strtapewithadblock.art/e/yBq1vVjQlos1Pm6/2022-10-17_18-23-36.mkv.mp4
172.67.195.212302 Found 0 B URL HTTP/1.1 strtapewithadblock.art/e/yBq1vVjQlos1Pm6/2022-10-17_18-23-36.mkv.mp4
IP 172.67.195.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /e/yBq1vVjQlos1Pm6/2022-10-17_18-23-36.mkv.mp4 HTTP/1.1
Host: strtapewithadblock.art
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 02 Dec 2022 02:37:28 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=345600
Location: https://strtapewithadblock.art/e/yBq1vVjQlos1Pm6/2022-10-17_18-23-36.mkv.mp4
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slyY%2FxQysYtYqF%2Bsfguf%2BhgCA3fPPEhedpEF0A7oroOtuRLFF%2FWy%2BFWM449mPB0RGtDrc5RnMh%2BfaKBCUrnV7w4ptW1azgIl7I5XRuH9PJKMm7JMvHjhuNEKn0Sc8Zfs6ntNaE%2B0RjzL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730ae4d58c4b524-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3171
Expires: Fri, 02 Dec 2022 03:30:19 GMT
Date: Fri, 02 Dec 2022 02:37:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1523
Cache-Control: max-age=116347
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:28 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 10:56:35 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 02:18:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1158
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15377
Expires: Fri, 02 Dec 2022 06:53:45 GMT
Date: Fri, 02 Dec 2022 02:37:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OiezOmJuod4xTdOPO1MsyDh2ck0zl6KLZwMzuoC0xTPn+ki12Ruxd1HGnLEsTpy7ogTjhBKQrHM=
x-amz-request-id: 8WM231RWD7XFEGK7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 01:45:53 GMT
age: 3095
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9a9dda52d2f256664e6f9c7096fe39c5
483b074c812b9cf43fed7262dffd1390a82875f7
256ecd91d578ed9123a317f82f39ecd10247b7efcecb0ea641840456c734aafd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "256ECD91D578ED9123A317F82F39ECD10247B7EFCECB0EA641840456C734AAFD"
Last-Modified: Thu, 01 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Fri, 02 Dec 2022 08:37:16 GMT
Date: Fri, 02 Dec 2022 02:37:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 02:11:15 GMT
cache-control: public,max-age=3600
age: 1574
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9a9dda52d2f256664e6f9c7096fe39c5
483b074c812b9cf43fed7262dffd1390a82875f7
256ecd91d578ed9123a317f82f39ecd10247b7efcecb0ea641840456c734aafd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "256ECD91D578ED9123A317F82F39ECD10247B7EFCECB0EA641840456C734AAFD"
Last-Modified: Thu, 01 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Fri, 02 Dec 2022 08:37:16 GMT
Date: Fri, 02 Dec 2022 02:37:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1519
Cache-Control: max-age=111279
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:29 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:32:08 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16c3ad4a2bc7f419fb354b37778f8b2f
d193a1336556dcf6b4975a057e7c849037eef0ff
5993deb5a53b2e844b9027a6b6906c718f6e9f69c27388199c4343a80ef067f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs
142.250.74.132200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs
IP 142.250.74.132:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 9972e93a2483e5c448bd9f8cde5ccade
4d9544441bf5d0922ebbceaddbf2a1824135e190
2db6671a4f9b05b25ce10acd3bc9c409436a9dc7abab72dfb8a83778a485087f
GET /recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 02 Dec 2022 02:37:29 GMT
date: Fri, 02 Dec 2022 02:37:29 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fb6f5bfbb19eff68650d3d87de257b06
735fd8c1d53e299c05daca1058d051bf5619699e
cdaad1f59444ff31ad1948792b149905bd883c9a79368f722aff27ab83205cca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3950
Cache-Control: max-age=114102
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:29 GMT
Etag: "63887031-117"
Expires: Sat, 03 Dec 2022 10:19:11 GMT
Last-Modified: Thu, 01 Dec 2022 09:13:21 GMT
Server: ECS (amb/6BBF)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fb6f5bfbb19eff68650d3d87de257b06
735fd8c1d53e299c05daca1058d051bf5619699e
cdaad1f59444ff31ad1948792b149905bd883c9a79368f722aff27ab83205cca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3950
Cache-Control: max-age=114102
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:29 GMT
Etag: "63887031-117"
Expires: Sat, 03 Dec 2022 10:19:11 GMT
Last-Modified: Thu, 01 Dec 2022 09:13:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
thumb.tapecontent.net/thumb/yBq1vVjQlos1Pm6/YZb8AyPQlzSvVDg.jpg
104.21.235.147200 OK 167 kB URL HTTP/2 thumb.tapecontent.net/thumb/yBq1vVjQlos1Pm6/YZb8AyPQlzSvVDg.jpg
IP 104.21.235.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1276x715, components 3\012- data
Size 167 kB (166799 bytes)
Hash 142ffa94378d6daab1d6a9e8afcf7040
7cd06fc0ab4ae3e66702bab165d4f09f71179b89
8664148fe303d38ed3a48a43ec5816c2a0d2bae9cd737776188561802c700fa6
GET /thumb/yBq1vVjQlos1Pm6/YZb8AyPQlzSvVDg.jpg HTTP/1.1
Host: thumb.tapecontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:29 GMT
content-type: image/jpeg
content-length: 166799
last-modified: Mon, 17 Oct 2022 20:03:12 GMT
etag: 64f0cccd6c61
access-control-allow-origin: *
allow: OPTIONS, GET, HEAD, POST
access-control-allow-headers: Upgrade-Insecure-Requests,Range,Content-Type,If-Modified-Since
access-control-expose-headers: ETag,Expires,Location,Content-Length,Accept-Ranges,Content-Encoding,Content-Range
content-disposition: inline; filename="YZb8AyPQlzSvVDg.jpg"
cache-control: public, max-age=259200
expires: Sat, 03 Dec 2022 09:18:55 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IT31i5lBzjTgYimUOBa%2FFxGqhxJfprFGMz%2Foe3NIfnyF8N%2BvrI%2Bsmu1NzFP28sFohT6iz60Qc2LXMKGCdLvcyMo5Gub%2Bc%2F%2FL2Wat3GvIHOt07a6ko9cn02AkJdlW8k%2BilW0XExhxxvg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae537a9e7789-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.216.192.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.192.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QikZGlW/0NiWVvIdM1uwxA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mI9JyjnO7w78cUC3/ua66imQRSY=
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1cee152d7296db8019b8f70817f8de77
2e459ebc7d6a0d50b2b5d278fdd4fa5607eda7fc
215ee9e2beda46503c18664730cfc4346c9d7d599d338e24935fb9fe421da5f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5297
Cache-Control: max-age=116895
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:30 GMT
Etag: "638875d8-118"
Expires: Sat, 03 Dec 2022 11:05:45 GMT
Last-Modified: Thu, 01 Dec 2022 09:37:28 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 95bddb967ea61fa9bf1684d9eeff9812
06721f41f93f5a899d6f19c7c4ea2821807f4d73
8d4301f89723c71179acddf592ca18880204caad5ca3dd853ea1aae8a4daffc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D4301F89723C71179ACDDF592CA18880204CAAD5CA3DD853EA1AAE8A4DAFFC4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=265
Expires: Fri, 02 Dec 2022 02:41:55 GMT
Date: Fri, 02 Dec 2022 02:37:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1cee152d7296db8019b8f70817f8de77
2e459ebc7d6a0d50b2b5d278fdd4fa5607eda7fc
215ee9e2beda46503c18664730cfc4346c9d7d599d338e24935fb9fe421da5f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5297
Cache-Control: max-age=116895
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:30 GMT
Etag: "638875d8-118"
Expires: Sat, 03 Dec 2022 11:05:45 GMT
Last-Modified: Thu, 01 Dec 2022 09:37:28 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 169 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
Size 169 kB (168821 bytes)
Hash b059859ca37f7e5079038a1686551670
a1506e6eb65d7aa77ba8c2e875a4682a2efe8b11
87a68eb6afd9060ee7101ff20e5912ac07bee096fb68cc0b93d7fe90faf992db
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://strtapewithadblock.art
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 286053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash ed0dfbce56db09f7d7f278abaf9ff94f
8e72ee309d9a765146ee84db2d51eea43cf855e3
6a9a8d1e2fdf639bdb4c87210c9c8aed2d07c7f175cf63e8f1a9623dd14ac727
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:37:30 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Mon, 05 Dec 2022 23:27:24 GMT
ETag: "8e72ee309d9a765146ee84db2d51eea43cf855e3"
Last-Modified: Thu, 01 Dec 2022 23:27:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1497
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730ae585e28b500-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a40e191e2c32caa23c7ec1abea39e991
b03456fefb0156a48fae623cdc3c444c44d2481e
23abf43db4e7fafcd42f2114b823179fa4119c04f317cd0ee8c395e0688778cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5873
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:30 GMT
Last-Modified: Fri, 02 Dec 2022 00:59:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a40e191e2c32caa23c7ec1abea39e991
b03456fefb0156a48fae623cdc3c444c44d2481e
23abf43db4e7fafcd42f2114b823179fa4119c04f317cd0ee8c395e0688778cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5873
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:30 GMT
Last-Modified: Fri, 02 Dec 2022 00:59:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 96ff7b11c1005267902dd4cc80dc2fe1
8a6b1b7b7dd765bb9921e6a8dc33bbf9316c781e
098ce169e175c2524230713642bea8c31f25da240d13ad181575c8dcf2ba90d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "098CE169E175C2524230713642BEA8C31F25DA240D13AD181575C8DCF2BA90D5"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4017
Expires: Fri, 02 Dec 2022 03:44:27 GMT
Date: Fri, 02 Dec 2022 02:37:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 288f039d0a39bcd3d5395f035a3553cb
f71de6917a331e4b839de8e107d2020ea3d61d26
d7ce8c2d5a18473d7f9424a3c00fb09796790b9c59b088489b595ea83a5845f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7CE8C2D5A18473D7F9424A3C00FB09796790B9C59B088489B595EA83A5845F3"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2403
Expires: Fri, 02 Dec 2022 03:17:33 GMT
Date: Fri, 02 Dec 2022 02:37:30 GMT
Connection: keep-alive
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash a4567a1e52f99c2b3870f58375ec8cac
dbfc795e71fc19f7e45e8637abc4ac770f639a48
2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73266
date: Fri, 02 Dec 2022 02:37:30 GMT
access-control-allow-origin: *
etag: "6388ac0c-11e32"
expires: Fri, 02 Dec 2022 03:37:30 GMT
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 86a12dbe6ec4108e05854b5760fb131b
