svwipe.com/clickout/13865/212144/
172.67.131.225302 Found 0 B URL HTTP/1.1 svwipe.com/clickout/13865/212144/
IP 172.67.131.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /clickout/13865/212144/ HTTP/1.1
Host: svwipe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 09 Jan 2023 16:09:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=olr25a51idl4a8r2hlv3eho7hu; path=/
Expires: Mon, 09 Jan 2023 16:09:14 GMT
Cache-Control: no-cache
Pragma: no-cache
Location: https://happywithvegas.com/l/62728fd833fc2d03ec3ab3e3?click_id=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&sub_id=17855
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayfkMzQr2KEa6SIyoQkINNOVaaugvgvbXMC46p2QgH%2FbPMC2XdP22v8c0y0Kho4MtCyP5vOqw9KZGtKmYGx7l7PDVhj7tVsRiCMNrH202A%2FoMOLib8tVI8auXlzr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 786e6fa74918b50b-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eecebe0566883e33558e8e67beaccb29
acdd8fd09e2066ed5ecfbc3f11c4a2d61218ecc7
65e21170242bf41eb529fa422385dbe5af65a61e374e6dd5669e7e5f927948af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65E21170242BF41EB529FA422385DBE5AF65A61E374E6DD5669E7E5F927948AF"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3051
Expires: Mon, 09 Jan 2023 17:00:05 GMT
Date: Mon, 09 Jan 2023 16:09:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8854
Expires: Mon, 09 Jan 2023 18:36:48 GMT
Date: Mon, 09 Jan 2023 16:09:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 09 Jan 2023 15:41:41 GMT
content-type: application/json
age: 1653
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10181
Expires: Mon, 09 Jan 2023 18:58:55 GMT
Date: Mon, 09 Jan 2023 16:09:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XsiRqz1wXSJMpXcmWKml0JmOkUgn44o/685+vbEgVchUY4wjRAXwYgc4gvs0cPwabDI7DmF1SJsj75w3K13MUQ==
x-amz-request-id: 1GGHN3NYVS03FNKA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 09 Jan 2023 15:16:16 GMT
age: 3178
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 16:09:14 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c47d0bc80a63ae19c27a8f83372bf687
e278d80b5c40642bd4958ead48c2fc896cd39258
9618c4cf197728d65ece48a2a04f59981ccb909e1466c8b7e8e2d5d493df622d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=157168
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:14 GMT
Etag: "63bbff1a-117"
Expires: Wed, 11 Jan 2023 11:48:42 GMT
Last-Modified: Mon, 09 Jan 2023 11:48:42 GMT
Server: nginx
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 09 Jan 2023 15:33:44 GMT
age: 2130
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c47d0bc80a63ae19c27a8f83372bf687
e278d80b5c40642bd4958ead48c2fc896cd39258
9618c4cf197728d65ece48a2a04f59981ccb909e1466c8b7e8e2d5d493df622d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=157168
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:14 GMT
Etag: "63bbff1a-117"
Expires: Wed, 11 Jan 2023 11:48:42 GMT
Last-Modified: Mon, 09 Jan 2023 11:48:42 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8e0c910ffff02061a1806b1aa8cf9d2
c5bf0e7ad96e89b17a657fcb1e1cd1aa6d15ab89
896f08fa0030a1313df1f05ef47c5d1f11caa9094380fc026b95193164005448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 308
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:15 GMT
Last-Modified: Mon, 09 Jan 2023 16:04:07 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ecb72a76c68deae081c88efe77859ad3
28cfa59b6ed67c36faad03309e92a852914438d4
2d7880c6eecd642cd8fb6e1ce4f980ad64fcc1a0c8f30086e697664ad9ec878f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=112525
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:14 GMT
Etag: "63bb50b7-117"
Expires: Tue, 10 Jan 2023 23:24:39 GMT
Last-Modified: Sun, 08 Jan 2023 23:24:39 GMT
Server: nginx
Content-Length: 279
push.services.mozilla.com/
52.42.234.253101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.234.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kjoI3sZ2Gy19VfkD2RU0dg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: z2gavdLgc5ZWjBuTFkopCO7OSPM=
vvegas-today.com/static/template/54/img/001.gif
203.23.104.94200 OK 116 kB URL HTTP/2 vvegas-today.com/static/template/54/img/001.gif
IP 203.23.104.94:0
ASN #209242 Cloudflare London, LLC
File type GIF image data, version 89a, 660 x 290\012- data
Size 116 kB (115935 bytes)
Hash a8eddd46886225678a56119e8905a422
a31ef5f7de30168dd0d899245b39e0b10b3c8d3d
ac31df8208986eea662647d3ed3da7813c7338c78a07cbb949141117bc75cda5
GET /static/template/54/img/001.gif HTTP/1.1
Host: vvegas-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vvegas-today.com/?s=54&ref=vp_w47329c118609l4425gnop252_17855&encoded_url=cmVnaXN0ZXI=&click_id=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6
Cookie: visit3b90a2078e080971b99d6c82a43939d4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:15 GMT
content-type: image/gif
content-length: 115935
last-modified: Wed, 14 Dec 2022 12:12:51 GMT
etag: "6399bdc3-1c4df"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 786e6faedddfb512-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ff82f8efd6d04bdaa0f3020f7b924048
87bbad7853918e6a41d80a903b46c8999c80cb25
54030fc6b3800e3681ced179493735cee79c52ad1e9a7cd852ce9576d2aefab3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3108
Cache-Control: max-age=165318
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:15 GMT
Etag: "63bc12cd-117"
Expires: Wed, 11 Jan 2023 14:04:33 GMT
Last-Modified: Mon, 09 Jan 2023 13:12:45 GMT
Server: ECS (amb/6B86)
X-Cache: HIT
Content-Length: 279
vvegas-today.com/js/base64.js
203.23.104.94200 OK 1.4 kB URL HTTP/2 vvegas-today.com/js/base64.js
IP 203.23.104.94:0
ASN #209242 Cloudflare London, LLC
Hash 8fc914e401144c7addae0435192161aa
8a0c3459e170ed038245f2d1602795d47ee5a83a
f28792c7582bc603809b102fa2b678f882c9f8f74cfe5fde2e276d47cfcaf751
GET /js/base64.js HTTP/1.1
Host: vvegas-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vvegas-today.com/?s=54&ref=vp_w47329c118609l4425gnop252_17855&encoded_url=cmVnaXN0ZXI=&click_id=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6
Cookie: visit3b90a2078e080971b99d6c82a43939d4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:15 GMT
content-type: application/javascript
last-modified: Wed, 14 Dec 2022 12:12:51 GMT
etag: W/"6399bdc3-eca"
cache-control: public, no-cache
content-encoding: gzip
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 786e6faedddbb512-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8bcaf107903eeb310cb221a9b08d7fbc
5f962a5ae4fe57dce398d7427642f6c7dc414f51
81b308c3aa9b3f8271de5e03f01e54a335910394043151186d63cd2df7da02c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=168741
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:15 GMT
Etag: "63bc2c50-117"
Expires: Wed, 11 Jan 2023 15:01:36 GMT
Last-Modified: Mon, 09 Jan 2023 15:01:36 GMT
Server: nginx
Content-Length: 279
vegac-24.org/blank.gif?1673280542515
203.34.80.53200 OK 43 B URL HTTP/2 vegac-24.org/blank.gif?1673280542515
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /blank.gif?1673280542515 HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vvegas-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:15 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
x-envoy-upstream-service-time: 0
x-frame-options: DENY
cf-cache-status: MISS
expires: Mon, 09 Jan 2023 20:09:15 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 786e6fb0dba3b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vvegas-today.com/static/template/54/css/style.css
203.23.104.94200 OK 470 B URL HTTP/2 vvegas-today.com/static/template/54/css/style.css
IP 203.23.104.94:0
ASN #209242 Cloudflare London, LLC
Hash 72d6abb3ae24bcf61a6b0b434b381c6e
2370e6fe69f0a3dee3d3dcbc98997ce57c24ca45
66ce2487cbedf86f4b6b3669bceff0889c927331536b84598c336823829f8a65
GET /static/template/54/css/style.css HTTP/1.1
Host: vvegas-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vvegas-today.com/?s=54&ref=vp_w47329c118609l4425gnop252_17855&encoded_url=cmVnaXN0ZXI=&click_id=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6
Cookie: visit3b90a2078e080971b99d6c82a43939d4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:15 GMT
content-type: text/css
last-modified: Wed, 14 Dec 2022 12:12:51 GMT
etag: W/"6399bdc3-451"
cache-control: public, no-cache
content-encoding: gzip
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 786e6faecdd4b512-OSL
X-Firefox-Spdy: h2
vulkavegas239.com/blank.gif?1673280542514
203.30.190.149200 OK 43 B URL HTTP/2 vulkavegas239.com/blank.gif?1673280542514
IP 203.30.190.149:0
