires: Thu, 01 Feb 2024 16:10:05 GMT
last-modified: Fri, 21 Aug 2020 14:15:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2896
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
www.powerplay.com/cdn-cgi/rum?
172.64.145.101204 No Content 0 B URL HTTP/2 www.powerplay.com/cdn-cgi/rum?
IP 172.64.145.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 9678
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/lp/CA_LP_1000CB/?btag=a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0&siteid=42740
Cookie: JSESSIONID="ADubVcxgS9hd8k4lb3k7wXsxyj0PQXEPHUTEfYYU.tc-app6.rs.fsbtech.com:tc-app6.rs.fsbtech.com-wildfly"; currencyCode=USD; languageId=1; localeKey=en; siteId=222; SERVERID=tc-app6|Y9qO3|Y9qO3; __cf_bm=y.0vxo5FdMjn5yqeUFmEETRPsamZBR72Su6RpkmjjEA-1675267804-0-AdCrsl51DjHnZ03cwOKzNe0FuSmCmX+bEYvyOXEjU8+nItThaB7tE1ZJrD0lUjzBw3uUHRaLXFPhq6fi4aX0KMGphBIn2HPogf4X3k4XLV/g; _ga=GA1.2.350043815.1675267828; _gid=GA1.2.705488557.1675267828; _gat=1; fsb-powerplay-affiliates=%7B%22affiliateName%22%3A%22btag%22%2C%22affiliateValue%22%3A%22a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Wed, 01 Feb 2023 16:10:05 GMT
access-control-allow-origin: https://www.powerplay.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 792bf48a29f5fac0-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.powerplay.com/images/favicon-16x16.png
172.64.145.101200 OK 238 B URL HTTP/2 www.powerplay.com/images/favicon-16x16.png
IP 172.64.145.101:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a5afb1bbe1556090a2f5e5c97f0f7d39
1abee720dfb10a1dfb1ce5c543e8f168b4a46444
85a950b33d4259061f19101abcf7f114147feb074dd3b8a2459eecbd12d61adb
GET /images/favicon-16x16.png HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/lp/CA_LP_1000CB/?btag=a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0&siteid=42740
Cookie: JSESSIONID="ADubVcxgS9hd8k4lb3k7wXsxyj0PQXEPHUTEfYYU.tc-app6.rs.fsbtech.com:tc-app6.rs.fsbtech.com-wildfly"; currencyCode=USD; languageId=1; localeKey=en; siteId=222; SERVERID=tc-app6|Y9qO3|Y9qO3; __cf_bm=y.0vxo5FdMjn5yqeUFmEETRPsamZBR72Su6RpkmjjEA-1675267804-0-AdCrsl51DjHnZ03cwOKzNe0FuSmCmX+bEYvyOXEjU8+nItThaB7tE1ZJrD0lUjzBw3uUHRaLXFPhq6fi4aX0KMGphBIn2HPogf4X3k4XLV/g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 16:10:05 GMT
content-type: image/webp
content-length: 238
cf-ray: 792bf488d90ffac0-OSL
accept-ranges: bytes
cache-control: public, max-age=31536000
content-disposition: inline; filename="favicon-16x16.webp"
etag: "5f3fd70e-4b1"
expires: Thu, 01 Feb 2024 16:10:05 GMT
last-modified: Fri, 21 Aug 2020 14:15:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1201
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=25129714&t=2
185.89.211.12307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=25129714&t=2
IP 185.89.211.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=25129714&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 01 Feb 2023 16:10:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
AN-X-Request-Uuid: 08b6024b-1537-4f65-aa00-00c07f29a1e2
Set-Cookie: uuid2=838698701183453911; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 02-May-2023 16:10:05 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
185.89.211.12200 OK 43 B URL HTTP/1.1 secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP 185.89.211.12:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 01 Feb 2023 16:10:05 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: b2cad4e9-c0dc-4817-8e3e-0755616247f6
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a38fab9935d471e375ef640d6ac4e667
017ff26d808eff453da628e880e04ce6beee3654
7e1b3c60cd7d45623686b73da1d2f6c92b7de281691b2ae5700da4728b8967ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E1B3C60CD7D45623686B73DA1D2F6C92B7DE281691B2AE5700DA4728B8967EF"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8772
Expires: Wed, 01 Feb 2023 18:36:17 GMT
Date: Wed, 01 Feb 2023 16:10:05 GMT
Connection: keep-alive
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9MYNNewR4RqBpFgEyD/28Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IUa0DUO7Abpz12oorVly0h4Rxx8=
unphionetor.com/vctx?t=93873
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=93873
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=93873 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 01 Feb 2023 16:10:05 GMT
access-control-allow-origin: https://www.powerplay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 6d83e95edcbcc163f0add3b36728bcad
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 68d0092a2f9f80581181ea45ea5fd98d
a7f0fe1053453a7d7172cbf05cf2abbdb62244bb
13e192f06d86ea2160d564a59dae3545cf7a2146f5659adb891cc65cbb7ac8ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5276
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 16:10:05 GMT
Last-Modified: Wed, 01 Feb 2023 14:42:09 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
185.29.132.245302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
IP 185.29.132.245:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Wed, 01 Feb 2023 16:10:05 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master zrh-pixel-x12 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=3ca063da-8ede-4a00-aeb0-42777ba8a9ef; domain=.mathtag.com; path=/; expires=Thu, 29-Feb-2024 16:10:06 GMT; SameSite=None; Secure
location: https://zz.connextra.com/sync/data/uid/6c883bd680/3ca063da-8ede-4a00-aeb0-42777ba8a9ef
Expires: Wed, 01 Feb 2023 16:10:04 GMT
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash eea78a6a97c1d8c61774345ae605b83f
4aa2327883020d4be6eda61bef4f0948f00f9585
1bd0dd4b126c67a4f083906d86772910d0e17bddfedf6e25a6185bd222e9e907
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109926
Date: Wed, 01 Feb 2023 16:10:06 GMT
Etag: "63d9846d-1d7"
Expires: Thu, 02 Feb 2023 22:42:12 GMT
Last-Modified: Tue, 31 Jan 2023 21:13:17 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UqnWHxyxhqU8pLdDjZXlukrquZyeaunizp5Kb5_67Hamc03SFBUAmw==
Age: 5335