6d1abccdbeb8536890093cb7eb60b65be31b1ec0
4f59b344c88d910835173a70f7d07c40488573c03fa0274d9b4d6cc66567c423
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F59B344C88D910835173A70F7D07C40488573C03FA0274D9B4D6CC66567C423"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18117
Expires: Fri, 02 Dec 2022 07:39:27 GMT
Date: Fri, 02 Dec 2022 02:37:30 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash fa656423e7ce98fbda51d96c9ee831e2
67fe7b365e2c37dd9d0c7dfa51bb75e2e0be2deb
eec9dbf1de6ef55bcafbfcfbeffecf8787fee293370d58cb862d7b318c89ce99
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:37:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 11:22:16 GMT
Expires: Thu, 08 Dec 2022 11:22:15 GMT
Etag: "67fe7b365e2c37dd9d0c7dfa51bb75e2e0be2deb"
Cache-Control: max-age=549284,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7730ae589ec8b4f1-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash fa656423e7ce98fbda51d96c9ee831e2
67fe7b365e2c37dd9d0c7dfa51bb75e2e0be2deb
eec9dbf1de6ef55bcafbfcfbeffecf8787fee293370d58cb862d7b318c89ce99
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:37:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 11:22:16 GMT
Expires: Thu, 08 Dec 2022 11:22:15 GMT
Etag: "67fe7b365e2c37dd9d0c7dfa51bb75e2e0be2deb"
Cache-Control: max-age=549284,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7730ae5928261c16-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7310d73783ea4b8c991bf436e753582c
d2d3b66c3f54161b07fad0594b434f4f39300142
c4dd5243c7d4b36cef8c8d621a5456e04147c99239706d0b0576fe847c18ca6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4DD5243C7D4B36CEF8C8D621A5456E04147C99239706D0B0576FE847C18CA6C"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12047
Expires: Fri, 02 Dec 2022 05:58:17 GMT
Date: Fri, 02 Dec 2022 02:37:30 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e7f182bc423c8e0b694072f316dfbf3c
cea3572598e1b5c8c5249cabf5ea99e56dc7e02d
02b4ac24bfa51f27fc2e507fb5d923751a9f6566eb98f3b8255a7d05f42d85c5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:37:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 12:52:22 GMT
Expires: Thu, 08 Dec 2022 12:52:21 GMT
Etag: "cea3572598e1b5c8c5249cabf5ea99e56dc7e02d"
Cache-Control: max-age=554690,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7730ae59cfbfb4f7-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 947
Origin: https://strtapewithadblock.art
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 02 Dec 2022 02:37:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://strtapewithadblock.art
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
strtapewithadblock.art/e/yBq1vVjQlos1Pm6/2022-10-17_18-23-36.mkv.mp4
104.21.49.238200 OK 31 kB URL HTTP/2 strtapewithadblock.art/e/yBq1vVjQlos1Pm6/2022-10-17_18-23-36.mkv.mp4
IP 104.21.49.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (39416)
Hash a3081cc14b5343e144dee31da3616253
f63574c9a4daadf0d75b48f53ef7abe33e51a3b8
5f6147b8e6a5a1b042ee728d403bc3e3acbd1909f0261475995aa9927eb91720
Analyzer Verdict Alert fortinet Malware
GET /e/yBq1vVjQlos1Pm6/2022-10-17_18-23-36.mkv.mp4 HTTP/1.1
Host: strtapewithadblock.art
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:29 GMT
content-type: text/html; charset=UTF-8
cache-control: private
cf-cache-status: BYPASS
set-cookie: _b=kube14; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FNn8GiyGBD%2F59S4P%2FjlTolPFWWHS8MH0PLpiwNWr49k9KE%2BuH20hozRMTK7Jm9XTUrDIlZj6zGLkZj5kSOJmujiRlmLcIyuFE1IXdEt852%2BtoQpIClEB5jOEPhHwHeq9NGBBMqsMJSt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae50ba240b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 17367
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/1?z=4787949
139.45.197.239200 OK 22 kB URL HTTP/2 cdn.uponelectabuzzor.club/1?z=4787949
IP 139.45.197.239:0
Hash f9332235e13925fccdcecdd5b6ffd738
51a5f43944f538a70016b1270cb957a2b95d9b16
7a5182fe5c6c902c02767c485f212a49f3b524fdc3c9c2a30ea3e5277bcf3291
GET /1?z=4787949 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:30 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: bd56b1d75ee261d5a94cfa790a4c4dc7
access-control-expose-headers: X-Sc
x-sc: jBu66DXu4zKxQdleEM0P8ONaiG9yaBsVvjN_waW7Y4woK53VEG4xLrPTewCJAyM1u-yAFK7MwvPhesn5CcpJLqJ6ONA=
set-cookie: scm=1; expires=Sat, 02 Dec 2023 02:37:30 GMT; secure; SameSite=None
OAID=f9ca2f96188d435e902639a713f78373; expires=Sat, 02 Dec 2023 02:37:30 GMT; secure; SameSite=None
oaidts=1669948650; expires=Sat, 02 Dec 2023 02:37:30 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 50ac40f242841b43d130c6d58739be16
89383808b04dcbe3a68bfbba35f0c007e9b00248
0a148afb776b0dd8bed50d2f91d975d70f82928e60b0dfa8ece4dd87266034e9
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://strtapewithadblock.art
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:30 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://strtapewithadblock.art
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5f4d79afb4554c7e8d9561d0bde95d20; expires=Sat, 02 Dec 2023 02:37:30 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
mc.yandex.ru/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1491%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1599770404005%3Ahid%3A523329882%3Az%3A0%3Ai%3A20221202023728%3Aet%3A1669948649%3Ac%3A1%3Arn%3A1055406885%3Arqn%3A1%3Au%3A1669948649824226634%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C362%2C141%2C1%2C233%2C0%2C%2C748%2C3%2C%2C%2C%2C1527%3Aco%3A0%3Ans%3A1669948646832%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669948649%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.250.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1491%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1599770404005%3Ahid%3A523329882%3Az%3A0%3Ai%3A20221202023728%3Aet%3A1669948649%3Ac%3A1%3Arn%3A1055406885%3Arqn%3A1%3Au%3A1669948649824226634%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C362%2C141%2C1%2C233%2C0%2C%2C748%2C3%2C%2C%2C%2C1527%3Aco%3A0%3Ans%3A1669948646832%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669948649%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 8bd0e22bd04b9f2aef0344aeac00af0b
1d65bc4bd307fda7a92b23a406799f70923e1304
d7aa4676511ab791ad22ce61a2ece8c34e3640b036acc05bdca36c9a3dfb2a9e
GET /watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1491%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1599770404005%3Ahid%3A523329882%3Az%3A0%3Ai%3A20221202023728%3Aet%3A1669948649%3Ac%3A1%3Arn%3A1055406885%3Arqn%3A1%3Au%3A1669948649824226634%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C362%2C141%2C1%2C233%2C0%2C%2C748%2C3%2C%2C%2C%2C1527%3Aco%3A0%3Ans%3A1669948646832%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669948649%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://strtapewithadblock.art
Referer: https://strtapewithadblock.art/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Fri, 02 Dec 2022 02:37:30 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://strtapewithadblock.art
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 02:37:30 GMT
last-modified: Fri, 02-Dec-2022 02:37:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 02 Dec 2022 02:37:30 GMT
access-control-allow-origin: *
etag: "6388ac0c-2b"
expires: Fri, 02 Dec 2022 03:37:30 GMT
accept-ranges: bytes
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
belickitungchan.com/400/5094692
139.45.197.239200 OK 33 kB URL HTTP/2 belickitungchan.com/400/5094692
IP 139.45.197.239:0
Hash eaad0141c6c483d877789a8ca9a8846d
e82ba93eee0bc1fe202c189f13ace11f551044f3
70c82d05c8e208cef1a9a2f1aa1bf0434f5c0aa3e1caec53f639dd5396b94169
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5094692 HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:30 GMT
content-type: application/javascript
x-trace-id: 113fb828c8f691934d8ccfa4db700a3c
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=aaa28154a4e44872a5522569154aa7eb; expires=Sat, 02 Dec 2023 02:37:30 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19499
Expires: Fri, 02 Dec 2022 08:02:30 GMT
Date: Fri, 02 Dec 2022 02:37:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19499
Expires: Fri, 02 Dec 2022 08:02:30 GMT
Date: Fri, 02 Dec 2022 02:37:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 17240
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:19:21 GMT
age: 69490
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:08:56 GMT
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
age: 16115
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25c68d8b1fae82820f93efca500fd848
45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48
f0ec6b6f6ba0a931c9b71f5bc7ad1e5b89c8e4d8b7441f35eeebfba418d0e588
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6882
x-amzn-requestid: 6b5f15a5-c15b-46bf-9fd5-5d013d37a0eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGfrG3WIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dfd-6038ca700dfb4489230c2683;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2O6x-8-ESFDtlhcjVyGxEXCZcLbbfhsCVQeX02lbNMupPWmM-fKuLA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 17375
etag: "45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 18164
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89e1a735e16f55c78fa75ae434294029
6c56f4015305eff04a99cec9758cd40bf4e5f704
26e8b042c0bbef2c7f93f77451563cf6e12af282251ef864652574be2b2c5b15
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3711
x-amzn-requestid: 68772438-16c4-40ab-a40e-860425d8301c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGyhHVsIAMFmsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e76-21d27db6708228002e738938;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JOCSKxy4WUDbS22Gd9BlyN1gmcDsDNlNWnT57KITGlNwfOe_Iaco9g==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:59 GMT
age: 17312
etag: "6c56f4015305eff04a99cec9758cd40bf4e5f704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zap.buzz/8YbYQea
172.67.213.33302 Found 42 kB IP 172.67.213.33:0
Hash f2c5b39d248e9a6fd6f3ed867505d67e
6edf1c486fcc3cb6ee37ae55611e24f9ba60847e
eae9dcb91da8180cf41faab1d2b20a6800df493f38ce680ca59457ee6589829d
GET /8YbYQea HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 02 Dec 2022 02:37:30 GMT
content-type: text/html; charset=utf-8