ASN #209242 Cloudflare London, LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /blank.gif?1673280542514 HTTP/1.1
Host: vulkavegas239.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vvegas-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:16 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
x-envoy-upstream-service-time: 0
x-frame-options: DENY
cf-cache-status: MISS
expires: Mon, 09 Jan 2023 20:09:16 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 786e6fb1ecc8b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sat.crwds.net/p/gnt908wk0bl6xyll5bj94zafs74gwo53/50cfb6cc4fdddd91ce5fb8b47809880c.jpg
203.30.191.209200 OK 279 B URL HTTP/2 sat.crwds.net/p/gnt908wk0bl6xyll5bj94zafs74gwo53/50cfb6cc4fdddd91ce5fb8b47809880c.jpg
IP 203.30.191.209:0
ASN #209242 Cloudflare London, LLC
Hash ff82f8efd6d04bdaa0f3020f7b924048
87bbad7853918e6a41d80a903b46c8999c80cb25
54030fc6b3800e3681ced179493735cee79c52ad1e9a7cd852ce9576d2aefab3
GET /p/gnt908wk0bl6xyll5bj94zafs74gwo53/50cfb6cc4fdddd91ce5fb8b47809880c.jpg HTTP/1.1
Host: sat.crwds.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vvegas-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:15 GMT
content-type: image/jpeg
cache-control: no-cache, private
set-cookie: _7jt1oxhp4z=eyJpdiI6IjcxUkZQVG5yMWRHUmpmWDI5dTJCL1E9PSIsInZhbHVlIjoiakZvcXpKbmVMUDdteHJsUnhqZkJTbnNWeUFuNlBqR0RrTWN5WGdPMGwxalA1bmltWGt0M1Fub25YMVRUYzhEczRwOEltbGpFL0ZYNWlhRC9FQTBLU1ptZ1RudEpRYS9Ib1RMbzRiSFhkWTQ9IiwibWFjIjoiNzM4NzQ1NDU1YjVmY2FkYjAzNmRhN2Y0NzI4NDEzZWIyM2M4MWJjM2M4Yjc0MjdjYTE2ZWMxMzRlNmIyNDQ5NiIsInRhZyI6IiJ9; expires=Tue, 09-Jan-2024 16:09:15 GMT; Max-Age=31536000; path=/; domain=.crwds.net; secure; httponly; samesite=none
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786e6fb1cc881c16-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8bcaf107903eeb310cb221a9b08d7fbc
5f962a5ae4fe57dce398d7427642f6c7dc414f51
81b308c3aa9b3f8271de5e03f01e54a335910394043151186d63cd2df7da02c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=168740
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:16 GMT
Etag: "63bc2c50-117"
Expires: Wed, 11 Jan 2023 15:01:36 GMT
Last-Modified: Mon, 09 Jan 2023 15:01:36 GMT
Server: nginx
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4603
Expires: Mon, 09 Jan 2023 17:25:59 GMT
Date: Mon, 09 Jan 2023 16:09:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4603
Expires: Mon, 09 Jan 2023 17:25:59 GMT
Date: Mon, 09 Jan 2023 16:09:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4603
Expires: Mon, 09 Jan 2023 17:25:59 GMT
Date: Mon, 09 Jan 2023 16:09:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0473691ea0d4426c66441d3e049b139
2ba1b24cc0f903a534458642236adc8495d87519
5475d4935fea484eabbac57be8e5604952f59374e1ccf26392c3283d39b96a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 173c95c5-690c-4381-9cf1-cb31e4456f14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eQd8LF0YoAMFTUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b676b4-0b9191ab25e33cb436995203;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 07:05:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ugd6PvgcQYjFctkOjVM5zXz3muWfr3o-8qf2hLbu-B_orF1ruOiTGQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 06:00:42 GMT
age: 36514
etag: "2ba1b24cc0f903a534458642236adc8495d87519"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210f951bd43cd838048f3568adb84c8c
db87b6eeaad681f1232c104dd4d0a902a921ed6d
b0d21c80c6c53ba04c8b216f6428a0e8b8eff4ca16f44c31782857d4a2749c39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9407
x-amzn-requestid: 08f125d6-46ed-4a83-98bc-94f688def00c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP6aMG3loAMFU5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63dda-06f1fa975f43a24564b86524;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:02:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k0I4uqn27E14rCjKRum0DI7tFL0wolIQzcIKK5WVdsqhcds4uIF0ig==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 07:01:34 GMT
age: 32862
etag: "db87b6eeaad681f1232c104dd4d0a902a921ed6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0b75a93b9f0106516f046eb424b0c8d9
c9509f976390441bbd3bd7521cb1848f4f481fd0
0b69fd368ef68510387a871acfffe82afc4414163c661f76e574dffdcc94104a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12971
x-amzn-requestid: ed6346eb-d3ae-4343-8eab-b4321aad3135
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eXEBqG97IAMF3Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b91a0a-4eb212756fcc0d3175dd0225;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 07:06:50 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: m2BuFpIx0utir3G3NvMxAz8nTBmTl_nKgyMuEcM80DMRc9uinAl-mw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 f958a3846d80a3925f664b320dfad9c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 05:40:49 GMT
age: 37707
etag: "c9509f976390441bbd3bd7521cb1848f4f481fd0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab696bdd-92ae-4c01-855b-6bbe0e8165ad.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab696bdd-92ae-4c01-855b-6bbe0e8165ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0189748e9478c37ab22a71c0826ca99
08186f7c9717eb7165ee8b9b803760da967b82e7
40a9b3a38f6799c2005bc7cc2716104b175a2178efc8029188b9aff19e598483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab696bdd-92ae-4c01-855b-6bbe0e8165ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8866
x-amzn-requestid: b4a6c607-98b7-4689-96c3-646756db23df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZblsHkmIAMFzKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba0c8a-02beb65706f8d3d44a812788;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 00:21:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: srbfQR2lJE50a5MosYUJWfF3NH981wGEoH63Oz2n1MptH8LlKJZ-ZQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 05:43:51 GMT
age: 37525
etag: "08186f7c9717eb7165ee8b9b803760da967b82e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0defc5fd929d3ca7df12b102b551453
f44e4ac4a10991e12994e3b5d6f3cc1b1658967a
f551a1c156ec30405668d66bff9e1359805b773457602e44748be80cbb1f8a23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4687
x-amzn-requestid: 18bf71d4-030e-4a08-ae18-48fe037e6e0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ7GzXIAMFnFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-710f414a2d1b239f6d59d73a;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wkKw4Bgb_vxuY641mGDczUNQUfGXiozbOtpFwfK6aThfJj_q5T_IDg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:49:53 GMT
age: 44363
etag: "f44e4ac4a10991e12994e3b5d6f3cc1b1658967a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 405085aa-d0f5-4786-8fd7-46d74a6e8d1e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecaIxGdkIAMFaBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb3d6b-07f34cbf7e1df2fa7a4d8982;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 22:02:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mRyiYL1hTv7MvjLg92gwPBszcW1mqdKadIcQVG_rsQ6b15uyGkyZbQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 02:16:11 GMT
age: 49985
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vvegas-today.com/away.php?visitorId=63bc3c2bdff9916624593a9a&duration=3&reason=success_ping&to=aHR0cHM6Ly92ZWdhYy0yNC5vcmcvcmVnaXN0ZXI%2FcmVmPXZwX3c0NzMyOWMxMTg2MDlsNDQyNWdub3AyNTJfMTc4NTUmYWZmZGF0YSU1QnN1YmRhdGElNUQ9NTBjZmI2Y2M0ZmRkZGQ5MWNlNWZiOGI0NzgwOTg4MGMmYWZmZGF0YSU1QmNsaWNrX2lkJTVEPThhYmI1ZmJjMGYxM2ZkODliOTE4NzhiYjU0ZWU3ODczZGQ5YTBkNzk3YWUyNmUxOTkzMDVhZGE3MzAyYWUwYzYmYWZmZGF0YSU1QmdlbyU1RD1ubyZhZmZkYXRhJTVCcm90YXRvciU1RD0xMTg2MDkmYWZmZGF0YSU1QmxhbmRpbmclNUQ9NDQyNSZhZmZkYXRhJTVCc3ViX2lkJTVEPTE3ODU1
203.23.104.94302 Found 0 B URL HTTP/2 vvegas-today.com/away.php?visitorId=63bc3c2bdff9916624593a9a&duration=3&reason=success_ping&to=aHR0cHM6Ly92ZWdhYy0yNC5vcmcvcmVnaXN0ZXI%2FcmVmPXZwX3c0NzMyOWMxMTg2MDlsNDQyNWdub3AyNTJfMTc4NTUmYWZmZGF0YSU1QnN1YmRhdGElNUQ9NTBjZmI2Y2M0ZmRkZGQ5MWNlNWZiOGI0NzgwOTg4MGMmYWZmZGF0YSU1QmNsaWNrX2lkJTVEPThhYmI1ZmJjMGYxM2ZkODliOTE4NzhiYjU0ZWU3ODczZGQ5YTBkNzk3YWUyNmUxOTkzMDVhZGE3MzAyYWUwYzYmYWZmZGF0YSU1QmdlbyU1RD1ubyZhZmZkYXRhJTVCcm90YXRvciU1RD0xMTg2MDkmYWZmZGF0YSU1QmxhbmRpbmclNUQ9NDQyNSZhZmZkYXRhJTVCc3ViX2lkJTVEPTE3ODU1
IP 203.23.104.94:0
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /away.php?visitorId=63bc3c2bdff9916624593a9a&duration=3&reason=success_ping&to=aHR0cHM6Ly92ZWdhYy0yNC5vcmcvcmVnaXN0ZXI%2FcmVmPXZwX3c0NzMyOWMxMTg2MDlsNDQyNWdub3AyNTJfMTc4NTUmYWZmZGF0YSU1QnN1YmRhdGElNUQ9NTBjZmI2Y2M0ZmRkZGQ5MWNlNWZiOGI0NzgwOTg4MGMmYWZmZGF0YSU1QmNsaWNrX2lkJTVEPThhYmI1ZmJjMGYxM2ZkODliOTE4NzhiYjU0ZWU3ODczZGQ5YTBkNzk3YWUyNmUxOTkzMDVhZGE3MzAyYWUwYzYmYWZmZGF0YSU1QmdlbyU1RD1ubyZhZmZkYXRhJTVCcm90YXRvciU1RD0xMTg2MDkmYWZmZGF0YSU1QmxhbmRpbmclNUQ9NDQyNSZhZmZkYXRhJTVCc3ViX2lkJTVEPTE3ODU1 HTTP/1.1