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash d984fbc1b59b3bb6312f71ef07ffd00c
ff94c94cabcfa90b6e48170ddc907ab252f988de
c72473fc5a7adc14d951de3de715d82b39d842d6a899f471e9152f975ad49fca
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159401
Date: Wed, 01 Feb 2023 16:10:06 GMT
Etag: "63da4c0d-1d7"
Expires: Fri, 03 Feb 2023 12:26:47 GMT
Last-Modified: Wed, 01 Feb 2023 11:25:01 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MxOzdLBWldP4TphucIN0ogr7NqaoNY8jVWUUmygasJ-ckYggVXg6yQ==
Age: 3706
secure.adnxs.com/px?id=1184078&t=1
185.89.211.12307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=1184078&t=1
IP 185.89.211.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=1184078&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 01 Feb 2023 16:10:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1184078%26t%3D1
AN-X-Request-Uuid: 0c5cdac6-a197-4b77-9cb4-015ae4d3e962
Set-Cookie: uuid2=7634869320979603390; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 02-May-2023 16:10:06 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=
54.228.37.152303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=
IP 54.228.37.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Wed, 01 Feb 2023 16:10:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Wed, 01 Feb 2023 16:20:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
match.prod.bidr.io/cookie-sync/geniussports
54.194.123.13303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports
IP 54.194.123.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Wed, 01 Feb 2023 16:10:06 GMT
location: https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Wed, 01 Feb 2023 16:20:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 16:10:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zz.connextra.com/PowerPlay/dcs/tagController/tagData/770b6a2a5625
104.85.191.64200 OK 20 B URL HTTP/2 zz.connextra.com/PowerPlay/dcs/tagController/tagData/770b6a2a5625
IP 104.85.191.64:0
Hash 163be0a88c70ca629fd516dbaadad96a
c8830ccf3a863e489ca37f4da572bad0e05d077b
ac73670af3abed54ac6fb4695131f4099be9fbe39d6076c5d0264a6bbdae9d83
POST /PowerPlay/dcs/tagController/tagData/770b6a2a5625 HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 43
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
server: istio-envoy
access-control-allow-credentials: true
access-control-allow-origin: https://www.powerplay.com
vary: origin,accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-encoding: gzip
x-envoy-upstream-service-time: 2
expires: Wed, 01 Feb 2023 16:10:06 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 01 Feb 2023 16:10:06 GMT
content-length: 20
set-cookie: CxtId=4bc8d04e-d1c3-4b00-b0c3-411213ba21dc; Domain=.connextra.com; Expires=Fri, 31-Jan-2025 16:10:06 GMT; Path=/; Secure
PowerPlay=P%7Clandingpage%7C1%7C202302011610; Domain=.connextra.com; Expires=Thu, 01-Feb-2024 16:10:06 GMT; Path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-119769874-1&cid=350043815.1675267828&jid=268326528&gjid=888115110&_gid=705488557.1675267828&_u=IEBAAEAAAAAAACAAI~&z=1541501097
173.194.73.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-119769874-1&cid=350043815.1675267828&jid=268326528&gjid=888115110&_gid=705488557.1675267828&_u=IEBAAEAAAAAAACAAI~&z=1541501097
IP 173.194.73.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-119769874-1&cid=350043815.1675267828&jid=268326528&gjid=888115110&_gid=705488557.1675267828&_u=IEBAAEAAAAAAACAAI~&z=1541501097 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.powerplay.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Feb 2023 16:10:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pixel.mathtag.com/event/js?mt_id=1518345&mt_adid=243239&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
23.38.200.207200 OK 1.4 kB URL HTTP/1.1 pixel.mathtag.com/event/js?mt_id=1518345&mt_adid=243239&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP 23.38.200.207:0
Hash 56160fe4a7ca5f88615bd1bf7acd4ad2
08f9024d49b435000a65eefa0e21bb33953ce1c6
bfc787a06f9a92a011258bd5970093f1e68468edd6d01b38ac8f70bec3450010
GET /event/js?mt_id=1518345&mt_adid=243239&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1439
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master iad-pixel-x24 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Wed, 01 Feb 2023 16:10:05 GMT
Date: Wed, 01 Feb 2023 16:10:06 GMT
Connection: keep-alive
Set-Cookie: uuid=8fa263da-8ede-4a00-bb0c-2d12258b068c; domain=.mathtag.com; path=/; expires=Thu, 29-Feb-2024 16:10:06 GMT; SameSite=None; Secure
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 16:10:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unphionetor.com/vbl?t=93873&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=93873&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=93873&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 01 Feb 2023 16:10:06 GMT
access-control-allow-origin: https://www.powerplay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: b18e94741798dd7f8802d893cb426713
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
185.89.211.12200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
IP 185.89.211.12:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D25129714%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 01 Feb 2023 16:10:06 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: d4e3894c-35c5-40cf-8a3f-bf51cf42d68b
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GTyuUeIW!]tbP6j2F-XstGt!@Dc6$mX.[; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 02-May-2023 16:10:06 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
my.rtmark.net/img.gif?f=sync&partner=52864f820dd3c23ced7f97ddf958a3c34eb6ec6729f377638d8ff5ebbf8d4ce8&ttl=&rurl=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%26siteid%3D42740
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=52864f820dd3c23ced7f97ddf958a3c34eb6ec6729f377638d8ff5ebbf8d4ce8&ttl=&rurl=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%26siteid%3D42740