location: https://xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.Y4lk6g.vo_7ovpvWafvW_qmeByQ0vGqL04; Expires=Fri, 02 Dec 2022 03:07:30 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q32dnWi7tipWKx4LpPUL6K1w3ulmA9mApUXfHY8piO1Nt4G7uXNBKv8aKKhA4axREZWMslcT2OPViatuedJBFx4EDHFP14rckQKiMwbPYHQayO214BHD%2BoosEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7730ae5698a9b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/9?z=4787949&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=5f4d79afb4554c7e8d9561d0bde95d20
139.45.197.239204 No Content 0 B URL HTTP/2 cdn.uponelectabuzzor.club/9?z=4787949&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=5f4d79afb4554c7e8d9561d0bde95d20
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=4787949&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=5f4d79afb4554c7e8d9561d0bde95d20 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://strtapewithadblock.art/
Origin: https://strtapewithadblock.art
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 02:37:31 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://strtapewithadblock.art
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
belickitungchan.com/500/5094692?excludes=&oaid=5f4d79afb4554c7e8d9561d0bde95d20&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 belickitungchan.com/500/5094692?excludes=&oaid=5f4d79afb4554c7e8d9561d0bde95d20&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5094692?excludes=&oaid=5f4d79afb4554c7e8d9561d0bde95d20&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://strtapewithadblock.art/
Origin: https://strtapewithadblock.art
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:31 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://strtapewithadblock.art
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/11?rnd=451575310&z=4787949&b=15866563&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=CelHlO0UZJwQYhDLzylcT2tvjCqwDBqHTlzLZMhhxZQjB8Xmh3b2tCad3hicU_u0b7lHTV04JC-0xUStHkXYptQRPlYnZOkTAq8_jJ3DzoMkZr1lwBbL7ClbNbIgAHycv3AdQUWFuNqZjrhcp9l78NwSJJGAgiEsIL_wCQDK6CMY50C_WRzUDIB4Raya4AEaDEPUctL6nH6rQfe1FdJ_v5v3QmxsRiftcb9FKTtyL2rmPOTyWlXt_QjAcYerGT5vQ_Zoeow8Z0YTVfGb07OUHSZWqbRO1dg2ZwE6sRmCtCLNLiHSo6mZH-pT7o3bkOt0ck4VG2-yXYKB6prVUGPBYUAxtWU9dR38XNwVDXY7ZFQEdy22hwTm0iv0BDkcSToLQmcXpbRPMn6s03Hw7Ddc7jCytSMVRwQeEN8-hJBRmQ82EsQgE1IacBZiei4yDiqS95Q3UPTmZFcBtyy1LiSYL1xSem0aMu9x5wA7cXbM0xOY2zpfAYQsRy0ywhC3wBxfGX_gPztgr_cX2cUzv6U_AvtV5BI894aqum1rXW-b8EASIPtmiQ6mVI-sR7M_qFSnQ4VUvG7mGhxWQMw1qEw9F6YdTVUm-kTThS46_L84WlcE6eqV1zJWmt8kNWkGrohR3-oFDAjDp_DHXRtPoA6Zqg==&ruid=2a0d9470-8ee1-416a-80bb-258ed3e00c08&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=151
139.45.197.239200 OK 0 B URL HTTP/2 cdn.uponelectabuzzor.club/11?rnd=451575310&z=4787949&b=15866563&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=CelHlO0UZJwQYhDLzylcT2tvjCqwDBqHTlzLZMhhxZQjB8Xmh3b2tCad3hicU_u0b7lHTV04JC-0xUStHkXYptQRPlYnZOkTAq8_jJ3DzoMkZr1lwBbL7ClbNbIgAHycv3AdQUWFuNqZjrhcp9l78NwSJJGAgiEsIL_wCQDK6CMY50C_WRzUDIB4Raya4AEaDEPUctL6nH6rQfe1FdJ_v5v3QmxsRiftcb9FKTtyL2rmPOTyWlXt_QjAcYerGT5vQ_Zoeow8Z0YTVfGb07OUHSZWqbRO1dg2ZwE6sRmCtCLNLiHSo6mZH-pT7o3bkOt0ck4VG2-yXYKB6prVUGPBYUAxtWU9dR38XNwVDXY7ZFQEdy22hwTm0iv0BDkcSToLQmcXpbRPMn6s03Hw7Ddc7jCytSMVRwQeEN8-hJBRmQ82EsQgE1IacBZiei4yDiqS95Q3UPTmZFcBtyy1LiSYL1xSem0aMu9x5wA7cXbM0xOY2zpfAYQsRy0ywhC3wBxfGX_gPztgr_cX2cUzv6U_AvtV5BI894aqum1rXW-b8EASIPtmiQ6mVI-sR7M_qFSnQ4VUvG7mGhxWQMw1qEw9F6YdTVUm-kTThS46_L84WlcE6eqV1zJWmt8kNWkGrohR3-oFDAjDp_DHXRtPoA6Zqg==&ruid=2a0d9470-8ee1-416a-80bb-258ed3e00c08&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=151
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=451575310&z=4787949&b=15866563&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=CelHlO0UZJwQYhDLzylcT2tvjCqwDBqHTlzLZMhhxZQjB8Xmh3b2tCad3hicU_u0b7lHTV04JC-0xUStHkXYptQRPlYnZOkTAq8_jJ3DzoMkZr1lwBbL7ClbNbIgAHycv3AdQUWFuNqZjrhcp9l78NwSJJGAgiEsIL_wCQDK6CMY50C_WRzUDIB4Raya4AEaDEPUctL6nH6rQfe1FdJ_v5v3QmxsRiftcb9FKTtyL2rmPOTyWlXt_QjAcYerGT5vQ_Zoeow8Z0YTVfGb07OUHSZWqbRO1dg2ZwE6sRmCtCLNLiHSo6mZH-pT7o3bkOt0ck4VG2-yXYKB6prVUGPBYUAxtWU9dR38XNwVDXY7ZFQEdy22hwTm0iv0BDkcSToLQmcXpbRPMn6s03Hw7Ddc7jCytSMVRwQeEN8-hJBRmQ82EsQgE1IacBZiei4yDiqS95Q3UPTmZFcBtyy1LiSYL1xSem0aMu9x5wA7cXbM0xOY2zpfAYQsRy0ywhC3wBxfGX_gPztgr_cX2cUzv6U_AvtV5BI894aqum1rXW-b8EASIPtmiQ6mVI-sR7M_qFSnQ4VUvG7mGhxWQMw1qEw9F6YdTVUm-kTThS46_L84WlcE6eqV1zJWmt8kNWkGrohR3-oFDAjDp_DHXRtPoA6Zqg==&ruid=2a0d9470-8ee1-416a-80bb-258ed3e00c08&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=151 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://strtapewithadblock.art
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Cookie: scm=1; OAID=5f4d79afb4554c7e8d9561d0bde95d20; oaidts=1669948650
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:31 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://strtapewithadblock.art
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 8bda93e5f9860232e047466846bad1fb
access-control-expose-headers: X-Sc
set-cookie: OAID=5f4d79afb4554c7e8d9561d0bde95d20; expires=Sat, 02 Dec 2023 02:37:31 GMT; secure; SameSite=None
oaidts=1669948650; expires=Sat, 02 Dec 2023 02:37:31 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0f59a14a9434a185f2aa79465a9fead4
e35939caa08ff547d32dd943c56698c004bd07e9
c08948d152cf98f4edde687b116593709eeedb20f662e78762d7c8fbec21611a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C08948D152CF98F4EDDE687B116593709EEEDB20F662E78762D7C8FBEC21611A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11263
Expires: Fri, 02 Dec 2022 05:45:14 GMT
Date: Fri, 02 Dec 2022 02:37:31 GMT
Connection: keep-alive
belickitungchan.com/500/5094692?excludes=&oaid=5f4d79afb4554c7e8d9561d0bde95d20&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 1.7 kB URL HTTP/2 belickitungchan.com/500/5094692?excludes=&oaid=5f4d79afb4554c7e8d9561d0bde95d20&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash 881593dcdc2e03579e6c4e2bef7d006c
7990c21204d252a2fecfdb64092ca41819e366de
8a57fd610bb053130e873724c5bd4fa6736ed982b4372f8b490b3747fda99a86
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5094692?excludes=&oaid=5f4d79afb4554c7e8d9561d0bde95d20&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://strtapewithadblock.art
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Cookie: OAID=aaa28154a4e44872a5522569154aa7eb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:31 GMT
content-type: application/javascript
x-trace-id: dae90dc7def9f6da788bccd4e074cc70
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://strtapewithadblock.art
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=5f4d79afb4554c7e8d9561d0bde95d20; expires=Sat, 02 Dec 2023 02:37:31 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2493dbbe263359830a920dc8d1cba77f
cd02937f68bf929c4b66d8be5e18e89dac426e15
228a59817ef96a923684372317b6bfb838124c43708ff21c588edd67ce44dae5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4570
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:31 GMT
Last-Modified: Fri, 02 Dec 2022 01:21:21 GMT
Server: ECS (amb/6BBF)
X-Cache: HIT
Content-Length: 280
offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png
172.67.22.216200 OK 43 kB URL HTTP/2 offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png
IP 172.67.22.216:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e27e78d3b01907b714b7d939d7eed85d
2d4aa0d84925e5031861258c341788450ba8b43c
37024bac32f0cc3299c2492471b40e6beb2fd7b3cb73b172d68207e87cdfd6e6
GET /www/images/e27e78d3b01907b714b7d939d7eed85d.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:31 GMT
content-type: image/png
content-length: 43157
last-modified: Thu, 20 May 2021 07:11:05 GMT
etag: "60a60b89-a895"
expires: Fri, 02 Dec 2022 16:36:31 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 36053
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae602a2f0afe-OSL
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/b1/41/47/4fdd65f0460faa9800c36b8a56/01438054536408.jpeg
139.45.197.152200 OK 14 kB URL HTTP/2 interstitial-07.com/contents/s/b1/41/47/4fdd65f0460faa9800c36b8a56/01438054536408.jpeg
IP 139.45.197.152:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash b141474fdd65f0460faa9800c36b8a56
18c04d992e1bfe72f1933ef466b97bf648fedd5b
9cd91c2831815c27802bd7aa06cb4dc7cdebec749ca1a428b668956e4a8b747c
GET /contents/s/b1/41/47/4fdd65f0460faa9800c36b8a56/01438054536408.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=e5zMBJZ8vMQOyk1&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcdn.uponelectabuzzor.club%2F12%3Frnd%3D459635931%26z%3D4787949%26b%3D15866563%26c%3D6360719%26var%3D%26d%3Dhttps%253A%252F%252Fgamingonline.top%252Fbase.php%253Fc%253D1628%2526key%253D8617f3a8310ccf2d8b37c005c596922e%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DCelHlO0UZJwQYhDLzylcT2tvjCqwDBqHTlzLZMhhxZQjB8Xmh3b2tCad3hicU_u0b7lHTV04JC-0xUStHkXYptQRPlYnZOkTAq8_jJ3DzoMkZr1lwBbL7ClbNbIgAHycv3AdQUWFuNqZjrhcp9l78NwSJJGAgiEsIL_wCQDK6CMY50C_WRzUDIB4Raya4AEaDEPUctL6nH6rQfe1FdJ_v5v3QmxsRiftcb9FKTtyL2rmPOTyWlXt_QjAcYerGT5vQ_Zoeow8Z0YTVfGb07OUHSZWqbRO1dg2ZwE6sRmCtCLNLiHSo6mZH-pT7o3bkOt0ck4VG2-yXYKB6prVUGPBYUAxtWU9dR38XNwVDXY7ZFQEdy22hwTm0iv0BDkcSToLQmcXpbRPMn6s03Hw7Ddc7jCytSMVRwQeEN8-hJBRmQ82EsQgE1IacBZiei4yDiqS95Q3UPTmZFcBtyy1LiSYL1xSem0aMu9x5wA7cXbM0xOY2zpfAYQsRy0ywhC3wBxfGX_gPztgr_cX2cUzv6U_AvtV5BI894aqum1rXW-b8EASIPtmiQ6mVI-sR7M_qFSnQ4VUvG7mGhxWQMw1qEw9F6YdTVUm-kTThS46_L84WlcE6eqV1zJWmt8kNWkGrohR3-oFDAjDp_DHXRtPoA6Zqg%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D2a0d9470-8ee1-416a-80bb-258ed3e00c08%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fstrtapewithadblock.art%252Fe%252FyBq1vVjQlos1Pm6%252F2022-10-17_18-23-36.mkv.mp4%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:31 GMT
content-type: image/jpeg
content-length: 13468
last-modified: Sat, 07 May 2022 09:15:51 GMT
vary: Accept-Encoding
etag: "627638c7-349c"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
filter.popmonetizer.net/filter?q=&i=lRYxGGy0iKI_0&ci=-6956523564178035706&t=244508282
174.137.133.18200 OK 6.5 kB URL HTTP/1.1 filter.popmonetizer.net/filter?q=&i=lRYxGGy0iKI_0&ci=-6956523564178035706&t=244508282
IP 174.137.133.18:0
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash 31a711e29c1cf1d663eb60d208d25221
22fd2bf5991a31060df933f349c86a287e428f54
cb30dbc800c2932d2f4bf4a40aacc3bc3f0988e5f176a093224885d7324e633d
GET /filter?q=&i=lRYxGGy0iKI_0&ci=-6956523564178035706&t=244508282 HTTP/1.1
Host: filter.popmonetizer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 02:37:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 6510
Connection: keep-alive