Host: vvegas-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vvegas-today.com/?s=54&ref=vp_w47329c118609l4425gnop252_17855&encoded_url=cmVnaXN0ZXI=&click_id=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6
Cookie: visit3b90a2078e080971b99d6c82a43939d4=1; ping.54.414=1; ping.54.4120=1; ping.54.4151=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Mon, 09 Jan 2023 16:09:18 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://vegac-24.org/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786e6fc23a76b512-OSL
X-Firefox-Spdy: h2
vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
203.34.80.53200 OK 22 kB URL HTTP/2 vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
Hash 1cf88cf5ce0405d1b403ff64f94242ca
ebc3d44e95cfe0ec399737d0881cab814c75b477
19ef0e0d944e554769fff991912c2f4f5a3f58db9e4eb08ae6a3417cb460fc89
GET /en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855 HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vvegas-today.com/
Connection: keep-alive
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:18 GMT
content-type: text/html; charset=UTF-8
cache-control: private
link: </static/125028/assets/css/popups.css>; rel="preload"; as="style",</static/125028/assets/css/main.css>; rel="preload"; as="style",</static/125028/assets/js/main.js>; rel="preload"; as="script",</static/125028/assets/js/svg-icon-polyfill.min.js>; rel="preload"; as="script"
set-cookie: actionPay=deleted; expires=Sun, 09 Jan 2022 16:09:17 GMT; Max-Age=0; path=/; secure; httponly; samesite=none
refCode=vp_w47329c118609l4425gnop252_17855; expires=Wed, 08 Feb 2023 16:09:18 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; expires=Wed, 08 Feb 2023 16:09:18 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
landingId=4425; expires=Wed, 08 Feb 2023 16:09:18 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; expires=Mon, 23 Jan 2023 16:09:18 GMT; Max-Age=1209600; path=/; secure; samesite=none
x-upstream: fpm
x-envoy-upstream-service-time: 55
x-frame-options: DENY
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786e6fc37ad90b55-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed: </static/125028/assets/css/popups.css>,</static/125028/assets/css/main.css>,</static/125028/assets/js/main.js>,</static/125028/assets/js/svg-icon-polyfill.min.js>
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 303 kB IP 142.250.74.131:0
File type gzip compressed data, from Unix\012- data
Size 303 kB (302624 bytes)
Hash 4ebf8b61261dfbea5347191c7fd09e4c
a4fdc544e260e45238c3bb43c96380707f42887b
c22da889239400832e737f25d17e9f23766c3459e876dfb2e1a407d3105e383f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7a82bb3ba0a326fb70f08e8c0f60f482
705e262596426fe42f6255ea5235bb34963387bf
172b73337c73e68ac341cf3527a49a49ad688fb954b67500cadc434b0e84f640
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
142.250.74.164200 OK 577 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
IP 142.250.74.164:0
File type ASCII text, with very long lines (909), with no line terminators
Hash 269f412960a9d42ce45ed7066d1bcd89
b0a48cfa7f7626e81d01fb96ad43637435a898e8
35b4e6906c1bc9b5d08a15be59335ca19b61dbd402781ec8ebe0555c99988777
GET /recaptcha/api.js?onload=onloadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 09 Jan 2023 16:09:18 GMT
date: Mon, 09 Jan 2023 16:09:18 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 577
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-TPV52MD
142.250.74.168200 OK 69 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TPV52MD
IP 142.250.74.168:0
File type ASCII text, with very long lines (59309)
Hash 823c6e63f376c013b73bba8ce61657a4
3cfcb0ef30f4d7393a20c343b0254ade1311e183
6fc1f8d8cfc76dd5ab641fd5a46ea16e3c3279983cb8d7c63a0390fb48c6c546
GET /gtm.js?id=GTM-TPV52MD HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 09 Jan 2023 16:09:18 GMT
expires: Mon, 09 Jan 2023 16:09:18 GMT
cache-control: private, max-age=900
last-modified: Mon, 09 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1610284ecbad42b560aa91eee371c402
77ce2293cf0ef2e26cdae477222410a9bd146173
156dd69f320b9eacdc3160e5b46868a184dc48a9ec8c6245bb7f34eaf490a934
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=145633
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:18 GMT
Etag: "63bbd20f-117"
Expires: Wed, 11 Jan 2023 08:36:31 GMT
Last-Modified: Mon, 09 Jan 2023 08:36:31 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vegac-24.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jan 2023 18:52:41 GMT
expires: Tue, 02 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 594998
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vegac-24.org/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
203.34.80.53302 Found 1.6 kB URL HTTP/2 vegac-24.org/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
Hash 16f54e5d5a5efbac001418ee08fe2d26
4276fa77bb87b83107d754122ef3120fdf788c42
ad51ff6b0d8bcad57349f659a2f76661bc03e4878a8a94cea9201ac9efdc8af1
GET /register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855 HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vvegas-today.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 09 Jan 2023 16:09:18 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
location: /en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
set-cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; expires=Wed, 08 Feb 2023 16:09:18 GMT; Max-Age=2592000; path=/; secure; samesite=none
x-upstream: fpm
x-envoy-upstream-service-time: 32
x-frame-options: DENY
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786e6fc29a100b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1610284ecbad42b560aa91eee371c402
77ce2293cf0ef2e26cdae477222410a9bd146173
156dd69f320b9eacdc3160e5b46868a184dc48a9ec8c6245bb7f34eaf490a934
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=145633
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:19 GMT
Etag: "63bbd20f-117"
Expires: Wed, 11 Jan 2023 08:36:32 GMT
Last-Modified: Mon, 09 Jan 2023 08:36:31 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
216.58.207.227200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
IP 216.58.207.227:0
File type ASCII text, with very long lines (658)
Size 165 kB (164706 bytes)
Hash 0b7fccb24ee065a01fdde10928c03c3f
9b198014f81844820588c202cc24bf5e03bf3dd7
68756de8f0d6742525ddaca56ab350e34d822777e86939fea27eb704ae013280
GET /recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vegac-24.org
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164706
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 05:56:49 GMT
expires: Mon, 08 Jan 2024 05:56:49 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
content-type: text/javascript
age: 123150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vegac-24.org/gql/query
203.34.80.53101 Switching Protocols 0 B IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gql/query HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://vegac-24.org
Sec-WebSocket-Protocol: graphql-ws
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aYZAhWwjXRPmckAUMNPG/w==
Connection: keep-alive, Upgrade
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 09 Jan 2023 16:09:19 GMT
Content-Type: application/json
Connection: upgrade
sec-websocket-accept: w4jM51DSZzOqmIVUkgDLwXR1aOY=
sec-websocket-extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover
sec-websocket-protocol: graphql-ws
upgrade: websocket
x-frame-options: DENY
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 786e6fc81f770afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 09 Jan 2023 14:21:55 GMT
expires: Mon, 09 Jan 2023 16:21:55 GMT
cache-control: public, max-age=7200
age: 6444
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-1620307.js?sv=7
143.204.55.98200 OK 4.0 kB URL HTTP/2 static.hotjar.com/c/hotjar-1620307.js?sv=7
IP 143.204.55.98:0
File type ASCII text, with very long lines (7679)
Hash cc3238310c988ba16c61525832ce7d62
8418a09fc02f8802618aee8756e4492143544647
faf49f8ce7f457e04947bb69d97713fe7fa09b44bdba8314f175bcc247d0be64
GET /c/hotjar-1620307.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 09 Jan 2023 16:09:07 GMT
cache-control: max-age=60
etag: W/d6d34b2155fdd96dfeefcd39014c7e5b