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=52864f820dd3c23ced7f97ddf958a3c34eb6ec6729f377638d8ff5ebbf8d4ce8&ttl=&rurl=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%26siteid%3D42740 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:10:06 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3def5c54d7d04557bc4d3151a255f585; expires=Thu, 01 Feb 2024 16:10:06 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=sync&partner=9403e23e5c2aba337796ba9cfd81756032c1ed5a3c8bbb94a820b4f32396f4dc&ttl=&rurl=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%26siteid%3D42740
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=9403e23e5c2aba337796ba9cfd81756032c1ed5a3c8bbb94a820b4f32396f4dc&ttl=&rurl=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%26siteid%3D42740
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=9403e23e5c2aba337796ba9cfd81756032c1ed5a3c8bbb94a820b4f32396f4dc&ttl=&rurl=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%26siteid%3D42740 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:10:06 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=04df2a8f764d41b89e23c17bddbf5fc5; expires=Thu, 01 Feb 2024 16:10:06 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
54.228.37.152200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
IP 54.228.37.152:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Wed, 01 Feb 2023 16:10:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 16:10:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
54.194.123.13303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
IP 54.194.123.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Wed, 01 Feb 2023 16:10:06 GMT
location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a327176edf538c07784f9b0da660c22d
4a56cfcac291dfe1cc177bd3eff976f106731834
aae92a95f747be0bca6982ed7e3e58af8ac74ff69c799b55046ab38474e149dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 16:10:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zz.connextra.com/sync/data/uid/6c883bd680/3ca063da-8ede-4a00-aeb0-42777ba8a9ef
104.85.191.64200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/6c883bd680/3ca063da-8ede-4a00-aeb0-42777ba8a9ef
IP 104.85.191.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/6c883bd680/3ca063da-8ede-4a00-aeb0-42777ba8a9ef HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 2
server: istio-envoy
expires: Wed, 01 Feb 2023 16:10:06 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 01 Feb 2023 16:10:06 GMT
content-length: 64
set-cookie: CxtId=e3661476-ea06-4550-aa6c-a50a243ac0ac; Domain=.connextra.com; Expires=Thu, 01-Feb-2024 16:10:06 GMT; Path=/; Secure
ex_uuid=6c883bd680%2C3ca063da-8ede-4a00-aeb0-42777ba8a9ef; Domain=.connextra.com; Expires=Thu, 01-Feb-2024 16:10:06 GMT; Path=/; Secure
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1184078%26t%3D1
185.89.211.12200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D1184078%26t%3D1
IP 185.89.211.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fpx%3Fid%3D1184078%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 01 Feb 2023 16:10:06 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 737e2fdf-0b06-4040-aeb2-0b48ed111058
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-119769874-1&cid=350043815.1675267828&jid=268326528&_u=IEBAAEAAAAAAACAAI~&z=354889051
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-119769874-1&cid=350043815.1675267828&jid=268326528&_u=IEBAAEAAAAAAACAAI~&z=354889051
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-119769874-1&cid=350043815.1675267828&jid=268326528&_u=IEBAAEAAAAAAACAAI~&z=354889051 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 16:10:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
wp.powerplay-content.com/wp-admin/admin-ajax.php?action=detect_ip
160.153.235.136200 OK 157 B URL HTTP/2 wp.powerplay-content.com/wp-admin/admin-ajax.php?action=detect_ip
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
Hash 0d6c391812233ff5bd50a475a0e5ec97
2e8069dce7a5c43c5549806edb6d50367af04ab8
07c79eac1f53a70a09704d64b6d72bef7954b729685c8d4baa9aade1eab384b0
POST /wp-admin/admin-ajax.php?action=detect_ip HTTP/1.1
Host: wp.powerplay-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://www.powerplay.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:10:06 GMT
content-type: text/html; charset=UTF-8
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://www.powerplay.com
content-encoding: gzip
X-Firefox-Spdy: h2
pixel.mathtag.com/sync/iframe?mt_uuid=8fa263da-8ede-4a00-bb0c-2d12258b068c&no_iframe=1&mt_adid=243239&source=mathtag
23.38.200.207200 OK 677 B URL HTTP/1.1 pixel.mathtag.com/sync/iframe?mt_uuid=8fa263da-8ede-4a00-bb0c-2d12258b068c&no_iframe=1&mt_adid=243239&source=mathtag
IP 23.38.200.207:0
File type HTML document text\012- HTML document, ASCII text
Hash d40dcbee218af49abbd15f61f5da0ffd
e3ec85d9073fa1cc0be1fed18344a6d4a2076e9d
3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22
GET /sync/iframe?mt_uuid=8fa263da-8ede-4a00-bb0c-2d12258b068c&no_iframe=1&mt_adid=243239&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 677
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master iad-pixel-x30 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Wed, 01 Feb 2023 16:10:05 GMT
Date: Wed, 01 Feb 2023 16:10:06 GMT
Connection: keep-alive
secure.adnxs.com/seg?add=19736723&t=1
185.89.211.12307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=19736723&t=1
IP 185.89.211.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=19736723&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 01 Feb 2023 16:10:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19736723%26t%3D1
AN-X-Request-Uuid: 3abb4328-dc47-45c0-b8b1-66d8b12b679a
Set-Cookie: uuid2=7912274127721047858; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 02-May-2023 16:10:06 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 16:10:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zz.connextra.com/sync/data/uid/508a5e2dd5/
104.85.191.64200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/508a5e2dd5/