Cache-Control: no-store
Age: 0
Set-Cookie: c-1761203187=-1557096804
x3330662=1557096804; Domain=.popmonetizer.net
Pragma: no-cache
interstitial-07.com/contents/s/1a/54/73/be8e257a9b4f06c9c940ca8aff/0193153961897.jpeg
139.45.197.152200 OK 50 kB URL HTTP/2 interstitial-07.com/contents/s/1a/54/73/be8e257a9b4f06c9c940ca8aff/0193153961897.jpeg
IP 139.45.197.152:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 1a5473be8e257a9b4f06c9c940ca8aff
6156646b633525118ded9392fcb26476b81f357e
8f0a651d2f43236a0578a9d6afcbf5ee1026b5520d86c6d32ea3af9ce4b3e375
GET /contents/s/1a/54/73/be8e257a9b4f06c9c940ca8aff/0193153961897.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=e5zMBJZ8vMQOyk1&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcdn.uponelectabuzzor.club%2F12%3Frnd%3D459635931%26z%3D4787949%26b%3D15866563%26c%3D6360719%26var%3D%26d%3Dhttps%253A%252F%252Fgamingonline.top%252Fbase.php%253Fc%253D1628%2526key%253D8617f3a8310ccf2d8b37c005c596922e%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DCelHlO0UZJwQYhDLzylcT2tvjCqwDBqHTlzLZMhhxZQjB8Xmh3b2tCad3hicU_u0b7lHTV04JC-0xUStHkXYptQRPlYnZOkTAq8_jJ3DzoMkZr1lwBbL7ClbNbIgAHycv3AdQUWFuNqZjrhcp9l78NwSJJGAgiEsIL_wCQDK6CMY50C_WRzUDIB4Raya4AEaDEPUctL6nH6rQfe1FdJ_v5v3QmxsRiftcb9FKTtyL2rmPOTyWlXt_QjAcYerGT5vQ_Zoeow8Z0YTVfGb07OUHSZWqbRO1dg2ZwE6sRmCtCLNLiHSo6mZH-pT7o3bkOt0ck4VG2-yXYKB6prVUGPBYUAxtWU9dR38XNwVDXY7ZFQEdy22hwTm0iv0BDkcSToLQmcXpbRPMn6s03Hw7Ddc7jCytSMVRwQeEN8-hJBRmQ82EsQgE1IacBZiei4yDiqS95Q3UPTmZFcBtyy1LiSYL1xSem0aMu9x5wA7cXbM0xOY2zpfAYQsRy0ywhC3wBxfGX_gPztgr_cX2cUzv6U_AvtV5BI894aqum1rXW-b8EASIPtmiQ6mVI-sR7M_qFSnQ4VUvG7mGhxWQMw1qEw9F6YdTVUm-kTThS46_L84WlcE6eqV1zJWmt8kNWkGrohR3-oFDAjDp_DHXRtPoA6Zqg%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D2a0d9470-8ee1-416a-80bb-258ed3e00c08%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fstrtapewithadblock.art%252Fe%252FyBq1vVjQlos1Pm6%252F2022-10-17_18-23-36.mkv.mp4%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:31 GMT
content-type: image/jpeg
content-length: 49646
last-modified: Thu, 28 Apr 2022 06:49:44 GMT
vary: Accept-Encoding
etag: "626a3908-c1ee"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ce4664ff78f43f330fe8110c920f96c8
8d95283944a9217b18b8aeb68c17992b79ab5638
a855f987a1c193780de746a84c4693da05cbc5b3dd9d97d769918441be33ea9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A855F987A1C193780DE746A84C4693DA05CBC5B3DD9D97D769918441BE33EA9B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12324
Expires: Fri, 02 Dec 2022 06:02:55 GMT
Date: Fri, 02 Dec 2022 02:37:31 GMT
Connection: keep-alive
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 02:37:31 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: ababe0ea666515776da06403650caac7
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
174.137.133.18302 Found 0 B URL HTTP/1.1 xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
IP 174.137.133.18:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=457655&auth=BcObps&pubid=155183 HTTP/1.1
Host: xml.popmonetizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 02 Dec 2022 02:37:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Set-Cookie: x3330662=1466349938; Domain=.popmonetizer.com
Location: https://filter.popmonetizer.net/filter?q=&i=eawaibQPV38_0&ci=1913055728126264639&t=872545882
Pragma: no-cache
xml.popmonetizer.com/click2?i=lRYxGGy0iKI_0&ci=-6956523564178035706&j=rv%3Db%26ss%3D1280x1024%26ws%3D1920x1080%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D5401%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D1%26rf%3D%26lo%3Dfilter.popmonetizer.net%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%253B%2Brv%253A105.0%29%2BGecko%252F20100101%2BFirefox%252F105.0%26nd%3D1%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0
174.137.133.18302 Found 0 B URL HTTP/1.1 xml.popmonetizer.com/click2?i=lRYxGGy0iKI_0&ci=-6956523564178035706&j=rv%3Db%26ss%3D1280x1024%26ws%3D1920x1080%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D5401%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D1%26rf%3D%26lo%3Dfilter.popmonetizer.net%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%253B%2Brv%253A105.0%29%2BGecko%252F20100101%2BFirefox%252F105.0%26nd%3D1%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0
IP 174.137.133.18:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click2?i=lRYxGGy0iKI_0&ci=-6956523564178035706&j=rv%3Db%26ss%3D1280x1024%26ws%3D1920x1080%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D5401%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D1%26rf%3D%26lo%3Dfilter.popmonetizer.net%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%253B%2Brv%253A105.0%29%2BGecko%252F20100101%2BFirefox%252F105.0%26nd%3D1%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0 HTTP/1.1
Host: xml.popmonetizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://filter.popmonetizer.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 02 Dec 2022 02:37:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: http://s.optnx.com/cimp.php?data=TVRZMk9UazBPRFkxTUh3MFlqWTRNamcyTVdRNU1XTXhZbUZtWlRjeFlURXpPV0kzTlRZMU16YzFaQS0tfGh0dHA6Ly94bWwtdjQucHdyLWFkcy5jb20vY2xpY2s_aT1qRDZWSlYyazN4UV8wJmV4b19jaWQ9NTMxOTc0OHxodHRwfDkxLjkwLjQyLjE1NHxOT1J8NDF8dXBsb2FkYmFuay5jb218ODExMjA0fDU1MDUwNnw4NzgzMjJ8Mzk5ODYyMnw1MTF8NTMxOTc0OHw3NTYwMDAwOHw0MHwzfDB8MHwyNTM0NHwzNzUzMDF8NTYuOXw3MHxVU0R8VVNEfDF8MXwyMnx8MXxOT1J8fDg0fDJ8MHx8MTM1NDQxNTUyMHwwMzU2ODEwODRjOTE5YWRiMTFjZjY3MjdiZmI3YTVkZHwxfDB8ZmlsdGVyLnBvcG1vbmV0aXplci5uZXR8MHwwfDB8MC4xMnwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MzE0MzI0MnwtMXw2fDMxNDMyNDR8fHwyfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHx8OHwxfE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wfHxPS3xiZWJlZDAzMmI5MTNkMzFhNTQ1MWMxODIwNjYwMzEwZg--
Pragma: no-cache
cdn.uponelectabuzzor.club/11?rnd=451575310&z=4787949&b=15866563&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=CelHlO0UZJwQYhDLzylcT2tvjCqwDBqHTlzLZMhhxZQjB8Xmh3b2tCad3hicU_u0b7lHTV04JC-0xUStHkXYptQRPlYnZOkTAq8_jJ3DzoMkZr1lwBbL7ClbNbIgAHycv3AdQUWFuNqZjrhcp9l78NwSJJGAgiEsIL_wCQDK6CMY50C_WRzUDIB4Raya4AEaDEPUctL6nH6rQfe1FdJ_v5v3QmxsRiftcb9FKTtyL2rmPOTyWlXt_QjAcYerGT5vQ_Zoeow8Z0YTVfGb07OUHSZWqbRO1dg2ZwE6sRmCtCLNLiHSo6mZH-pT7o3bkOt0ck4VG2-yXYKB6prVUGPBYUAxtWU9dR38XNwVDXY7ZFQEdy22hwTm0iv0BDkcSToLQmcXpbRPMn6s03Hw7Ddc7jCytSMVRwQeEN8-hJBRmQ82EsQgE1IacBZiei4yDiqS95Q3UPTmZFcBtyy1LiSYL1xSem0aMu9x5wA7cXbM0xOY2zpfAYQsRy0ywhC3wBxfGX_gPztgr_cX2cUzv6U_AvtV5BI894aqum1rXW-b8EASIPtmiQ6mVI-sR7M_qFSnQ4VUvG7mGhxWQMw1qEw9F6YdTVUm-kTThS46_L84WlcE6eqV1zJWmt8kNWkGrohR3-oFDAjDp_DHXRtPoA6Zqg==&ruid=2a0d9470-8ee1-416a-80bb-258ed3e00c08&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.239200 OK 0 B URL HTTP/2 cdn.uponelectabuzzor.club/11?rnd=451575310&z=4787949&b=15866563&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=CelHlO0UZJwQYhDLzylcT2tvjCqwDBqHTlzLZMhhxZQjB8Xmh3b2tCad3hicU_u0b7lHTV04JC-0xUStHkXYptQRPlYnZOkTAq8_jJ3DzoMkZr1lwBbL7ClbNbIgAHycv3AdQUWFuNqZjrhcp9l78NwSJJGAgiEsIL_wCQDK6CMY50C_WRzUDIB4Raya4AEaDEPUctL6nH6rQfe1FdJ_v5v3QmxsRiftcb9FKTtyL2rmPOTyWlXt_QjAcYerGT5vQ_Zoeow8Z0YTVfGb07OUHSZWqbRO1dg2ZwE6sRmCtCLNLiHSo6mZH-pT7o3bkOt0ck4VG2-yXYKB6prVUGPBYUAxtWU9dR38XNwVDXY7ZFQEdy22hwTm0iv0BDkcSToLQmcXpbRPMn6s03Hw7Ddc7jCytSMVRwQeEN8-hJBRmQ82EsQgE1IacBZiei4yDiqS95Q3UPTmZFcBtyy1LiSYL1xSem0aMu9x5wA7cXbM0xOY2zpfAYQsRy0ywhC3wBxfGX_gPztgr_cX2cUzv6U_AvtV5BI894aqum1rXW-b8EASIPtmiQ6mVI-sR7M_qFSnQ4VUvG7mGhxWQMw1qEw9F6YdTVUm-kTThS46_L84WlcE6eqV1zJWmt8kNWkGrohR3-oFDAjDp_DHXRtPoA6Zqg==&ruid=2a0d9470-8ee1-416a-80bb-258ed3e00c08&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=451575310&z=4787949&b=15866563&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=CelHlO0UZJwQYhDLzylcT2tvjCqwDBqHTlzLZMhhxZQjB8Xmh3b2tCad3hicU_u0b7lHTV04JC-0xUStHkXYptQRPlYnZOkTAq8_jJ3DzoMkZr1lwBbL7ClbNbIgAHycv3AdQUWFuNqZjrhcp9l78NwSJJGAgiEsIL_wCQDK6CMY50C_WRzUDIB4Raya4AEaDEPUctL6nH6rQfe1FdJ_v5v3QmxsRiftcb9FKTtyL2rmPOTyWlXt_QjAcYerGT5vQ_Zoeow8Z0YTVfGb07OUHSZWqbRO1dg2ZwE6sRmCtCLNLiHSo6mZH-pT7o3bkOt0ck4VG2-yXYKB6prVUGPBYUAxtWU9dR38XNwVDXY7ZFQEdy22hwTm0iv0BDkcSToLQmcXpbRPMn6s03Hw7Ddc7jCytSMVRwQeEN8-hJBRmQ82EsQgE1IacBZiei4yDiqS95Q3UPTmZFcBtyy1LiSYL1xSem0aMu9x5wA7cXbM0xOY2zpfAYQsRy0ywhC3wBxfGX_gPztgr_cX2cUzv6U_AvtV5BI894aqum1rXW-b8EASIPtmiQ6mVI-sR7M_qFSnQ4VUvG7mGhxWQMw1qEw9F6YdTVUm-kTThS46_L84WlcE6eqV1zJWmt8kNWkGrohR3-oFDAjDp_DHXRtPoA6Zqg==&ruid=2a0d9470-8ee1-416a-80bb-258ed3e00c08&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://strtapewithadblock.art
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Cookie: scm=1; OAID=5f4d79afb4554c7e8d9561d0bde95d20; oaidts=1669948650
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:31 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://strtapewithadblock.art
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 5fc8911ce51007ea86988b7bed3069cb
access-control-expose-headers: X-Sc
set-cookie: OAID=5f4d79afb4554c7e8d9561d0bde95d20; expires=Sat, 02 Dec 2023 02:37:31 GMT; secure; SameSite=None
oaidts=1669948650; expires=Sat, 02 Dec 2023 02:37:31 GMT; secure; SameSite=None
oaidvc=1; expires=Sat, 02 Dec 2023 02:37:31 GMT; secure; SameSite=None
CNT=1_v1_wxryAAEAAACASwAi; expires=Fri, 02 Dec 2022 03:37:31 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 02:37:32 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 8fa643016b1cfac21aa81144a58242cc
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
filter.popmonetizer.net/filter?q=&i=eawaibQPV38_0&ci=1913055728126264639&t=872545882
174.137.133.18200 OK 6.5 kB URL HTTP/1.1 filter.popmonetizer.net/filter?q=&i=eawaibQPV38_0&ci=1913055728126264639&t=872545882
IP 174.137.133.18:0
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash 77522fa5603ff0237ccaf4afc454b294
c01507d5617ab4183fc490ea749a1981f0826c7e
80135119bffcdc680abf8a20046d696f92ae2b40a1ef8cbb037372e5289f53ee
GET /filter?q=&i=eawaibQPV38_0&ci=1913055728126264639&t=872545882 HTTP/1.1
Host: filter.popmonetizer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 02:37:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 6503
Connection: keep-alive
Cache-Control: no-store
Age: 0
Set-Cookie: c-1761203187=-1466349938
x3330662=1466349938; Domain=.popmonetizer.net
Pragma: no-cache
xml.popmonetizer.com/click2?i=eawaibQPV38_0&ci=1913055728126264639&j=rv%3Db%26ss%3D1280x1024%26ws%3D1920x1080%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D8912%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D1%26rf%3D%26lo%3Dfilter.popmonetizer.net%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%253B%2Brv%253A105.0%29%2BGecko%252F20100101%2BFirefox%252F105.0%26nd%3D1%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0