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: e5Cw0NW_FYhU3Xh15M8BHa56J1a9pJN5b4vceb9RnY8bu5eDjGhutA==
age: 14
X-Firefox-Spdy: h2
widget.yhelper.net/iframe/
203.30.189.107200 OK 1.3 kB URL HTTP/2 widget.yhelper.net/iframe/
IP 203.30.189.107:0
ASN #209242 Cloudflare London, LLC
Hash 057c6ed34b5d3b8c5786ca3696e1cda7
7a6282ee62b7e0c77422c0a4f8dea6219c5a910e
40299cd5a43af9f5d34cd18c37ae3799e4fc6c54d2de89736f37ac76b6909517
GET /iframe/ HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:19 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Monday, 09-Jan-2023 16:09:19 UTC
cache-control: no-store, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786e6fc729f4b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
widget.yhelper.net/widget.js
203.30.189.107200 OK 41 kB URL HTTP/2 widget.yhelper.net/widget.js
IP 203.30.189.107:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (41713)
Hash e88be6d1b2afe557a901c85297951ca1
8029b68c19b7853c9573563d92c0a9b0b2628ed1
c287ad230a4edc43f62d2516b0417798d7156a7e42f67bc32bf17f021f944aa1
GET /widget.js HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Monday, 09-Jan-2023 16:09:19 UTC
cache-control: no-store, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 786e6fc4bdf8b4f9-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6657e0e0d697739f8ae655d5c2f44966
0e44ff4d1409f790e7dbdbc11dd7d27a24366fc0
fe079d733742de3db1482dececd5342eee0e43097e9e44b8ed9cd1cbdd3920f5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 16:09:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 08 Jan 2023 09:46:10 GMT
Expires: Sun, 15 Jan 2023 09:46:09 GMT
Etag: "0e44ff4d1409f790e7dbdbc11dd7d27a24366fc0"
Cache-Control: max-age=494809,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 786e6fc94b46b51d-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 826d11723a9433383ea51213b7028fb6
54d410f01a0fdeeb01801e76f2a0e52593451b0f
e3e3e309324799d76d4edb746eba71628bca18c080f1d628e1ba1eac871cbecd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1973
Cache-Control: max-age=95069
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:19 GMT
Etag: "63bb04d7-1d7"
Expires: Tue, 10 Jan 2023 18:33:48 GMT
Last-Modified: Sun, 08 Jan 2023 18:00:55 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash b604b44a44140d3e443d1c1c9da02d8d
05407447253dbbd694e67456c6b25b5112bd359d
0dcc105aceee70b68e812bdb6033ab465720efe541259c35f19aa09fadc88bf8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73737
date: Mon, 09 Jan 2023 16:09:19 GMT
access-control-allow-origin: *
etag: "63ae6ee1-12009"
expires: Mon, 09 Jan 2023 17:09:19 GMT
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
04bd958e-cee1-47a0-b01a-8d49faefc005.snippet.antillephone.com/apg-seal.js
143.204.55.63200 OK 1.3 kB URL HTTP/2 04bd958e-cee1-47a0-b01a-8d49faefc005.snippet.antillephone.com/apg-seal.js
IP 143.204.55.63:0
Hash 1ad10937acdf66230bd0d3c1cb3f9c1b
caaf7664d8ebb9fff39047025774591e3af1f568
b78f40e3be3074ce50c7e3500eb1886602dc6915c5aa2fd9cc2c961ec29e323a
GET /apg-seal.js HTTP/1.1
Host: 04bd958e-cee1-47a0-b01a-8d49faefc005.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Mon, 09 Jan 2023 16:09:19 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"c74-kf4fpZwAIWCAp9ZlrbXNElD7Wd4"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786e6fc649359188-FRA
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PKTL9RSAHzdu6KlOxgcT1s-uO4xXz2GE3vvEF2nEhl7ARNug45fUpA==
X-Firefox-Spdy: h2
vegac-24.org/static/125028/assets/img/frontend/favicons/en/apple-touch-icon-180x180.png
203.34.80.53200 OK 11 kB URL HTTP/2 vegac-24.org/static/125028/assets/img/frontend/favicons/en/apple-touch-icon-180x180.png
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 15c9f88028a568bbd00ca664c5d6bf59
5cc5aac79600dc08ee8f7569ac0f7c07cfe8ba4c
38ad67d0bf7c41bca8cccf5582e4932e454415afd3c4275072292b2734274d7f
GET /static/125028/assets/img/frontend/favicons/en/apple-touch-icon-180x180.png HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:19 GMT
content-type: image/png
content-length: 10657
content-security-policy: block-all-mixed-content
etag: "15c9f88028a568bbd00ca664c5d6bf59"
last-modified: Tue, 03 Jan 2023 14:38:43 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1736D38F7AB3F4F2
x-cache: MISS
x-cache-lookup: MISS
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1672409590#0/gid:0/gname:root/mode:33188/mtime:1672409590#0/uid:0/uname:root
expires: Thu, 06 Jan 2033 16:09:19 GMT
cache-control: public, max-age=315360000
x-envoy-upstream-service-time: 1
x-frame-options: DENY
cf-cache-status: HIT
age: 521901
accept-ranges: bytes
server: cloudflare
cf-ray: 786e6fca9d56b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vegac-24.org/static/125028/assets/img/frontend/favicons/en/favicon-16x16.png
203.34.80.53200 OK 1.2 kB URL HTTP/2 vegac-24.org/static/125028/assets/img/frontend/favicons/en/favicon-16x16.png
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 9a04ca0cca75aef35f4c1d428dc94949
b7362856b451a4f90df74e4e177af8338b840532
8460e349ae20da85c8e7a3e23efd9500e5e94da455ab738bde633b7b24595361
GET /static/125028/assets/img/frontend/favicons/en/favicon-16x16.png HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:19 GMT
content-type: image/png
content-length: 1168
content-security-policy: block-all-mixed-content
etag: "9a04ca0cca75aef35f4c1d428dc94949"
last-modified: Tue, 03 Jan 2023 14:42:01 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1736D38F507D56EC
x-cache: HIT
x-cache-lookup: HIT
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1672409590#0/gid:0/gname:root/mode:33188/mtime:1672409590#0/uid:0/uname:root
expires: Thu, 06 Jan 2033 16:09:19 GMT
cache-control: public, max-age=315360000
x-envoy-upstream-service-time: 0
x-frame-options: DENY
cf-cache-status: HIT
age: 386312
accept-ranges: bytes
server: cloudflare
cf-ray: 786e6fcaad5ab51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.hotjar.com/modules.563beb7d4ef2e22dbb74.js
143.204.55.46200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.563beb7d4ef2e22dbb74.js
IP 143.204.55.46:0
File type Unicode text, UTF-8 text, with very long lines (48636)
Hash c7ec806fc012fea99e86e2b314268f81
e29811a40a4f88aa241b0aa2d058018b2260c82f
e0e4461c092613ebaa4299682852f30cbe9bad1f51c6490f382e3d064283c232
GET /modules.563beb7d4ef2e22dbb74.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68844
date: Mon, 09 Jan 2023 10:54:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "c7ec806fc012fea99e86e2b314268f81"
last-modified: Mon, 09 Jan 2023 10:53:14 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QVGkNAjtlg6pcxLw7gVMgxCiMNMPBOoDH85RSzw7fJxtZs5KNhACZA==
age: 18913
X-Firefox-Spdy: h2
vegac-24.org/static/125028/assets/img/frontend/currencies/nok.svg
203.34.80.53200 OK 582 B URL HTTP/2 vegac-24.org/static/125028/assets/img/frontend/currencies/nok.svg
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
Hash 4d32c479109e59822d6c5d22b71f3953
de212964394cd12a56730ad7bc2f27a240bf3daf
853dc463b792fbaf8f9767fc27f2404a0631f98f6d262312abcc645af16ada4f
GET /static/125028/assets/img/frontend/currencies/nok.svg HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1; _ga=GA1.2.1187791361.1673280547; _gid=GA1.2.150171126.1673280547; _gat=1; _gat_UA-79293610-7=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:19 GMT
content-type: image/svg+xml
content-security-policy: block-all-mixed-content
etag: W/"e35598abb37de7c240c4c3ad545145a3"
last-modified: Sat, 07 Jan 2023 14:38:34 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17380F71CC62EBDA
x-cache: HIT
x-cache-lookup: HIT
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1672409590#0/gid:0/gname:root/mode:33188/mtime:1672409590#0/uid:0/uname:root
expires: Thu, 06 Jan 2033 16:09:19 GMT
cache-control: public, max-age=315360000
x-envoy-upstream-service-time: 28
x-frame-options: DENY
cf-cache-status: HIT
age: 176316
server: cloudflare
cf-ray: 786e6fca3c90b51d-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zz.connextra.com/dcs/tagController/tag/363d7ed38585/regstart
104.85.191.64200 OK 17 kB URL HTTP/2 zz.connextra.com/dcs/tagController/tag/363d7ed38585/regstart
IP 104.85.191.64:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2631)
Hash f7b0b7ed98e5f4d9e800314062f3a6f8
c0cd10ec20c04639a71113ae27748878a98a4f4d
eca478f3b606bd1926d211cd8f0fc7248e7b4a54e58dcd89dc4ef965987e1c8c
GET /dcs/tagController/tag/363d7ed38585/regstart HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: text/javascript;charset=utf-8
content-length: 16594