IP 104.85.191.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/508a5e2dd5/ HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Wed, 01 Feb 2023 16:10:06 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 01 Feb 2023 16:10:06 GMT
content-length: 64
set-cookie: CxtId=cdc26ee9-73fc-47ae-a0f9-1f270ff06636; Domain=.connextra.com; Expires=Thu, 01-Feb-2024 16:10:06 GMT; Path=/; Secure
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e0bc98d03057dabba1334b62bea0975b
b358a8123908fe4b1c94a1273cac45c4e23b212e
10ef320ba825ca0e17d039b66fd2f321f4d2c687a8734d226fa25e9b45e109d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 16:10:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
23.38.200.207200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP 23.38.200.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master iad-pixel-x13 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Wed, 01 Feb 2023 16:10:05 GMT
Date: Wed, 01 Feb 2023 16:10:06 GMT
Connection: keep-alive
Set-Cookie: uuid=beb563da-8ede-4800-9e8c-acde0277df5e; domain=.mathtag.com; path=/; expires=Thu, 29-Feb-2024 16:10:06 GMT; SameSite=None; Secure
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19736723%26t%3D1
185.89.211.12200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19736723%26t%3D1
IP 185.89.211.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D19736723%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 01 Feb 2023 16:10:06 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 6f1224a2-f34a-4bc5-ab39-673239575dd6
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GTyuUeIW!]tbP6j2F-XstGt!@Dc6$mX.[; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 02-May-2023 16:10:06 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/seg?add=19996931&t=1
185.89.211.12307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=19996931&t=1
IP 185.89.211.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=19996931&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 01 Feb 2023 16:10:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19996931%26t%3D1
AN-X-Request-Uuid: a1611114-d2e2-422f-b44c-09a656d88037
Set-Cookie: uuid2=5135593378636078812; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 02-May-2023 16:10:06 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
www.powerplay.com/cdn-cgi/challenge-platform/h/b/cv/result/792bf4830d9dfac0
172.64.145.101200 OK 6 B URL HTTP/2 www.powerplay.com/cdn-cgi/challenge-platform/h/b/cv/result/792bf4830d9dfac0
IP 172.64.145.101:0
File type ASCII text, with no line terminators
Hash 7d14c6d06a6075d413d43d381c992eba
49bdfc1145f7c7a7bf870f069b9d23a97966cb30
f48bd14f1f30b485d99a2904d06cbd9fa03ccaa5779105a3d3cf963edb2ac385
POST /cdn-cgi/challenge-platform/h/b/cv/result/792bf4830d9dfac0 HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12573
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/lp/CA_LP_1000CB/?btag=a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0&siteid=42740
Cookie: JSESSIONID="ADubVcxgS9hd8k4lb3k7wXsxyj0PQXEPHUTEfYYU.tc-app6.rs.fsbtech.com:tc-app6.rs.fsbtech.com-wildfly"; currencyCode=USD; languageId=1; localeKey=en; siteId=222; SERVERID=tc-app6|Y9qO3|Y9qO3; __cf_bm=y.0vxo5FdMjn5yqeUFmEETRPsamZBR72Su6RpkmjjEA-1675267804-0-AdCrsl51DjHnZ03cwOKzNe0FuSmCmX+bEYvyOXEjU8+nItThaB7tE1ZJrD0lUjzBw3uUHRaLXFPhq6fi4aX0KMGphBIn2HPogf4X3k4XLV/g; _ga=GA1.2.350043815.1675267828; _gid=GA1.2.705488557.1675267828; _gat=1; fsb-powerplay-affiliates=%7B%22affiliateName%22%3A%22btag%22%2C%22affiliateValue%22%3A%22a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 16:10:06 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=8qCbYrHdiiBlSRMNOX3rWBpBY4IzNT7CUtGJc6S999c-1675267806-0-AWF1NzyYnjEfGahE0UUsD0nlGtJaE1qi5nyRx11XkTyK+D2Wn+WCYU578bZCwPt68DMJLLZuB3kUPD/JHydYwQ9FNI8UfMT156CrEkZyuWZ1md+FIyWv3rV0y1UGERX7YrgKlVQy0PUblBTsIKqBOYpNzrnCffG+r5f879RItelbIE+lZP61U3bffui2Lqc+HSrHR7UkcfgEA2nywOIDM20=; path=/; expires=Wed, 01-Feb-23 16:40:06 GMT; domain=.www.powerplay.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792bf48e5c48fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/up/pixie.js
2.18.172.187200 OK 3.3 kB URL HTTP/1.1 acdn.adnxs.com/dmp/up/pixie.js
IP 2.18.172.187:0
File type ASCII text, with very long lines (9139), with no line terminators
Hash 75b9af81e30e45403e6856566e888545
d013e9a47331447f32c2bdf6f35b286e711788f0
dd26e2e55783f6174ceea7c7a3b10e5af1c7fca56fc2543956a38b848f32a151
GET /dmp/up/pixie.js HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
ETag: "60b79de0-23b3"
Unused62: 8096267
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Content-Encoding: gzip
Content-Length: 3340
Cache-Control: max-age=86402
Expires: Thu, 02 Feb 2023 16:10:08 GMT
Date: Wed, 01 Feb 2023 16:10:06 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash fcae25f15b1fdb4ec631f5a4a875ba6d
d52ee470629ef84159b2caf955bd9cf125ec7f86
904d42e2681be2eea49c2cc6b6721a6d649b297bff1b3b7ca149fb9e4da43015
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5125
Cache-Control: max-age=115478
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 16:10:06 GMT
Etag: "63d99aef-118"
Expires: Fri, 03 Feb 2023 00:14:44 GMT
Last-Modified: Tue, 31 Jan 2023 22:49:19 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
ib.adnxs.com/pixie?e=PageView&pi=689728d9-60b8-4e36-ba76-2bfb9a87238d&it=1675267828882&v=0.0.20&u=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%26siteid%3D42740&st=1675267828882&et=1675267828882&if=0
185.89.210.20200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=689728d9-60b8-4e36-ba76-2bfb9a87238d&it=1675267828882&v=0.0.20&u=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%26siteid%3D42740&st=1675267828882&et=1675267828882&if=0
IP 185.89.210.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=689728d9-60b8-4e36-ba76-2bfb9a87238d&it=1675267828882&v=0.0.20&u=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%26siteid%3D42740&st=1675267828882&et=1675267828882&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 01 Feb 2023 16:10:06 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