174.137.133.18302 Found 0 B URL HTTP/1.1 xml.popmonetizer.com/click2?i=eawaibQPV38_0&ci=1913055728126264639&j=rv%3Db%26ss%3D1280x1024%26ws%3D1920x1080%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D8912%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D1%26rf%3D%26lo%3Dfilter.popmonetizer.net%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%253B%2Brv%253A105.0%29%2BGecko%252F20100101%2BFirefox%252F105.0%26nd%3D1%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0
IP 174.137.133.18:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click2?i=eawaibQPV38_0&ci=1913055728126264639&j=rv%3Db%26ss%3D1280x1024%26ws%3D1920x1080%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D8912%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D1%26rf%3D%26lo%3Dfilter.popmonetizer.net%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%253B%2Brv%253A105.0%29%2BGecko%252F20100101%2BFirefox%252F105.0%26nd%3D1%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0 HTTP/1.1
Host: xml.popmonetizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://filter.popmonetizer.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 02 Dec 2022 02:37:32 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_119050.242451_479413
Pragma: no-cache
adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_119050.242451_479413
95.101.10.153307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_119050.242451_479413
IP 95.101.10.153:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_119050.242451_479413 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://filter.popmonetizer.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2808422&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&sref=TRM&TRM=dL_119050.242451_479413&affiliateId=1&pid=86789360&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 02 Dec 2022 02:37:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 02 Dec 2022 02:37:32 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86789360%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669948652905)%5c%2f%22%2c%22CookieTag%22%3a%223795086789360451240919C2022122237%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228507656164%7c1%22%7d%5d; domain=.unibet.com; expires=Sun, 02-Dec-3021 02:37:32 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=36
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2808422&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&sref=TRM&TRM=dL_119050.242451_479413&affiliateId=1&pid=86789360&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2808422&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&sref=TRM&TRM=dL_119050.242451_479413&affiliateId=1&pid=86789360&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2808422&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&sref=TRM&TRM=dL_119050.242451_479413&affiliateId=1&pid=86789360&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://filter.popmonetizer.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 02 Dec 2022 02:37:33 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2808422&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&sref=TRM&TRM=dL_119050.242451_479413&affiliateId=1&pid=86789360&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320665405%3A86789360-37950
set-cookie: JSESSIONID=node01rjmayxq7ck8z1fije10uu7uuy1437917.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01rjmayxq7ck8z1fije10uu7uu; Path=/; Domain=.unibet.nu; Expires=Sun, 01-Dec-2024 02:37:33 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sun, 01-Dec-2024 02:37:33 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://filter.popmonetizer.net/"; Path=/; Domain=.unibet.nu; Expires=Sun, 01-Dec-2024 02:37:33 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2808422; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=44486; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 02:37:48 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=44486; Secure; SameSite=None
B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=44486; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=44486; Secure; SameSite=None
PID=86789360; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=44486; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=44486; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=44486; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2808422; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=44486; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 02:37:48 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2808422; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=44486; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 02:37:48 GMT; Max-Age=15; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://filter.popmonetizer.net/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Fri, 02 Dec 2022 02:37:33 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2808422&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&sref=TRM&TRM=dL_119050.242451_479413&affiliateId=1&pid=86789360&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320665405%3A86789360-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2808422&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&sref=TRM&TRM=dL_119050.242451_479413&affiliateId=1&pid=86789360&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320665405%3A86789360-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2808422&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&sref=TRM&TRM=dL_119050.242451_479413&affiliateId=1&pid=86789360&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320665405%3A86789360-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://filter.popmonetizer.net/
Connection: keep-alive
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 02 Dec 2022 02:37:33 GMT
content-length: 0
location: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Fri, 02 Dec 2022 02:37:33 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e4835011e0eeeab8c7bfd2cfd77bc45f
42cbf2f429cafbbcec644142ea8eeff599279241
6e1846f720e8c94592e906dcde5500fe730a832d753f942070177c682bc6edfa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6264
Cache-Control: max-age=123932
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:33 GMT
Etag: "63888d91-116"
Expires: Sat, 03 Dec 2022 13:03:05 GMT
Last-Modified: Thu, 01 Dec 2022 11:18:41 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
belickitungchan.com/impression/N0sVJSobzf9TmVUjSMv3EZQBOPr7Gz23zun0U_QoE-7kKxWF8FkMCYtyWDzPj8KOBbFyPLybtp5cE40ZYAZa6Jy29PoPHikRzKL4wgUueWWUwSB53-1b8msG6vnPbuvOqsWSwhScDpqvMNAkowTpZF6PPrDaCFBSxciXRL5jJTZMhMZWFcO3PLcVO8iqoW5sAOvFoKB3B-qCGar8oOaqz91ULZr1HI9AiuvswMrixw203WTtWgJUX1SGRBCZyHSSCcQ28jvg3ftWbXTF7IIWglxGZ5jjCb_h8EKf0ep_detEd0xdrg3SVj-s83_oaYBogOaYSzZfiRef128xoanbukeGGiOabhcRhoE2bPue8dPDRM_FfiVoExugn8D1ymIV8BA0_35MIwHQqC2OwOLfdU0y4k1vIoeVDybw6ywPcgk1nwg7Ef70dQjsQ6gnDlUwCRcGIB24k1pNXji1ZaWGQ2pgG9BDyJyCKGHgr8ssi5HTf-gTdkZRrFZVo7j-fEpnUIQbUUfkOp-e60KpdYrXO5_iUkWT2_RlXjSmrvgNiVhPxZaUNZkfoAnmMGEcghUyrdTX3wYiyW1sG2rtSe6WdVVfvazo76fBlHqAy5mcwag=?_z=5094692&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 belickitungchan.com/impression/N0sVJSobzf9TmVUjSMv3EZQBOPr7Gz23zun0U_QoE-7kKxWF8FkMCYtyWDzPj8KOBbFyPLybtp5cE40ZYAZa6Jy29PoPHikRzKL4wgUueWWUwSB53-1b8msG6vnPbuvOqsWSwhScDpqvMNAkowTpZF6PPrDaCFBSxciXRL5jJTZMhMZWFcO3PLcVO8iqoW5sAOvFoKB3B-qCGar8oOaqz91ULZr1HI9AiuvswMrixw203WTtWgJUX1SGRBCZyHSSCcQ28jvg3ftWbXTF7IIWglxGZ5jjCb_h8EKf0ep_detEd0xdrg3SVj-s83_oaYBogOaYSzZfiRef128xoanbukeGGiOabhcRhoE2bPue8dPDRM_FfiVoExugn8D1ymIV8BA0_35MIwHQqC2OwOLfdU0y4k1vIoeVDybw6ywPcgk1nwg7Ef70dQjsQ6gnDlUwCRcGIB24k1pNXji1ZaWGQ2pgG9BDyJyCKGHgr8ssi5HTf-gTdkZRrFZVo7j-fEpnUIQbUUfkOp-e60KpdYrXO5_iUkWT2_RlXjSmrvgNiVhPxZaUNZkfoAnmMGEcghUyrdTX3wYiyW1sG2rtSe6WdVVfvazo76fBlHqAy5mcwag=?_z=5094692&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/N0sVJSobzf9TmVUjSMv3EZQBOPr7Gz23zun0U_QoE-7kKxWF8FkMCYtyWDzPj8KOBbFyPLybtp5cE40ZYAZa6Jy29PoPHikRzKL4wgUueWWUwSB53-1b8msG6vnPbuvOqsWSwhScDpqvMNAkowTpZF6PPrDaCFBSxciXRL5jJTZMhMZWFcO3PLcVO8iqoW5sAOvFoKB3B-qCGar8oOaqz91ULZr1HI9AiuvswMrixw203WTtWgJUX1SGRBCZyHSSCcQ28jvg3ftWbXTF7IIWglxGZ5jjCb_h8EKf0ep_detEd0xdrg3SVj-s83_oaYBogOaYSzZfiRef128xoanbukeGGiOabhcRhoE2bPue8dPDRM_FfiVoExugn8D1ymIV8BA0_35MIwHQqC2OwOLfdU0y4k1vIoeVDybw6ywPcgk1nwg7Ef70dQjsQ6gnDlUwCRcGIB24k1pNXji1ZaWGQ2pgG9BDyJyCKGHgr8ssi5HTf-gTdkZRrFZVo7j-fEpnUIQbUUfkOp-e60KpdYrXO5_iUkWT2_RlXjSmrvgNiVhPxZaUNZkfoAnmMGEcghUyrdTX3wYiyW1sG2rtSe6WdVVfvazo76fBlHqAy5mcwag=?_z=5094692&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Cookie: OAID=5f4d79afb4554c7e8d9561d0bde95d20
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: image/gif
content-length: 43
x-trace-id: e2f51b9d40fbbea51a30ce2d9decbdf8
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
104.18.25.188200 OK 4.1 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
IP 104.18.25.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (569)
Hash 928400042eb071de5689a17bd4cec0a3
d4a9996db8c5e89132d891901ea1f6512ce3f8c0
1c76fd4ad105d7cb63fb31d3348e4b90aaa11525d8d615cf1470fb316205d64a
GET /nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360 HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://filter.popmonetizer.net/
Connection: keep-alive
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: ALrEeXzHb5XykFNPd2FIIA==
last-modified: Mon, 28 Nov 2022 13:31:56 GMT
x-ms-request-id: 209f29ac-b01e-0076-78f7-05984a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6adf9c0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash aff15ad9f37f82e3e8971e79b9159670
e9414ce7af5599213ab3f50af0b3bc07d2c6c04b
716600b6453c753227ffde5d9ceaf03b0f043002665cfcae45b68d0322947139
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1433
Cache-Control: max-age=121991
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:33 GMT
Etag: "638898db-117"
Expires: Sat, 03 Dec 2022 12:30:44 GMT
Last-Modified: Thu, 01 Dec 2022 12:06:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
216.58.207.202200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 216.58.207.202:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 12:45:16 GMT
expires: Wed, 29 Nov 2023 12:45:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 222737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 1.1 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash 12f5a55e7ece6535d5b60a37ba819946