cache-control: must-revalidate, max-age=214
expires: Mon, 09 Jan 2023 16:12:53 GMT
date: Mon, 09 Jan 2023 16:09:19 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.101200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: G0VgI1zhBD-fYVAwMgiwidMIYxNuVOZMzio0C1xLEXqzHOrpcv9TFA==
age: 4071554
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71281573?wmode=7&page-url=https%3A%2F%2Fvegac-24.org%2Fen%2Fregister%3Fref%3Dvp_w47329c118609l4425gnop252_17855%26affdata%255Bsubdata%255D%3D50cfb6cc4fdddd91ce5fb8b47809880c%26affdata%255Bclick_id%255D%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26affdata%255Bgeo%255D%3Dno%26affdata%255Brotator%255D%3D118609%26affdata%255Blanding%255D%3D4425%26affdata%255Bsub_id%255D%3D17855&page-ref=https%3A%2F%2Fvvegas-today.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1060%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A116292789450%3Ahid%3A55954936%3Az%3A0%3Ai%3A20230109160906%3Aet%3A1673280547%3Ac%3A1%3Arn%3A821663968%3Arqn%3A1%3Au%3A1673280547838481802%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C115%2C0%2C217%2C0%2C%2C345%2C1%2C%2C%2C%2C709%3Aco%3A0%3Ans%3A1673280545335%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673280547%3At%3AVulkan%20Vegas%20-%20Online%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
93.158.134.119302 Found 435 B URL HTTP/2 mc.yandex.ru/watch/71281573?wmode=7&page-url=https%3A%2F%2Fvegac-24.org%2Fen%2Fregister%3Fref%3Dvp_w47329c118609l4425gnop252_17855%26affdata%255Bsubdata%255D%3D50cfb6cc4fdddd91ce5fb8b47809880c%26affdata%255Bclick_id%255D%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26affdata%255Bgeo%255D%3Dno%26affdata%255Brotator%255D%3D118609%26affdata%255Blanding%255D%3D4425%26affdata%255Bsub_id%255D%3D17855&page-ref=https%3A%2F%2Fvvegas-today.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1060%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A116292789450%3Ahid%3A55954936%3Az%3A0%3Ai%3A20230109160906%3Aet%3A1673280547%3Ac%3A1%3Arn%3A821663968%3Arqn%3A1%3Au%3A1673280547838481802%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C115%2C0%2C217%2C0%2C%2C345%2C1%2C%2C%2C%2C709%3Aco%3A0%3Ans%3A1673280545335%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673280547%3At%3AVulkan%20Vegas%20-%20Online%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (435), with no line terminators
Hash 0d6adf973f73393ecd648cc11d994a6d
84efa9d9609cb104e191d3024136cc8b632dc89c
619c6e8c8119c84202da391e54581cebe2abdaef2668bfeb3abe3b1984dcbb8d
GET /watch/71281573?wmode=7&page-url=https%3A%2F%2Fvegac-24.org%2Fen%2Fregister%3Fref%3Dvp_w47329c118609l4425gnop252_17855%26affdata%255Bsubdata%255D%3D50cfb6cc4fdddd91ce5fb8b47809880c%26affdata%255Bclick_id%255D%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26affdata%255Bgeo%255D%3Dno%26affdata%255Brotator%255D%3D118609%26affdata%255Blanding%255D%3D4425%26affdata%255Bsub_id%255D%3D17855&page-ref=https%3A%2F%2Fvvegas-today.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1060%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A116292789450%3Ahid%3A55954936%3Az%3A0%3Ai%3A20230109160906%3Aet%3A1673280547%3Ac%3A1%3Arn%3A821663968%3Arqn%3A1%3Au%3A1673280547838481802%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C115%2C0%2C217%2C0%2C%2C345%2C1%2C%2C%2C%2C709%3Aco%3A0%3Ans%3A1673280545335%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673280547%3At%3AVulkan%20Vegas%20-%20Online%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vegac-24.org
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/71281573/1?wmode=7&page-url=https%3A%2F%2Fvegac-24.org%2Fen%2Fregister%3Fref%3Dvp_w47329c118609l4425gnop252_17855%26affdata%255Bsubdata%255D%3D50cfb6cc4fdddd91ce5fb8b47809880c%26affdata%255Bclick_id%255D%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26affdata%255Bgeo%255D%3Dno%26affdata%255Brotator%255D%3D118609%26affdata%255Blanding%255D%3D4425%26affdata%255Bsub_id%255D%3D17855&page-ref=https%3A%2F%2Fvvegas-today.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1060%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A116292789450%3Ahid%3A55954936%3Az%3A0%3Ai%3A20230109160906%3Aet%3A1673280547%3Ac%3A1%3Arn%3A821663968%3Arqn%3A1%3Au%3A1673280547838481802%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C115%2C0%2C217%2C0%2C%2C345%2C1%2C%2C%2C%2C709%3Aco%3A0%3Ans%3A1673280545335%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673280547%3At%3AVulkan%20Vegas%20-%20Online%20Casino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 09 Jan 2023 16:09:20 GMT
access-control-allow-origin: https://vegac-24.org
set-cookie: yabs-sid=958221941673280560; Path=/; SameSite=None; Secure
i=OaK1LQLrH4gnPfkK9oo+vfutT7m/awqELdAFCDNx2qqnLV9UjOF3BJM5AVy3ZZXfevQ6Espxh7RZcmvRr+UPQ7QvAgo=; Expires=Thu, 06-Jan-2033 16:09:17 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5208371031673280560; Expires=Tue, 09-Jan-2024 16:09:20 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5208371031673280560; Expires=Tue, 09-Jan-2024 16:09:20 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1704816560.yc.1673280560#1704816560.yrts.1673280560#1704816560.yrtsi.1673280560; Expires=Tue, 09-Jan-2024 16:09:20 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 09-Jan-2023 16:09:20 GMT
last-modified: Mon, 09-Jan-2023 16:09:20 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 09 Jan 2023 16:09:20 GMT
access-control-allow-origin: *
etag: "63ae6ee1-2b"
expires: Mon, 09 Jan 2023 17:09:20 GMT
accept-ranges: bytes
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27d78738a9609be605b9885f7a5f90e1
cc0794b5d6eff980221081c785662ffa3f770f13
388060a0450ea600c005936f51fbb7e7779ab49eb33044141926cfdb2cf01be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vegac-24.org/graphql
203.34.80.53200 OK 910 B IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
Hash e6434ffe2a2d728e750cb11d2f401c7b
84f42f62984d868bf488aaa567e4ef8dbd6f1f63
4e7f1d2e2024335ec58bbc0f3f25841dcfbabb87d22383def70e8b8859c31171
POST /graphql HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
content-type: application/json
X-Requested-With: XMLHttpRequest
X-Gc-Locale: en
Origin: https://vegac-24.org
Content-Length: 790
Connection: keep-alive
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1; _ga=GA1.2.1187791361.1673280547; _gid=GA1.2.150171126.1673280547; _gat=1; _gat_UA-79293610-7=1; _ym_uid=1673280547838481802; _ym_d=1673280547
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:20 GMT
content-type: application/json
cache-control: private
set-cookie: actionPay=deleted; expires=Sun, 09 Jan 2022 16:09:19 GMT; Max-Age=0; path=/; secure; httponly; samesite=none
first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; expires=Mon, 23 Jan 2023 16:09:20 GMT; Max-Age=1209600; path=/; secure; samesite=none
x-upstream: fpm
x-envoy-upstream-service-time: 86
x-frame-options: DENY
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786e6fccafdcb51d-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-98516105-1&cid=1187791361.1673280547&jid=1474872995&gjid=1885257667&_gid=150171126.1673280547&_u=IEBAAEAAAAAAACAAI~&z=1727546318
64.233.165.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-98516105-1&cid=1187791361.1673280547&jid=1474872995&gjid=1885257667&_gid=150171126.1673280547&_u=IEBAAEAAAAAAACAAI~&z=1727546318
IP 64.233.165.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-98516105-1&cid=1187791361.1673280547&jid=1474872995&gjid=1885257667&_gid=150171126.1673280547&_u=IEBAAEAAAAAAACAAI~&z=1727546318 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://vegac-24.org
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://vegac-24.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 09 Jan 2023 16:09:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-79293610-7&cid=1187791361.1673280547&jid=1505353296&gjid=1379183743&_gid=150171126.1673280547&_u=YEDAAEABAAAAACAAI~&z=806975423
64.233.165.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-79293610-7&cid=1187791361.1673280547&jid=1505353296&gjid=1379183743&_gid=150171126.1673280547&_u=YEDAAEABAAAAACAAI~&z=806975423
IP 64.233.165.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-79293610-7&cid=1187791361.1673280547&jid=1505353296&gjid=1379183743&_gid=150171126.1673280547&_u=YEDAAEABAAAAACAAI~&z=806975423 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://vegac-24.org
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://vegac-24.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 09 Jan 2023 16:09:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zz.connextra.com/VulkanVegas/dcs/tagController/tagData/363d7ed38585