in-automate.sendinblue.com/cm?uuid=1098a47a-26f9-4f4b-a7a4-7a0cc8d519ed&key=gm86guigrko4zzgucol1x&cuid=00e6a077-d8d7-469a-8f02-64d5943d955a
104.17.9.12204 No Content 0 B URL HTTP/2 in-automate.sendinblue.com/cm?uuid=1098a47a-26f9-4f4b-a7a4-7a0cc8d519ed&key=gm86guigrko4zzgucol1x&cuid=00e6a077-d8d7-469a-8f02-64d5943d955a
IP 104.17.9.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?uuid=1098a47a-26f9-4f4b-a7a4-7a0cc8d519ed&key=gm86guigrko4zzgucol1x&cuid=00e6a077-d8d7-469a-8f02-64d5943d955a HTTP/1.1
Host: in-automate.sendinblue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sibautomation.com
Connection: keep-alive
Referer: https://sibautomation.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 01 Feb 2023 16:10:06 GMT
cf-ray: 792bf4905dcdb4f3-OSL
access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
in-automate.sendinblue.com/p?key=gm86guigrko4zzgucol1x&cuid=00e6a077-d8d7-469a-8f02-64d5943d955a&ma_url=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%26siteid%3D42740&sib_type=page&ma_title=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&sib_name=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&ma_referrer=&ma_path=%2Flp%2FCA_LP_1000CB%2F
104.17.9.12204 No Content 0 B URL HTTP/2 in-automate.sendinblue.com/p?key=gm86guigrko4zzgucol1x&cuid=00e6a077-d8d7-469a-8f02-64d5943d955a&ma_url=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%26siteid%3D42740&sib_type=page&ma_title=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&sib_name=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&ma_referrer=&ma_path=%2Flp%2FCA_LP_1000CB%2F
IP 104.17.9.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?key=gm86guigrko4zzgucol1x&cuid=00e6a077-d8d7-469a-8f02-64d5943d955a&ma_url=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%26siteid%3D42740&sib_type=page&ma_title=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&sib_name=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&ma_referrer=&ma_path=%2Flp%2FCA_LP_1000CB%2F HTTP/1.1
Host: in-automate.sendinblue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 01 Feb 2023 16:10:07 GMT
cf-ray: 792bf4915f2eb4f3-OSL
access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13475
Expires: Wed, 01 Feb 2023 19:54:42 GMT
Date: Wed, 01 Feb 2023 16:10:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13475
Expires: Wed, 01 Feb 2023 19:54:42 GMT
Date: Wed, 01 Feb 2023 16:10:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13475
Expires: Wed, 01 Feb 2023 19:54:42 GMT
Date: Wed, 01 Feb 2023 16:10:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:57:42 GMT
age: 65545
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:15:18 GMT
age: 32089
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 22:03:43 GMT
age: 65184
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F591a38fc-2daf-42e7-a48b-a02e54cb63e0.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F591a38fc-2daf-42e7-a48b-a02e54cb63e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c83dcdb618756ebbfeb69a8bff6d38c
5f909182ab6847690e7ebd100e3f0d2798e36192
2e29d0747fb973908228501178465ac09f6553ef8e50dd70ee617f3379eb733c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F591a38fc-2daf-42e7-a48b-a02e54cb63e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7049
x-amzn-requestid: bc6522f2-eb6b-4e59-9912-0c03d145f021
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk31LGE2IAMF8rw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839ba-67477ed1260c27f67e28043d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q_aVbWJKMbX1_bjggzbdnWbgmfooGvXj76t55QGGXRr_y6ZgW2gctw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:52:24 GMT
age: 65863
etag: "5f909182ab6847690e7ebd100e3f0d2798e36192"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/interac.svg
54.230.245.131200 OK 13 kB URL HTTP/2 d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/interac.svg
IP 54.230.245.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (636)
Hash 3647c9731631533d27f446e832664dbe
c36e2c3cec808cee737218f448b5904960265d40
cda7b51c0e4bd7a745ea29ef9c522f7990d1e02e015315c7d626964252143167
GET /img/newcss_landing/img/interac.svg HTTP/1.1
Host: d1l906mtvq85kd.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 15:36:34 GMT
server: AmazonS3
content-encoding: br
date: Wed, 01 Feb 2023 10:40:08 GMT
etag: W/"fcb02d38486eb3d81c95c94facce9aaa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 04aHUGxmyxgXpl8oNNtOoQFojMzrTLscEUOjQWOH5t_XG_e1nwzonQ==
age: 19798
X-Firefox-Spdy: h2
d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/customer_support.svg
54.230.245.131200 OK 22 kB URL HTTP/2 d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/customer_support.svg
IP 54.230.245.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15729), with CRLF line terminators
Hash 037cbcf3eb349f8686735c38c8c40956
a57cbefef6c023ab804d27a4556543fec66db114
2fa57eab4cd1d222daf3279093fb9eb576c6e765449ecfca612464c0a8773e58
GET /img/newcss_landing/img/en/customer_support.svg HTTP/1.1
Host: d1l906mtvq85kd.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 01 Feb 2023 04:04:31 GMT
last-modified: Mon, 23 Jan 2023 15:36:13 GMT
etag: W/"d9a751c72a8508aeb17a8b8a597cd25d"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fMAkEJx0s5RGMRZbwKTBHLm1CUfPstapFn1h3YyuoGhhcOv_JqCHrw==
age: 43535
X-Firefox-Spdy: h2
unphionetor.com/vbri?t=93873&bid=undefined&aid=undefined&tp=4271
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=93873&bid=undefined&aid=undefined&tp=4271
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=93873&bid=undefined&aid=undefined&tp=4271 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 01 Feb 2023 16:10:08 GMT
access-control-allow-origin: https://www.powerplay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 4ad0d91d6e5a12d5134ad1995b8628f0
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.powerplay.com/cdn-cgi/rum?