bf1e9f7d6c7a8e823f707affb505085ae944d541
43d0c4f15c6349273f20adff3508968134347267852a83d170ea05ed7e3b3ff2
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86789360%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669948652905)%5c%2f%22%2c%22CookieTag%22%3a%223795086789360451240919C2022122237%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-background-black.jpg
104.18.25.188200 OK 530 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-background-black.jpg
IP 104.18.25.188:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1800x936, components 3\012- data
Size 530 kB (530095 bytes)
Hash c5895500a886f17ff9344e0d82fe6ec9
3c47606c692fc53da28e541e8b191a777d77cefd
ac6895cf3959a7cd8b23f9d1f7eed70af8d6fc1cdf27de416ef6120d13fea88e
GET /nu/pop/sportsbook/football/wc/2022/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: image/jpeg
content-length: 530095
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: xYlVAKiG8X/5NE4Ngv5uyQ==
etag: "0x8DAD144EC3BE92B"
last-modified: Mon, 28 Nov 2022 13:31:57 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 050ee1fe-201e-0016-392e-03e4d5000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 493
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6db8680b59-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 111819
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.nu/widget/betslip/betslip.js
104.18.25.188200 OK 20 kB URL HTTP/2 welcome.unibet.nu/widget/betslip/betslip.js
IP 104.18.25.188:0
File type ASCII text, with very long lines (693)
Hash 2f1b7e523af8c072e774ef7046ca2099
21571fe4691e0ab777b286f3592d28b1afcbb98e
c8b1f24ad0c934a574e84f801fa3425b45328664340e056250c7be141bc27fd0
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 9491108d-c01e-000e-6d20-ff3bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 147174
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6d68560b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/Unibet_Pro_2020.woff2
104.18.25.188200 OK 11 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/Unibet_Pro_2020.woff2
IP 104.18.25.188:0
File type Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Hash 0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/sportsbook/football/wc/2022/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: application/font-woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Mon, 28 Nov 2022 13:32:01 GMT
etag: "0x8DAD144EEBD06F1"
x-ms-request-id: 1e7868bd-101e-0032-3d2e-031275000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 306224
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6db86a0b59-OSL
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css
104.18.25.188200 OK 21 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css
IP 104.18.25.188:0
Hash 5404fbda0f3dd12f1620f8187564e75e
f50c41ca949fee53f0c921296ad63cde12357531
dc4e1aa6bafb0d26e5dafa391d8c172a89608fbe6e3e20581c9bfb2cde66ac3e
GET /nu/pop/sportsbook/football/wc/2022/1-styles.css HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: lMc9drvQACpBd5pyJgR1QA==
last-modified: Mon, 28 Nov 2022 13:31:57 GMT
etag: W/"0x8DAD144EBD101D6"
x-ms-request-id: 48012a01-901e-0061-2e2e-033141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 306225
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6c88150b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
172.64.132.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP 172.64.132.15:0
File type Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Hash 3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: font/woff2
content-length: 74320
x-amz-id-2: YZru+jdqqV4ZVjQKhHSDc2SzcgqxzGodTcurp5CtYe0CAFVbtD6sVjUUgC5emQ/bMiFzXbCo/o8=
x-amz-request-id: FVR5MKV1RRGPM1XK
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 304952
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UF9ht81BMkYnGEB5Tee7awNUG9gaRxWM0DZYKcaNV9algWcQVMTrJJpD650Y%2B5O5B7QmwKCCeGxhbV6Ljqr%2Bp7KANIsG%2FSZ522agWOUW49zibGQ42Ylet6pM86iwBtMpaZ9INXeK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7730ae6e087e75a1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:37:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/seg?add=9755599
37.252.172.123307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 02:37:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: d1000d3d-472c-45dc-8ccc-ea44202e61de
Set-Cookie: uuid2=4877668587381980288; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 02:37:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
142.250.74.168200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP 142.250.74.168:0
File type ASCII text, with very long lines (62112)
Hash 1aed78c123de983a84e5b629a6e007f6
4a0a101de72a22838e4f2728238d892df3bb2dd5
d68d3e745f5f99ef8e6db2c2a054b7912c54589ef7d77e0f8ea7eaefe50fde81
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 02:37:33 GMT
expires: Fri, 02 Dec 2022 02:37:33 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80767
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
37.252.172.123200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 37.252.172.123:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 02:37:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: da177dc7-e7ed-40c8-8daf-1f4ccefc7b3e
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E><t)'2[!]tbP6j2F-XstGt!@DZA$hMd); SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 02:37:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/mga-logo.svg
104.18.25.188200 OK 2.4 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/mga-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash de9c0886391772215178b52844440038
bdc3a6488f28d910f856acd1f3172d324e10b3ea
b9ad056e7aaef631d4e7408f5a037cd69f3ca3f2fc232b03d1699cd4291bb14c
GET /nu/pop/sportsbook/football/wc/2022/mga-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Mon, 28 Nov 2022 13:31:59 GMT
etag: W/"0x8DAD144ED2C40CB"
x-ms-request-id: 171ac690-b01e-003b-462e-0357a6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 306224
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6e18810b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.132.15200 OK 12 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Hash 031dda024460189753d3bdd62bf44f12
6d066791e0b9abdc106dfc9b6862e6e90915cb56
37eb7f268eba6503495304fbb867611d6f0eedc0ae73e718d135207eef778697
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: text/css
x-amz-id-2: Xm36uDKuLaPVHmlHFXBp8XBMvcjQAoAkWnlPKMuSJH5kGWp9ohRAzuartsjrNJNfu/VMpPaSe/Y=
x-amz-request-id: D4NHAVS1CE9M70Z6
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 305698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubQ1NvpeR7%2BPLRp6cd0TAg3FavT4XnSAwW1oKFr%2BKqe%2B0v1cAgYXaRl6HGYFjVC5OCD6eTq%2FIyxT9xY%2FNWiyT5ApVRPO0a3XSNqbfxwNsFhChZS4ppcSiTyzQDctVSK8j4ZIDCy4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7730ae6d1ff275a1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s42245642238890?AQB=1&ndh=1&pf=1&t=2%2F11%2F2022%202%3A37%3A32%205%200&mid=29238422472818200629167545474799153879&ce=UTF-8&pageName=LP%3ACopy%20of%202022%20-%20WC%20-%20Sports%20LP&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320665405%3A86789360-37950%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26bid%3D37950%26campaignId%3D2808422%26pid%3D86789360&r=https%3A%2F%2Ffilter.popmonetizer.net%2F&cc=GBP&ch=bf_landingpage&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320665405%3A86789360-37950%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26bid%3D37950%26campaignId%3D2808422%26pid%3D86789360&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Afootball%3Awc%3A2022%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=2%3A37%20AM%7CFriday&v6=2%3A37%20AM%7CFriday&v11=GBP&c14=New&v14=New&c16=1669948652&v21=Not%20Logged-In&c73=unibet&c74=29238422472818200629167545474799153879&v99=29238422472818200629167545474799153879&v120=popunder&v121=1%3A320665405%3A86789360-37950&v122=NONE&v124=2808422&v125=320665405_F7267A7519354AAA811A1559D7EE5D53&v126=86789360&v127=37950&v134=1669948652&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1920&bh=1080&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
15.236.176.210200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s42245642238890?AQB=1&ndh=1&pf=1&t=2%2F11%2F2022%202%3A37%3A32%205%200&mid=29238422472818200629167545474799153879&ce=UTF-8&pageName=LP%3ACopy%20of%202022%20-%20WC%20-%20Sports%20LP&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320665405%3A86789360-37950%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26bid%3D37950%26campaignId%3D2808422%26pid%3D86789360&r=https%3A%2F%2Ffilter.popmonetizer.net%2F&cc=GBP&ch=bf_landingpage&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320665405%3A86789360-37950%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26bid%3D37950%26campaignId%3D2808422%26pid%3D86789360&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Afootball%3Awc%3A2022%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=2%3A37%20AM%7CFriday&v6=2%3A37%20AM%7CFriday&v11=GBP&c14=New&v14=New&c16=1669948652&v21=Not%20Logged-In&c73=unibet&c74=29238422472818200629167545474799153879&v99=29238422472818200629167545474799153879&v120=popunder&v121=1%3A320665405%3A86789360-37950&v122=NONE&v124=2808422&v125=320665405_F7267A7519354AAA811A1559D7EE5D53&v126=86789360&v127=37950&v134=1669948652&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1920&bh=1080&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 15.236.176.210:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s42245642238890?AQB=1&ndh=1&pf=1&t=2%2F11%2F2022%202%3A37%3A32%205%200&mid=29238422472818200629167545474799153879&ce=UTF-8&pageName=LP%3ACopy%20of%202022%20-%20WC%20-%20Sports%20LP&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320665405%3A86789360-37950%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26bid%3D37950%26campaignId%3D2808422%26pid%3D86789360&r=https%3A%2F%2Ffilter.popmonetizer.net%2F&cc=GBP&ch=bf_landingpage&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320665405%3A86789360-37950%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26bid%3D37950%26campaignId%3D2808422%26pid%3D86789360&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Afootball%3Awc%3A2022%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=2%3A37%20AM%7CFriday&v6=2%3A37%20AM%7CFriday&v11=GBP&c14=New&v14=New&c16=1669948652&v21=Not%20Logged-In&c73=unibet&c74=29238422472818200629167545474799153879&v99=29238422472818200629167545474799153879&v120=popunder&v121=1%3A320665405%3A86789360-37950&v122=NONE&v124=2808422&v125=320665405_F7267A7519354AAA811A1559D7EE5D53&v126=86789360&v127=37950&v134=1669948652&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1920&bh=1080&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