104.85.191.64200 OK 0 B URL HTTP/2 zz.connextra.com/VulkanVegas/dcs/tagController/tagData/363d7ed38585
IP 104.85.191.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /VulkanVegas/dcs/tagController/tagData/363d7ed38585 HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 41
Origin: https://vegac-24.org
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://vegac-24.org
vary: Origin
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-type: text/plain
content-length: 0
expires: Mon, 09 Jan 2023 16:09:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 09 Jan 2023 16:09:20 GMT
set-cookie: CxtId=7c0f1e2a-84a2-41e2-b944-2773453e219e; Domain=.connextra.com; Expires=Wed, 08-Jan-2025 16:09:20 GMT; Path=/; Secure; SameSite=None
VulkanVegas=P%7Cregstart%7C1%7C202301091609; Domain=.connextra.com; Expires=Tue, 09-Jan-2024 16:09:20 GMT; Path=/; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71281573/1?page-url=https%3A%2F%2Fvegac-24.org%2Fen%2Fregister%3Fref%3Dvp_w47329c118609l4425gnop252_17855%26affdata%255Bsubdata%255D%3D50cfb6cc4fdddd91ce5fb8b47809880c%26affdata%255Bclick_id%255D%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26affdata%255Bgeo%255D%3Dno%26affdata%255Brotator%255D%3D118609%26affdata%255Blanding%255D%3D4425%26affdata%255Bsub_id%255D%3D17855&charset=utf-8&hittoken=1673280560_eb7cc8110266ceb21a6f757e3b667be35bdd8ed3e299317ad9a38aa9fa390c1d&browser-info=pa%3A1%3Aar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A116292789450%3Ahid%3A55954936%3Az%3A0%3Ai%3A20230109160907%3Aet%3A1673280547%3Ac%3A1%3Arn%3A884269917%3Arqn%3A2%3Au%3A1673280547838481802%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1837%2C1837%2C20%2C%3Aco%3A0%3Ans%3A1673280545335%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1673280547&t=gdpr(14)mc(p-1-up-1-g-1)clc(0-0-0)rqnt(2)aw(1)ecs(0)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/71281573/1?page-url=https%3A%2F%2Fvegac-24.org%2Fen%2Fregister%3Fref%3Dvp_w47329c118609l4425gnop252_17855%26affdata%255Bsubdata%255D%3D50cfb6cc4fdddd91ce5fb8b47809880c%26affdata%255Bclick_id%255D%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26affdata%255Bgeo%255D%3Dno%26affdata%255Brotator%255D%3D118609%26affdata%255Blanding%255D%3D4425%26affdata%255Bsub_id%255D%3D17855&charset=utf-8&hittoken=1673280560_eb7cc8110266ceb21a6f757e3b667be35bdd8ed3e299317ad9a38aa9fa390c1d&browser-info=pa%3A1%3Aar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A116292789450%3Ahid%3A55954936%3Az%3A0%3Ai%3A20230109160907%3Aet%3A1673280547%3Ac%3A1%3Arn%3A884269917%3Arqn%3A2%3Au%3A1673280547838481802%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1837%2C1837%2C20%2C%3Aco%3A0%3Ans%3A1673280545335%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1673280547&t=gdpr(14)mc(p-1-up-1-g-1)clc(0-0-0)rqnt(2)aw(1)ecs(0)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/71281573/1?page-url=https%3A%2F%2Fvegac-24.org%2Fen%2Fregister%3Fref%3Dvp_w47329c118609l4425gnop252_17855%26affdata%255Bsubdata%255D%3D50cfb6cc4fdddd91ce5fb8b47809880c%26affdata%255Bclick_id%255D%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26affdata%255Bgeo%255D%3Dno%26affdata%255Brotator%255D%3D118609%26affdata%255Blanding%255D%3D4425%26affdata%255Bsub_id%255D%3D17855&charset=utf-8&hittoken=1673280560_eb7cc8110266ceb21a6f757e3b667be35bdd8ed3e299317ad9a38aa9fa390c1d&browser-info=pa%3A1%3Aar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A116292789450%3Ahid%3A55954936%3Az%3A0%3Ai%3A20230109160907%3Aet%3A1673280547%3Ac%3A1%3Arn%3A884269917%3Arqn%3A2%3Au%3A1673280547838481802%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1837%2C1837%2C20%2C%3Aco%3A0%3Ans%3A1673280545335%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1673280547&t=gdpr(14)mc(p-1-up-1-g-1)clc(0-0-0)rqnt(2)aw(1)ecs(0)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 200
Origin: https://vegac-24.org
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 09 Jan 2023 16:09:20 GMT
access-control-allow-origin: https://vegac-24.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 09-Jan-2023 16:09:20 GMT
last-modified: Mon, 09-Jan-2023 16:09:20 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27d78738a9609be605b9885f7a5f90e1
cc0794b5d6eff980221081c785662ffa3f770f13
388060a0450ea600c005936f51fbb7e7779ab49eb33044141926cfdb2cf01be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/71281573/1?page-url=goal%3A%2F%2Fvegac-24.org%2FuuID&page-ref=https%3A%2F%2Fvegac-24.org%2Fen%2Fregister%3Fref%3Dvp_w47329c118609l4425gnop252_17855%26affdata%255Bsubdata%255D%3D50cfb6cc4fdddd91ce5fb8b47809880c%26affdata%255Bclick_id%255D%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26affdata%255Bgeo%255D%3Dno%26affdata%255Brotator%255D%3D118609%26affdata%255Blanding%255D%3D4425%26affdata%255Bsub_id%255D%3D17855&charset=utf-8&hittoken=1673280560_eb7cc8110266ceb21a6f757e3b667be35bdd8ed3e299317ad9a38aa9fa390c1d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A116292789450%3Ahid%3A55954936%3Az%3A0%3Ai%3A20230109160907%3Aet%3A1673280547%3Ac%3A1%3Arn%3A57952983%3Arqn%3A3%3Au%3A1673280547838481802%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1673280545335%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673280547%3At%3AVulkan%20Vegas%20-%20Online%20Casino&t=gdpr(14)mc(p-1-up-1-g-1)clc(0-0-0)rqnt(3)aw(1)ecs(0)fip(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/71281573/1?page-url=goal%3A%2F%2Fvegac-24.org%2FuuID&page-ref=https%3A%2F%2Fvegac-24.org%2Fen%2Fregister%3Fref%3Dvp_w47329c118609l4425gnop252_17855%26affdata%255Bsubdata%255D%3D50cfb6cc4fdddd91ce5fb8b47809880c%26affdata%255Bclick_id%255D%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26affdata%255Bgeo%255D%3Dno%26affdata%255Brotator%255D%3D118609%26affdata%255Blanding%255D%3D4425%26affdata%255Bsub_id%255D%3D17855&charset=utf-8&hittoken=1673280560_eb7cc8110266ceb21a6f757e3b667be35bdd8ed3e299317ad9a38aa9fa390c1d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A116292789450%3Ahid%3A55954936%3Az%3A0%3Ai%3A20230109160907%3Aet%3A1673280547%3Ac%3A1%3Arn%3A57952983%3Arqn%3A3%3Au%3A1673280547838481802%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1673280545335%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673280547%3At%3AVulkan%20Vegas%20-%20Online%20Casino&t=gdpr(14)mc(p-1-up-1-g-1)clc(0-0-0)rqnt(3)aw(1)ecs(0)fip(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/71281573/1?page-url=goal%3A%2F%2Fvegac-24.org%2FuuID&page-ref=https%3A%2F%2Fvegac-24.org%2Fen%2Fregister%3Fref%3Dvp_w47329c118609l4425gnop252_17855%26affdata%255Bsubdata%255D%3D50cfb6cc4fdddd91ce5fb8b47809880c%26affdata%255Bclick_id%255D%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26affdata%255Bgeo%255D%3Dno%26affdata%255Brotator%255D%3D118609%26affdata%255Blanding%255D%3D4425%26affdata%255Bsub_id%255D%3D17855&charset=utf-8&hittoken=1673280560_eb7cc8110266ceb21a6f757e3b667be35bdd8ed3e299317ad9a38aa9fa390c1d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A116292789450%3Ahid%3A55954936%3Az%3A0%3Ai%3A20230109160907%3Aet%3A1673280547%3Ac%3A1%3Arn%3A57952983%3Arqn%3A3%3Au%3A1673280547838481802%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1673280545335%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673280547%3At%3AVulkan%20Vegas%20-%20Online%20Casino&t=gdpr(14)mc(p-1-up-1-g-1)clc(0-0-0)rqnt(3)aw(1)ecs(0)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 42
Origin: https://vegac-24.org
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 09 Jan 2023 16:09:20 GMT
access-control-allow-origin: https://vegac-24.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 09-Jan-2023 16:09:20 GMT
last-modified: Mon, 09-Jan-2023 16:09:20 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=17917235&t=2
185.89.210.180307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=17917235&t=2
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=17917235&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 09 Jan 2023 16:09:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17917235%26t%3D2
AN-X-Request-Uuid: d21f69e0-7568-49b6-a309-48b2ad54c7a2
Set-Cookie: uuid2=5915287113734213272; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 09-Apr-2023 16:09:20 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://widget.yhelper.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:33:56 GMT
expires: Thu, 04 Jan 2024 19:33:56 GMT
cache-control: public, max-age=31536000
age: 419724