172.64.145.101204 No Content 0 B URL HTTP/2 www.powerplay.com/cdn-cgi/rum?
IP 172.64.145.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 631
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/lp/CA_LP_1000CB/?btag=a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0&siteid=42740
Cookie: JSESSIONID="ADubVcxgS9hd8k4lb3k7wXsxyj0PQXEPHUTEfYYU.tc-app6.rs.fsbtech.com:tc-app6.rs.fsbtech.com-wildfly"; currencyCode=USD; languageId=1; localeKey=en; siteId=222; SERVERID=tc-app6|Y9qO3|Y9qO3; __cf_bm=8qCbYrHdiiBlSRMNOX3rWBpBY4IzNT7CUtGJc6S999c-1675267806-0-AWF1NzyYnjEfGahE0UUsD0nlGtJaE1qi5nyRx11XkTyK+D2Wn+WCYU578bZCwPt68DMJLLZuB3kUPD/JHydYwQ9FNI8UfMT156CrEkZyuWZ1md+FIyWv3rV0y1UGERX7YrgKlVQy0PUblBTsIKqBOYpNzrnCffG+r5f879RItelbIE+lZP61U3bffui2Lqc+HSrHR7UkcfgEA2nywOIDM20=; _ga=GA1.2.350043815.1675267828; _gid=GA1.2.705488557.1675267828; _gat=1; fsb-powerplay-affiliates=%7B%22affiliateName%22%3A%22btag%22%2C%22affiliateValue%22%3A%22a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%22%7D; sib_cuid=00e6a077-d8d7-469a-8f02-64d5943d955a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Wed, 01 Feb 2023 16:10:13 GMT
access-control-allow-origin: https://www.powerplay.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 792bf4b9d84bfac0-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/fonts.min.css
160.153.235.136200 OK 0 B URL HTTP/2 powerplay-content.com/assets/newcss_landing/fonts.min.css
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
GET /assets/newcss_landing/fonts.min.css HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:10:05 GMT
content-type: text/css
last-modified: Wed, 17 Mar 2021 09:41:15 GMT
vary: Accept-Encoding
etag: W/"6051cebb-b04"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/icons/ssc.svg
54.230.245.131200 OK 0 B URL HTTP/2 d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/icons/ssc.svg
IP 54.230.245.131:0
GET /img/newcss_landing/img/icons/ssc.svg HTTP/1.1
Host: d1l906mtvq85kd.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 01 Feb 2023 04:04:31 GMT
last-modified: Mon, 23 Jan 2023 15:36:30 GMT
etag: W/"bc2790be32cfee9723fe312249dcdf4d"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W-lb8P1h2XUYU0AqkwB-U40hAsA_AgGJ6OLjUvUl-g0FkU0rZSABZQ==
age: 43534
X-Firefox-Spdy: h2
d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/CA/1000depositbonus/1000deposit-bonus-underbtn.svg
54.230.245.131200 OK 0 B URL HTTP/2 d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/CA/1000depositbonus/1000deposit-bonus-underbtn.svg
IP 54.230.245.131:0
GET /img/newcss_landing/img/en/CA/1000depositbonus/1000deposit-bonus-underbtn.svg HTTP/1.1
Host: d1l906mtvq85kd.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 01 Feb 2023 13:50:13 GMT
last-modified: Mon, 23 Jan 2023 15:35:34 GMT
etag: W/"5a1b169ebec318df345f5d3171db5d31"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NbUWmni2g-hS4DyUnH2SMI9DobRMO_D2a6ni8Ct19ch2gT3e06TYCw==
age: 8393
X-Firefox-Spdy: h2
d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/pp-logolock-en-onblk-pic.svg
54.230.245.131200 OK 0 B URL HTTP/2 d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/pp-logolock-en-onblk-pic.svg
IP 54.230.245.131:0
GET /img/newcss_landing/img/en/pp-logolock-en-onblk-pic.svg HTTP/1.1
Host: d1l906mtvq85kd.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 01 Feb 2023 11:45:08 GMT
last-modified: Mon, 23 Jan 2023 15:36:15 GMT
etag: W/"1238ea05289cec3c4e89545e95d4e658"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qFgFSe-jiE8ZFBDjsYJSvRHrV7jjEcSJTtHBLl_NN_PY8cBn6YgubQ==
age: 15898
X-Firefox-Spdy: h2
www.powerplay.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675267200
172.64.145.101200 OK 0 B URL HTTP/2 www.powerplay.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675267200
IP 172.64.145.101:0
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675267200 HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: JSESSIONID="ADubVcxgS9hd8k4lb3k7wXsxyj0PQXEPHUTEfYYU.tc-app6.rs.fsbtech.com:tc-app6.rs.fsbtech.com-wildfly"; currencyCode=USD; languageId=1; localeKey=en; siteId=222; SERVERID=tc-app6|Y9qO3|Y9qO3; __cf_bm=y.0vxo5FdMjn5yqeUFmEETRPsamZBR72Su6RpkmjjEA-1675267804-0-AdCrsl51DjHnZ03cwOKzNe0FuSmCmX+bEYvyOXEjU8+nItThaB7tE1ZJrD0lUjzBw3uUHRaLXFPhq6fi4aX0KMGphBIn2HPogf4X3k4XLV/g; _ga=GA1.2.350043815.1675267828; _gid=GA1.2.705488557.1675267828; _gat=1; fsb-powerplay-affiliates=%7B%22affiliateName%22%3A%22btag%22%2C%22affiliateValue%22%3A%22a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 16:10:05 GMT
content-type: application/javascript; charset=UTF-8