date: Fri, 02 Dec 2022 02:37:34 GMT
expires: Thu, 01 Dec 2022 02:37:34 GMT
last-modified: Sat, 03 Dec 2022 02:37:34 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3586187428711301120-4619666936255898067
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg
34.120.237.76200 OK 1.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 367a113e3826442861c63ba501d2d67d
764f6910ecc1ee436a70aa83f5bd363c2e500341
5e5cc53aba99e68211c86a2fd83ac4a023d1c82875d60a09d52875ef129cbb71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 1654
x-amzn-requestid: 537d523f-a3fb-4514-bda5-ecc834c1ed39
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgBEFNIAMFTjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dff-0c12ccea20e953c236ca2b1b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IXNpFJsiqPvrg8f-op2tcIVW2qoV7ZPm12wsTTXfYu0369N4Csy8BA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:06:58 GMT
age: 16239
etag: "764f6910ecc1ee436a70aa83f5bd363c2e500341"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/utv-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/utv-logo.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/utv-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 28 Nov 2022 13:31:57 GMT
etag: W/"0x8DAD144EC5A693D"
x-ms-request-id: a2fad51d-401e-003f-082e-03daa1000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 306225
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6c981b0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-casino.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-casino.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/icon-casino.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: u/57C1Al21ESpXtbDs6sbw==
last-modified: Mon, 28 Nov 2022 13:32:00 GMT
etag: W/"0x8DAD144EDEFC297"
x-ms-request-id: 65dca035-e01e-0026-142e-035a1a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 306225
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6c981e0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/com-payments.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/com-payments.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/com-payments.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 28 Nov 2022 13:31:58 GMT
etag: W/"0x8DAD144ECAF33B2"
x-ms-request-id: 9c6ff72a-a01e-0018-0d2e-03cd65000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 306225
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6c98200b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.itskiddoan.club/?rb=wN-DX3h3EyzOkIhLzAc5mULurJukJhQjpSExd1Z5ML0VDWTK2NG6GXmcoNtfsCJ1iZSGP2qBtyB6y3x3nLBRleibIJwrz9LkMcSDTISLMkRu5b5V8w84Z9Dxbpx5tc53h0kLHCTvdLA1kVlkwCYLDrvBQ1r640qgV_uNTNCv6hsPtQfQ8JJYwOjuTOKmO5tZwXF69Iru344VJxYXyd1RDQP8cHjxXQ26620syERFGlcY0rV91z5OmQHdJzc%3D&request_ab2=96002&zoneid=5545339&js_build=iclick-v1.457.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.457.0&bs=ba36c1fd-4cf7-40e7-91ec-57b5a2de3024&userId=5f4d79afb4554c7e8d9561d0bde95d20&m=link
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddoan.club/?rb=wN-DX3h3EyzOkIhLzAc5mULurJukJhQjpSExd1Z5ML0VDWTK2NG6GXmcoNtfsCJ1iZSGP2qBtyB6y3x3nLBRleibIJwrz9LkMcSDTISLMkRu5b5V8w84Z9Dxbpx5tc53h0kLHCTvdLA1kVlkwCYLDrvBQ1r640qgV_uNTNCv6hsPtQfQ8JJYwOjuTOKmO5tZwXF69Iru344VJxYXyd1RDQP8cHjxXQ26620syERFGlcY0rV91z5OmQHdJzc%3D&request_ab2=96002&zoneid=5545339&js_build=iclick-v1.457.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.457.0&bs=ba36c1fd-4cf7-40e7-91ec-57b5a2de3024&userId=5f4d79afb4554c7e8d9561d0bde95d20&m=link
IP 139.45.197.236:0
GET /?rb=wN-DX3h3EyzOkIhLzAc5mULurJukJhQjpSExd1Z5ML0VDWTK2NG6GXmcoNtfsCJ1iZSGP2qBtyB6y3x3nLBRleibIJwrz9LkMcSDTISLMkRu5b5V8w84Z9Dxbpx5tc53h0kLHCTvdLA1kVlkwCYLDrvBQ1r640qgV_uNTNCv6hsPtQfQ8JJYwOjuTOKmO5tZwXF69Iru344VJxYXyd1RDQP8cHjxXQ26620syERFGlcY0rV91z5OmQHdJzc%3D&request_ab2=96002&zoneid=5545339&js_build=iclick-v1.457.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.457.0&bs=ba36c1fd-4cf7-40e7-91ec-57b5a2de3024&userId=5f4d79afb4554c7e8d9561d0bde95d20&m=link HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://strtapewithadblock.art/
Origin: https://strtapewithadblock.art
Connection: keep-alive
Cookie: OAID=486a93d8fc36498f96f2b19224f3b51b; oaidts=1669948650
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:31 GMT
content-type: application/json
x-trace-id: afb1a5c19388a9d69e8202f104bdb95a
access-control-allow-origin: https://strtapewithadblock.art
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=5f4d79afb4554c7e8d9561d0bde95d20; expires=Sat, 02 Dec 2023 02:37:31 GMT; path=/; secure; SameSite=None
oaidts=1669948651; expires=Sat, 02 Dec 2023 02:37:31 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 09 Dec 2022 02:37:31 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/61426822?wmode=7&page-url=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1491%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1599770404005%3Ahid%3A523329882%3Az%3A0%3Ai%3A20221202023728%3Aet%3A1669948649%3Ac%3A1%3Arn%3A1055406885%3Arqn%3A1%3Au%3A1669948649824226634%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C362%2C141%2C1%2C233%2C0%2C%2C748%2C3%2C%2C%2C%2C1527%3Aco%3A0%3Ans%3A1669948646832%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669948649%3At%3AStreamtape.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/61426822?wmode=7&page-url=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1491%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1599770404005%3Ahid%3A523329882%3Az%3A0%3Ai%3A20221202023728%3Aet%3A1669948649%3Ac%3A1%3Arn%3A1055406885%3Arqn%3A1%3Au%3A1669948649824226634%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C362%2C141%2C1%2C233%2C0%2C%2C748%2C3%2C%2C%2C%2C1527%3Aco%3A0%3Ans%3A1669948646832%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669948649%3At%3AStreamtape.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
GET /watch/61426822?wmode=7&page-url=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1491%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1599770404005%3Ahid%3A523329882%3Az%3A0%3Ai%3A20221202023728%3Aet%3A1669948649%3Ac%3A1%3Arn%3A1055406885%3Arqn%3A1%3Au%3A1669948649824226634%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C362%2C141%2C1%2C233%2C0%2C%2C748%2C3%2C%2C%2C%2C1527%3Aco%3A0%3Ans%3A1669948646832%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669948649%3At%3AStreamtape.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://strtapewithadblock.art
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1491%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1599770404005%3Ahid%3A523329882%3Az%3A0%3Ai%3A20221202023728%3Aet%3A1669948649%3Ac%3A1%3Arn%3A1055406885%3Arqn%3A1%3Au%3A1669948649824226634%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C362%2C141%2C1%2C233%2C0%2C%2C748%2C3%2C%2C%2C%2C1527%3Aco%3A0%3Ans%3A1669948646832%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669948649%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 02 Dec 2022 02:37:30 GMT
access-control-allow-origin: https://strtapewithadblock.art
set-cookie: yabs-sid=405917291669948650; Path=/; SameSite=None; Secure
i=zWyd57GF9ymPBml+wk1qdPK+Zdop/hMKDrrHOvHJB60HRPgTCPv4EDLpG/3aCMC4oqVAv+utxi+vWpG89/EAhg/GfxA=; Expires=Mon, 29-Nov-2032 02:37:29 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=8407396181669948650; Expires=Sat, 02-Dec-2023 02:37:30 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8407396181669948650; Expires=Sat, 02-Dec-2023 02:37:30 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701484650.yc.1669948650#1701484650.yrts.1669948650#1701484650.yrtsi.1669948650; Expires=Sat, 02-Dec-2023 02:37:30 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 02:37:30 GMT
last-modified: Fri, 02-Dec-2022 02:37:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
interstitial-07.com/?l=e5zMBJZ8vMQOyk1&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcdn.uponelectabuzzor.club%2F12%3Frnd%3D459635931%26z%3D4787949%26b%3D15866563%26c%3D6360719%26var%3D%26d%3Dhttps%253A%252F%252Fgamingonline.top%252Fbase.php%253Fc%253D1628%2526key%253D8617f3a8310ccf2d8b37c005c596922e%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DCelHlO0UZJwQYhDLzylcT2tvjCqwDBqHTlzLZMhhxZQjB8Xmh3b2tCad3hicU_u0b7lHTV04JC-0xUStHkXYptQRPlYnZOkTAq8_jJ3DzoMkZr1lwBbL7ClbNbIgAHycv3AdQUWFuNqZjrhcp9l78NwSJJGAgiEsIL_wCQDK6CMY50C_WRzUDIB4Raya4AEaDEPUctL6nH6rQfe1FdJ_v5v3QmxsRiftcb9FKTtyL2rmPOTyWlXt_QjAcYerGT5vQ_Zoeow8Z0YTVfGb07OUHSZWqbRO1dg2ZwE6sRmCtCLNLiHSo6mZH-pT7o3bkOt0ck4VG2-yXYKB6prVUGPBYUAxtWU9dR38XNwVDXY7ZFQEdy22hwTm0iv0BDkcSToLQmcXpbRPMn6s03Hw7Ddc7jCytSMVRwQeEN8-hJBRmQ82EsQgE1IacBZiei4yDiqS95Q3UPTmZFcBtyy1LiSYL1xSem0aMu9x5wA7cXbM0xOY2zpfAYQsRy0ywhC3wBxfGX_gPztgr_cX2cUzv6U_AvtV5BI894aqum1rXW-b8EASIPtmiQ6mVI-sR7M_qFSnQ4VUvG7mGhxWQMw1qEw9F6YdTVUm-kTThS46_L84WlcE6eqV1zJWmt8kNWkGrohR3-oFDAjDp_DHXRtPoA6Zqg%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D2a0d9470-8ee1-416a-80bb-258ed3e00c08%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fstrtapewithadblock.art%252Fe%252FyBq1vVjQlos1Pm6%252F2022-10-17_18-23-36.mkv.mp4%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.152200 OK 0 B URL HTTP/2 interstitial-07.com/?l=e5zMBJZ8vMQOyk1&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcdn.uponelectabuzzor.club%2F12%3Frnd%3D459635931%26z%3D4787949%26b%3D15866563%26c%3D6360719%26var%3D%26d%3Dhttps%253A%252F%252Fgamingonline.top%252Fbase.php%253Fc%253D1628%2526key%253D8617f3a8310ccf2d8b37c005c596922e%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DCelHlO0UZJwQYhDLzylcT2tvjCqwDBqHTlzLZMhhxZQjB8Xmh3b2tCad3hicU_u0b7lHTV04JC-0xUStHkXYptQRPlYnZOkTAq8_jJ3DzoMkZr1lwBbL7ClbNbIgAHycv3AdQUWFuNqZjrhcp9l78NwSJJGAgiEsIL_wCQDK6CMY50C_WRzUDIB4Raya4AEaDEPUctL6nH6rQfe1FdJ_v5v3QmxsRiftcb9FKTtyL2rmPOTyWlXt_QjAcYerGT5vQ_Zoeow8Z0YTVfGb07OUHSZWqbRO1dg2ZwE6sRmCtCLNLiHSo6mZH-pT7o3bkOt0ck4VG2-yXYKB6prVUGPBYUAxtWU9dR38XNwVDXY7ZFQEdy22hwTm0iv0BDkcSToLQmcXpbRPMn6s03Hw7Ddc7jCytSMVRwQeEN8-hJBRmQ82EsQgE1IacBZiei4yDiqS95Q3UPTmZFcBtyy1LiSYL1xSem0aMu9x5wA7cXbM0xOY2zpfAYQsRy0ywhC3wBxfGX_gPztgr_cX2cUzv6U_AvtV5BI894aqum1rXW-b8EASIPtmiQ6mVI-sR7M_qFSnQ4VUvG7mGhxWQMw1qEw9F6YdTVUm-kTThS46_L84WlcE6eqV1zJWmt8kNWkGrohR3-oFDAjDp_DHXRtPoA6Zqg%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D2a0d9470-8ee1-416a-80bb-258ed3e00c08%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fstrtapewithadblock.art%252Fe%252FyBq1vVjQlos1Pm6%252F2022-10-17_18-23-36.mkv.mp4%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.152:0