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
185.89.210.180200 OK 43 B URL HTTP/1.1 secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP 185.89.210.180:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 09 Jan 2023 16:09:20 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: b98aa2aa-c8a1-4327-af53-6930abb1c350
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://widget.yhelper.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:33:54 GMT
expires: Thu, 04 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 419726
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9d2dc5966430e4560ac0b69e72ff77a
ef3b8595996285a7e8eb3625064eb884ff1ae495
6647049264023b4992725e9fca8e9708c2e4c737c5e150c82947b6a3d69d4836
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6647049264023B4992725E9FCA8E9708C2E4C737C5E150C82947B6A3D69D4836"
Last-Modified: Mon, 09 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6132
Expires: Mon, 09 Jan 2023 17:51:32 GMT
Date: Mon, 09 Jan 2023 16:09:20 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8fd95f99c767ca2559dfa76e78fa1ddd
1bcfa611a72225e6cd9cfedf6d03a43aa525946f
01595b34ecb16f26e964615a0b43bc3a886e2c15a027314af991d4ccd56e64cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8fd95f99c767ca2559dfa76e78fa1ddd
1bcfa611a72225e6cd9cfedf6d03a43aa525946f
01595b34ecb16f26e964615a0b43bc3a886e2c15a027314af991d4ccd56e64cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17917235%26t%3D2
185.89.210.180200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17917235%26t%3D2
IP 185.89.210.180:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D17917235%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vegac-24.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 09 Jan 2023 16:09:20 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 54b74ef2-c834-45df-9023-e920a4370734
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2In1dt*>r!]tbP6j2F-XstGt!@E2O%*v:z; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 09-Apr-2023 16:09:20 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-98516105-1&cid=1187791361.1673280547&jid=1474872995&_u=IEBAAEAAAAAAACAAI~&z=1477831327
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-98516105-1&cid=1187791361.1673280547&jid=1474872995&_u=IEBAAEAAAAAAACAAI~&z=1477831327
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-98516105-1&cid=1187791361.1673280547&jid=1474872995&_u=IEBAAEAAAAAAACAAI~&z=1477831327 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 16:09:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-79293610-7&cid=1187791361.1673280547&jid=1505353296&_u=YEDAAEABAAAAACAAI~&z=513963935
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-79293610-7&cid=1187791361.1673280547&jid=1505353296&_u=YEDAAEABAAAAACAAI~&z=513963935
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-79293610-7&cid=1187791361.1673280547&jid=1505353296&_u=YEDAAEABAAAAACAAI~&z=513963935 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 16:09:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 338bec6191a23f0dfaffb3ae05b71022
437027a662e93248aa597b4be73bfc42d97ae9f1
3232542c934c2b9eeef13e6a3e395fbd5be25e0b87e0e001c9fe62e3691ed96a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 09 Jan 2023 16:09:20 GMT
Last-Modified: Mon, 09 Jan 2023 15:41:14 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eWa_miUzO6z8wMMMyZiRHLyNfkeNEcul2rFx0U4W9oJOPp01ZbS-3g==
Age: 1686
widget.yhelper.net/iframe/src/assets/sounds//4782183d.ChatIncomingInitial.wav
203.30.189.107206 Partial Content 28 kB URL HTTP/2 widget.yhelper.net/iframe/src/assets/sounds//4782183d.ChatIncomingInitial.wav
IP 203.30.189.107:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 16000 Hz\012- data
Hash 1df95570b7377118f5e3aaf17713aae9
79f36413ac726b7e9fe372bb7150910d0b5d91a8
70f61fc75704bbe219317ebe36e8dc5f1c66bebe36b1debd903ae62a5913f35c
GET /iframe/src/assets/sounds//4782183d.ChatIncomingInitial.wav HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://widget.yhelper.net/iframe/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Mon, 09 Jan 2023 16:09:20 GMT
content-type: application/octet-stream
content-length: 27564
last-modified: Monday, 09-Jan-2023 16:09:20 UTC
cache-control: no-store, no-cache
content-range: bytes 0-27563/27564
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786e6fceac94b4f9-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8fd95f99c767ca2559dfa76e78fa1ddd
1bcfa611a72225e6cd9cfedf6d03a43aa525946f
01595b34ecb16f26e964615a0b43bc3a886e2c15a027314af991d4ccd56e64cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 355c9612c0c7277e6c2fbabf322e97cd
bd1e5574ed755859f1c515de90451301598754ac
ec0af0aaa8ddf54d31744f62d25de2463fd783ed62f2946d5b91ef5e31840b0f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 09 Jan 2023 16:09:20 GMT
Last-Modified: Mon, 09 Jan 2023 15:07:36 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ViggFI-pZo09wNPs3hbkUQiVCLFFy1dww4nh9runSFe2ir-ajiKKRw==
Age: 3704
chat.prod.yhelper.net/socket.io/?EIO=4&transport=websocket
35.204.181.185101 Switching Protocols 0 B URL HTTP/1.1 chat.prod.yhelper.net/socket.io/?EIO=4&transport=websocket
IP 35.204.181.185:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=4&transport=websocket HTTP/1.1
Host: chat.prod.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://widget.yhelper.net
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: T6ZS/KmNTaiSP7XnrXdbKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 09 Jan 2023 16:09:20 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4Z3WCz0g0vH4U5IluYIhJRl0N0A=
Strict-Transport-Security: max-age=15724800; includeSubDomains
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-559&value=
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-559&value=
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-559&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Mon, 09 Jan 2023 16:09:20 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-559&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Mon, 09 Jan 2023 16:19:20 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
pixel.mathtag.com/event/js?mt_id=1417722&mt_adid=224899&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
2.18.172.207200 OK 1.5 kB URL HTTP/1.1 pixel.mathtag.com/event/js?mt_id=1417722&mt_adid=224899&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP 2.18.172.207:0
Hash af3a533c082da9499798fe75591c28ef
ac08841bf7f4208748d4f289e29d60eeddf06894
222192d2cf52cff57b5a152611ec7ceb199c5682ff85a8c6aaf373b8e990bea5
GET /event/js?mt_id=1417722&mt_adid=224899&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1493
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master cdg-pixel-x33 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Mon, 09 Jan 2023 16:09:19 GMT
Date: Mon, 09 Jan 2023 16:09:20 GMT
Connection: keep-alive
Set-Cookie: uuid=423f63bc-3c30-4700-848e-2c3951001a54; domain=.mathtag.com; path=/; expires=Tue, 06-Feb-2024 16:09:20 GMT; SameSite=None; Secure
match.prod.bidr.io/cookie-sync/geniussports
54.194.92.99303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports
IP 54.194.92.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Mon, 09 Jan 2023 16:09:20 GMT
location: https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Mon, 09 Jan 2023 16:19:20 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-559&value=&_bee_ppp=1
52.49.0.146200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-559&value=&_bee_ppp=1
IP 52.49.0.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-559&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vegac-24.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Mon, 09 Jan 2023 16:09:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
pixel.mathtag.com/sync/iframe?mt_uuid=423f63bc-3c30-4700-848e-2c3951001a54&no_iframe=1&mt_adid=224899&source=mathtag
2.18.172.207200 OK 713 B URL HTTP/1.1 pixel.mathtag.com/sync/iframe?mt_uuid=423f63bc-3c30-4700-848e-2c3951001a54&no_iframe=1&mt_adid=224899&source=mathtag
IP 2.18.172.207:0
File type HTML document text\012- HTML document, ASCII text
Hash f853f2ecf3f2d763c4057f4ff5c3e4e8
0f9ca6de16aa4261f1202443311462a81717dd85
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
GET /sync/iframe?mt_uuid=423f63bc-3c30-4700-848e-2c3951001a54&no_iframe=1&mt_adid=224899&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 713
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master zrh-pixel-x10 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Mon, 09 Jan 2023 16:09:19 GMT