x-control-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792bf489e9b9fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
sibautomation.com/sa.js?key=gm86guigrko4zzgucol1x
104.18.34.145200 OK 0 B URL HTTP/2 sibautomation.com/sa.js?key=gm86guigrko4zzgucol1x
IP 104.18.34.145:0
GET /sa.js?key=gm86guigrko4zzgucol1x HTTP/1.1
Host: sibautomation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 16:10:06 GMT
content-type: text/javascript; charset=utf-8
cf-bgj: minify
cf-polished: origSize=10702
access-control-allow-origin: *
etag: W/"29ce-hK8ZQE0CNmNYRH14ZmvQV2/Ei1M"
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>
cf-cache-status: REVALIDATED
expires: Wed, 01 Feb 2023 16:11:05 GMT
cache-control: public, max-age=60
server: cloudflare
cf-ray: 792bf489ef8bb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=93873
139.45.197.240200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=93873
IP 139.45.197.240:0
GET /fv.js?t=93873 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:10:05 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 84aeef86d8e976d67a313ee9f956801e
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/button-img.svg
54.230.245.131200 OK 0 B URL HTTP/2 d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/button-img.svg
IP 54.230.245.131:0
GET /img/newcss_landing/img/en/button-img.svg HTTP/1.1
Host: d1l906mtvq85kd.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 15:36:13 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 10:40:08 GMT
etag: W/"df7fffc16d00640a8b764172e66600b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GZswNpLOKIAsbcSDY5ORvOsomqS2Yn3zjIYDG27P9VVwrswQEHzkVA==
age: 19798
X-Firefox-Spdy: h2
d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/CA/1000depositbonus/lp-timer-icon-en.svg
54.230.245.131200 OK 0 B URL HTTP/2 d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/CA/1000depositbonus/lp-timer-icon-en.svg
IP 54.230.245.131:0
GET /img/newcss_landing/img/en/CA/1000depositbonus/lp-timer-icon-en.svg HTTP/1.1
Host: d1l906mtvq85kd.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 15:35:38 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 12:33:43 GMT
etag: W/"80d659da9111664228d9c30760bc5353"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: py1voIpy5HxkRTRPygCWy-MmvbBTabhF7fnvEbwcS0wzZgWF3qpx7Q==
age: 12983
X-Firefox-Spdy: h2
d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/icons/fbt.svg
54.230.245.131200 OK 0 B URL HTTP/2 d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/icons/fbt.svg
IP 54.230.245.131:0
GET /img/newcss_landing/img/icons/fbt.svg HTTP/1.1
Host: d1l906mtvq85kd.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 15:36:05 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 09:36:19 GMT
etag: W/"1bbe445967b22e01c73375f73e3dca2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8CI1GaeG29wdcbAmNyta5fVjVIJ37kv_YYOb9K0uSA02yw8gRiDnwg==
age: 23627
X-Firefox-Spdy: h2
www.powerplay.com/lp/CA_LP_1000CB/?btag=a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0&siteid=42740
172.64.145.101200 OK 0 B URL HTTP/2 www.powerplay.com/lp/CA_LP_1000CB/?btag=a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0&siteid=42740
IP 172.64.145.101:0
GET /lp/CA_LP_1000CB/?btag=a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0&siteid=42740 HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 01 Feb 2023 16:10:04 GMT
content-type: text/html;charset=UTF-8
cf-ray: 792bf4830d9dfac0-OSL
cache-control: private
content-language: en-US
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: JSESSIONID="ADubVcxgS9hd8k4lb3k7wXsxyj0PQXEPHUTEfYYU.tc-app6.rs.fsbtech.com:tc-app6.rs.fsbtech.com-wildfly"; Version=1; Path=/; Secure; HttpOnly
currencyCode=USD; path=/; secure; Max-Age=31536000; Expires=Thu, 01-Feb-2024 16:10:04 GMT
languageId=1; path=/; secure; Max-Age=31536000; Expires=Thu, 01-Feb-2024 16:10:04 GMT
localeKey=en; path=/; secure; Max-Age=31536000; Expires=Thu, 01-Feb-2024 16:10:04 GMT
siteId=222; path=/; secure; HttpOnly; Max-Age=31536000; Expires=Thu, 01-Feb-2024 16:10:04 GMT
SERVERID=tc-app6|Y9qO3|Y9qO3; path=/; Secure; SameSite=None; HttpOnly