GET /?l=e5zMBJZ8vMQOyk1&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcdn.uponelectabuzzor.club%2F12%3Frnd%3D459635931%26z%3D4787949%26b%3D15866563%26c%3D6360719%26var%3D%26d%3Dhttps%253A%252F%252Fgamingonline.top%252Fbase.php%253Fc%253D1628%2526key%253D8617f3a8310ccf2d8b37c005c596922e%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DCelHlO0UZJwQYhDLzylcT2tvjCqwDBqHTlzLZMhhxZQjB8Xmh3b2tCad3hicU_u0b7lHTV04JC-0xUStHkXYptQRPlYnZOkTAq8_jJ3DzoMkZr1lwBbL7ClbNbIgAHycv3AdQUWFuNqZjrhcp9l78NwSJJGAgiEsIL_wCQDK6CMY50C_WRzUDIB4Raya4AEaDEPUctL6nH6rQfe1FdJ_v5v3QmxsRiftcb9FKTtyL2rmPOTyWlXt_QjAcYerGT5vQ_Zoeow8Z0YTVfGb07OUHSZWqbRO1dg2ZwE6sRmCtCLNLiHSo6mZH-pT7o3bkOt0ck4VG2-yXYKB6prVUGPBYUAxtWU9dR38XNwVDXY7ZFQEdy22hwTm0iv0BDkcSToLQmcXpbRPMn6s03Hw7Ddc7jCytSMVRwQeEN8-hJBRmQ82EsQgE1IacBZiei4yDiqS95Q3UPTmZFcBtyy1LiSYL1xSem0aMu9x5wA7cXbM0xOY2zpfAYQsRy0ywhC3wBxfGX_gPztgr_cX2cUzv6U_AvtV5BI894aqum1rXW-b8EASIPtmiQ6mVI-sR7M_qFSnQ4VUvG7mGhxWQMw1qEw9F6YdTVUm-kTThS46_L84WlcE6eqV1zJWmt8kNWkGrohR3-oFDAjDp_DHXRtPoA6Zqg%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D2a0d9470-8ee1-416a-80bb-258ed3e00c08%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fstrtapewithadblock.art%252Fe%252FyBq1vVjQlos1Pm6%252F2022-10-17_18-23-36.mkv.mp4%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
set-cookie: reverse=40TawbkARgZ92C2usTVFEp_7gAXYMTbV_17Zw10sPWQ; expires=Fri, 02-Dec-2022 03:37:31 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-main.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-main.js
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/1-main.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: EqJ6l4cI9XyehxuJDe4EbA==
last-modified: Mon, 28 Nov 2022 13:31:57 GMT
etag: W/"0x8DAD144EC00E48F"
x-ms-request-id: afdbac43-801e-0030-032e-03accd000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 306225
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6c88160b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/unibet-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/unibet-logo.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 28 Nov 2022 13:31:58 GMT
etag: W/"0x8DAD144EC848066"
x-ms-request-id: 561aba3e-701e-0079-042e-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 2479
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6c981a0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
216.58.207.202200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 216.58.207.202:0
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 02:37:33 GMT
date: Fri, 02 Dec 2022 02:37:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
goomaphy.com/400/4787872
139.45.197.239200 OK 0 B IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/4787872 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:30 GMT
content-type: application/javascript
x-trace-id: 4dc895b2b69fea40d12c90b3e080ccdb
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=42633977e2e149efa594e03bd805b26e; expires=Sat, 02 Dec 2023 02:37:30 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.84.149200 OK 0 B IP 104.21.84.149:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:30 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1191
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orsnSmJwyQUexajNMQG%2BnYLZHtJzR%2B1beSkTz3pHA4W9pi8QwXA5xh5VTeRiLlgzdolYEfDMqyRch5KVKSA0vvdOOw6ZTFEK33B3SxT1%2BxYoD1ZURNMXpCiaR8iXmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae589f14b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.itskiddien.club/apu.php?zoneid=5545330
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=5545330
IP 139.45.197.236:0
GET /apu.php?zoneid=5545330 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:30 GMT
content-type: application/javascript
x-trace-id: 31b367a0d703d06caae3e8145ad1fb46
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=885c152a4f6b40feb4edfa38b530e272; expires=Sat, 02 Dec 2023 02:37:30 GMT; path=/; secure; SameSite=None
oaidts=1669948650; expires=Sat, 02 Dec 2023 02:37:30 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.nu/custom.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/custom.js
IP 104.18.25.188:0
GET /custom.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 126f410e-701e-000b-2310-f9e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 208559
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6c98190b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gambling-commission.png
104.18.25.188404 Not Found 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gambling-commission.png
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/gambling-commission.png HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: application/xml
x-ms-request-id: d1d72c05-201e-0016-7df6-05e4d5000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 122
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6c981f0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: aKFt6UnI1NUrF+upCSAbIA==
last-modified: Mon, 28 Nov 2022 13:31:59 GMT
etag: W/"0x8DAD144ED1D9CEE"
x-ms-request-id: e9b0b4f7-401e-005d-682e-031886000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 306225
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6c98210b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/9?z=4787949&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=5f4d79afb4554c7e8d9561d0bde95d20
139.45.197.239200 OK 0 B URL HTTP/2 cdn.uponelectabuzzor.club/9?z=4787949&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=5f4d79afb4554c7e8d9561d0bde95d20
IP 139.45.197.239:0
POST /9?z=4787949&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstrtapewithadblock.art%2Fe%2FyBq1vVjQlos1Pm6%2F2022-10-17_18-23-36.mkv.mp4&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=5f4d79afb4554c7e8d9561d0bde95d20 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 84
Origin: https://strtapewithadblock.art
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Cookie: scm=1; OAID=f9ca2f96188d435e902639a713f78373; oaidts=1669948650
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:31 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://strtapewithadblock.art
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: dededec6537881571ff830be1d3865d9
access-control-expose-headers: X-Sc
set-cookie: OAID=5f4d79afb4554c7e8d9561d0bde95d20; expires=Sat, 02 Dec 2023 02:37:31 GMT; secure; SameSite=None
oaidts=1669948650; expires=Sat, 02 Dec 2023 02:37:31 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddoan.club/apu.php?zoneid=5545339
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddoan.club/apu.php?zoneid=5545339
IP 139.45.197.236:0
GET /apu.php?zoneid=5545339 HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://strtapewithadblock.art/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:30 GMT
content-type: application/javascript
x-trace-id: 61ec5ff0b27ad9de25e21959eb09843c
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=486a93d8fc36498f96f2b19224f3b51b; expires=Sat, 02 Dec 2023 02:37:30 GMT; path=/; secure; SameSite=None
oaidts=1669948650; expires=Sat, 02 Dec 2023 02:37:30 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-trust.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-trust.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/icon-trust.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 28 Nov 2022 13:32:00 GMT
etag: W/"0x8DAD144EDF69F62"
x-ms-request-id: 7fc6adee-f01e-0067-3e2e-0302fe000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 306225
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6c981c0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-expert.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-expert.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/icon-expert.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 28 Nov 2022 13:32:00 GMT
etag: W/"0x8DAD144EDFDF14E"
x-ms-request-id: 0ae8f43d-c01e-0043-522e-03f45e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 306225
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6c981d0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=129324989
139.45.197.236200 OK 0 B URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=129324989
IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=129324989 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:37:31 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: b151f4df733ba07eb95259ca8055dc74
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/no-payments.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/no-payments.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/no-payments.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 28 Nov 2022 13:31:59 GMT
etag: W/"0x8DAD144ED00071A"
x-ms-request-id: 54cf505c-f01e-002a-5d2e-03cd12000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 494
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6e18800b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/18-plus.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/18-plus.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/18-plus.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86789360-37950&btag=320665405_F7267A7519354AAA811A1559D7EE5D53&bid=37950&campaignId=2808422&pid=86789360
Cookie: __ucbt=node01rjmayxq7ck8z1fije10uu7uu; uniattr=ST.0.T; uniattr_ref="https://filter.popmonetizer.net/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_F7267A7519354AAA811A1559D7EE5D53; BID=37950; PID=86789360; REFERER=https%3A%2F%2Ffilter.popmonetizer.net%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_F7267A7519354AAA811A1559D7EE5D53%26sref%3DTRM%26TRM%3DdL_119050.242451_479413%26affiliateId%3D1%26pid%3D86789360%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:37:33 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Mon, 28 Nov 2022 13:31:58 GMT
etag: W/"0x8DAD144EC6AE193"
x-ms-request-id: 561abf3d-701e-0079-582e-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 306223
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730ae6e28820b59-OSL
content-encoding: br
X-Firefox-Spdy: h2