__cf_bm=y.0vxo5FdMjn5yqeUFmEETRPsamZBR72Su6RpkmjjEA-1675267804-0-AdCrsl51DjHnZ03cwOKzNe0FuSmCmX+bEYvyOXEjU8+nItThaB7tE1ZJrD0lUjzBw3uUHRaLXFPhq6fi4aX0KMGphBIn2HPogf4X3k4XLV/g; path=/; expires=Wed, 01-Feb-23 16:40:04 GMT; domain=.www.powerplay.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.powerplay.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.64.145.101200 OK 0 B URL HTTP/2 www.powerplay.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.64.145.101:0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/lp/CA_LP_1000CB/?btag=a_42740b_17875c_cr_-_w07927hqus93ooam2ag9fid0&siteid=42740
Cookie: JSESSIONID="ADubVcxgS9hd8k4lb3k7wXsxyj0PQXEPHUTEfYYU.tc-app6.rs.fsbtech.com:tc-app6.rs.fsbtech.com-wildfly"; currencyCode=USD; languageId=1; localeKey=en; siteId=222; SERVERID=tc-app6|Y9qO3|Y9qO3; __cf_bm=y.0vxo5FdMjn5yqeUFmEETRPsamZBR72Su6RpkmjjEA-1675267804-0-AdCrsl51DjHnZ03cwOKzNe0FuSmCmX+bEYvyOXEjU8+nItThaB7tE1ZJrD0lUjzBw3uUHRaLXFPhq6fi4aX0KMGphBIn2HPogf4X3k4XLV/g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 16:10:04 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 14:59:41 GMT
etag: W/"63d7db5d-302c"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792bf4849e75fac0-OSL
x-frame-options: DENY
expires: Fri, 03 Feb 2023 16:10:04 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/uil.min.css
160.153.235.136200 OK 0 B URL HTTP/2 powerplay-content.com/assets/newcss_landing/uil.min.css
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
GET /assets/newcss_landing/uil.min.css HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:10:05 GMT
content-type: text/css
last-modified: Mon, 18 Jul 2022 15:26:11 GMT
vary: Accept-Encoding
etag: W/"62d57b93-110a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/icons/ast.svg
54.230.245.131200 OK 0 B URL HTTP/2 d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/icons/ast.svg
IP 54.230.245.131:0
GET /img/newcss_landing/img/icons/ast.svg HTTP/1.1
Host: d1l906mtvq85kd.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 15:36:06 GMT
server: AmazonS3
content-encoding: br
date: Wed, 01 Feb 2023 04:04:31 GMT
etag: W/"8b2b6c924753ab5a19747b7798e4a3ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6Lz0NlHCU0v-KHU35TyFXrgw0M84_hhVBIyW4dJV_cZR75fvb1Cvcw==
age: 43534
X-Firefox-Spdy: h2
d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/icons/lcn.svg
54.230.245.131200 OK 0 B URL HTTP/2 d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/icons/lcn.svg
IP 54.230.245.131:0
GET /img/newcss_landing/img/icons/lcn.svg HTTP/1.1
Host: d1l906mtvq85kd.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 15:36:32 GMT
server: AmazonS3
content-encoding: br
date: Wed, 01 Feb 2023 04:04:31 GMT
etag: W/"6460f0761c4ee35d813175d001059f78"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _ss5jBPxzSBBYgv8ddcZGld1RTlrMZQ_JhhtO_MzgLG33DqiwEFi9w==
age: 43534
X-Firefox-Spdy: h2
d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/ppcom-logo-en-la-onblk-casino.svg
54.230.245.131200 OK 0 B URL HTTP/2 d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/ppcom-logo-en-la-onblk-casino.svg
IP 54.230.245.131:0
GET /img/newcss_landing/img/en/ppcom-logo-en-la-onblk-casino.svg HTTP/1.1
Host: d1l906mtvq85kd.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 15:36:12 GMT
server: AmazonS3
content-encoding: br
date: Wed, 01 Feb 2023 08:37:42 GMT
etag: W/"44e923ed49bceba83e898e861c753a5d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Web8op0F2uihGd_sR12E_ZcK-N0rTc8Z8gXwJ8hDTRQ0dbtVSPSeOw==
age: 27144
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.57.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.57.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 16:10:05 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bf485490fb51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/CA/1000depositbonus/1000deposit-bonus-top.svg
54.230.245.131200 OK 0 B URL HTTP/2 d1l906mtvq85kd.cloudfront.net/img/newcss_landing/img/en/CA/1000depositbonus/1000deposit-bonus-top.svg
IP 54.230.245.131:0
GET /img/newcss_landing/img/en/CA/1000depositbonus/1000deposit-bonus-top.svg HTTP/1.1
Host: d1l906mtvq85kd.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 01 Feb 2023 13:50:13 GMT
last-modified: Mon, 23 Jan 2023 15:35:10 GMT
etag: W/"6fef3ff7f96027a29b5e4e784874701a"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GrKR971JVtfeAkh1AX6JVQJcDgu5dfOGmVPw0sPdlB36biKFs4u8yQ==
age: 8393
X-Firefox-Spdy: h2
sibautomation.com/cm.html?key=gm86guigrko4zzgucol1x
104.18.34.145200 OK 0 B URL HTTP/2 sibautomation.com/cm.html?key=gm86guigrko4zzgucol1x
IP 104.18.34.145:0
GET /cm.html?key=gm86guigrko4zzgucol1x HTTP/1.1
Host: sibautomation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 16:10:06 GMT
content-type: text/html; charset=utf-8
x-powered-by: Sails <sailsjs.com>
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
expires: Wed, 01 Feb 2023 18:10:06 GMT
cache-control: public, max-age=7200
server: cloudflare
cf-ray: 792bf48e9de8b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2