Date: Mon, 09 Jan 2023 16:09:20 GMT
Connection: keep-alive
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
2.18.172.207200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP 2.18.172.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master cdg-pixel-x26 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Mon, 09 Jan 2023 16:09:19 GMT
Date: Mon, 09 Jan 2023 16:09:20 GMT
Connection: keep-alive
Set-Cookie: uuid=cad163bc-3c30-4600-964b-c0d8a747d4e0; domain=.mathtag.com; path=/; expires=Tue, 06-Feb-2024 16:09:20 GMT; SameSite=None; Secure
match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
54.194.92.99303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
IP 54.194.92.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vegac-24.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Mon, 09 Jan 2023 16:09:20 GMT
location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
2.18.172.207200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP 2.18.172.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=423f63bc-3c30-4700-848e-2c3951001a54&no_iframe=1&mt_adid=224899&source=mathtag
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master zrh-pixel-x5 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Mon, 09 Jan 2023 16:09:19 GMT
Date: Mon, 09 Jan 2023 16:09:20 GMT
Connection: keep-alive
Set-Cookie: uuid=aee663bc-3c32-4400-b627-7e5da5bb86a3; domain=.mathtag.com; path=/; expires=Tue, 06-Feb-2024 16:09:22 GMT; SameSite=None; Secure
widget.yhelper.net/iframe/src/assets/icons/chat/24//1c089c1d.close.svg
203.30.189.107200 OK 426 B URL HTTP/2 widget.yhelper.net/iframe/src/assets/icons/chat/24//1c089c1d.close.svg
IP 203.30.189.107:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- data
Hash cedcee914b85450a95b1656555eb99e5
0c07c9592a1826be5e1b46ccc8b7ba67e859bab7
73595ac8ccd60f78e7b40133cf9e6a5c5a99aa641e4f7b6cc7cf09650453e849
GET /iframe/src/assets/icons/chat/24//1c089c1d.close.svg HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.yhelper.net/iframe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:20 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Monday, 09-Jan-2023 16:09:20 UTC
cache-control: no-store, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 786e6fce6c35b4f9-OSL
X-Firefox-Spdy: h2
widget.yhelper.net/iframe/src/assets/icons/chat/24//f688ee8b.hide.svg
203.30.189.107200 OK 46 kB URL HTTP/2 widget.yhelper.net/iframe/src/assets/icons/chat/24//f688ee8b.hide.svg
IP 203.30.189.107:0
ASN #209242 Cloudflare London, LLC
Hash 4e5a48bac9cf0bb48295bfbab3df5db7
7c847326a8adfa4e77365939bf0a8b2a323d586e
26cb080040ec3c0a8c93c59d9acbfb35e125741466e2a40c0cf1a5450906938d
GET /iframe/src/assets/icons/chat/24//f688ee8b.hide.svg HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.yhelper.net/iframe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:20 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Monday, 09-Jan-2023 16:09:20 UTC
cache-control: no-store, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 786e6fce6c31b4f9-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2eaa56cee5d7fd62f7eefacb2f2c4842
6ea38da94a8618dbd48381892c1c22c4896a2b02
c464dae0f103f9af31163b3843f7981ee0e1595006480c88bea3d033bae49396
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1826
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 16:09:20 GMT
Last-Modified: Mon, 09 Jan 2023 15:38:54 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
185.29.132.241302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
IP 185.29.132.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Mon, 09 Jan 2023 16:09:20 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master zrh-pixel-x28 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=68a963bc-3c31-4d00-ad87-95a1a6fd8fea; domain=.mathtag.com; path=/; expires=Tue, 06-Feb-2024 16:09:21 GMT; SameSite=None; Secure
location: https://zz.connextra.com/sync/data/uid/6c883bd680/68a963bc-3c31-4d00-ad87-95a1a6fd8fea
Expires: Mon, 09 Jan 2023 16:09:19 GMT
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://widget.yhelper.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:33:13 GMT
expires: Sat, 06 Jan 2024 13:33:13 GMT
cache-control: public, max-age=31536000
age: 268567
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zz.connextra.com/sync/data/uid/6c883bd680/68a963bc-3c31-4d00-ad87-95a1a6fd8fea
104.85.191.64200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/6c883bd680/68a963bc-3c31-4d00-ad87-95a1a6fd8fea
IP 104.85.191.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/6c883bd680/68a963bc-3c31-4d00-ad87-95a1a6fd8fea HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vegac-24.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Mon, 09 Jan 2023 16:09:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 09 Jan 2023 16:09:20 GMT
content-length: 64
set-cookie: CxtId=af4ec1fb-449d-45cc-8f71-330424d1ec8a; Domain=.connextra.com; Expires=Tue, 09-Jan-2024 16:09:20 GMT; Path=/; Secure
ex_uuid=6c883bd680%2C68a963bc-3c31-4d00-ad87-95a1a6fd8fea; Domain=.connextra.com; Expires=Tue, 09-Jan-2024 16:09:20 GMT; Path=/; Secure
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca7956cf-b613-4307-88cb-8cc1a3fda11c.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca7956cf-b613-4307-88cb-8cc1a3fda11c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa9ed964b2f5f08ec571b525992f1566
9de0dfe9d1018726f1504b26964629f419700a49
d75747ac8726cbbe7583c48c2522cecc0c3ed6a0fa3694513c694876847b5944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca7956cf-b613-4307-88cb-8cc1a3fda11c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9594
x-amzn-requestid: 4019d06f-0759-4d75-b349-100cb39dc757
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecZt8FzxoAMFb7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb3cbf-5a39912c2194b09536deb76e;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 21:59:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 12jvOrrQ_7Zt3RNX8Ro_essztAfvOZedtIOnBOilPBmw5yv65ocP8Q==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 08:43:20 GMT
age: 26763
etag: "9de0dfe9d1018726f1504b26964629f419700a49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vegac-24.org/static/125028/assets/css/popup.css?v=d099afbdbb000bbfc4cc
203.34.80.53200 OK 0 B URL HTTP/2 vegac-24.org/static/125028/assets/css/popup.css?v=d099afbdbb000bbfc4cc
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
GET /static/125028/assets/css/popup.css?v=d099afbdbb000bbfc4cc HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:19 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"65bbf137d029daaa7fd926dcb322c477"
last-modified: Tue, 03 Jan 2023 14:47:26 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1736D3E0E0722B18
x-cache: HIT
x-cache-lookup: HIT
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1672409591#0/gid:0/gname:root/mode:33188/mtime:1672409591#0/uid:0/uname:root
expires: Thu, 06 Jan 2033 16:09:19 GMT
cache-control: public, max-age=315360000
x-envoy-upstream-service-time: 2
x-frame-options: DENY
cf-cache-status: HIT
age: 517837
server: cloudflare
cf-ray: 786e6fc8faedb51d-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vegac-24.org/static/125028/assets/js/chunks/popup.8b2097146531242afd7c.js
203.34.80.53200 OK 0 B URL HTTP/2 vegac-24.org/static/125028/assets/js/chunks/popup.8b2097146531242afd7c.js
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
GET /static/125028/assets/js/chunks/popup.8b2097146531242afd7c.js HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:19 GMT
content-type: application/javascript
content-security-policy: block-all-mixed-content
etag: W/"8bf502daddeb8e8bff44b30566187bf8"
last-modified: Tue, 03 Jan 2023 14:41:58 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1736D38DFE829A0D
x-cache: HIT
x-cache-lookup: HIT
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1672409591#0/gid:0/gname:root/mode:33188/mtime:1672409591#0/uid:0/uname:root
expires: Thu, 06 Jan 2033 16:09:19 GMT
cache-control: public, max-age=315360000
x-envoy-upstream-service-time: 3
x-frame-options: DENY
cf-cache-status: HIT
age: 287670
server: cloudflare
cf-ray: 786e6fc91b17b51d-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vegac-24.org/static/125028/assets/img/frontend/social-networks/google.svg
203.34.80.53200 OK 0 B URL HTTP/2 vegac-24.org/static/125028/assets/img/frontend/social-networks/google.svg
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
GET /static/125028/assets/img/frontend/social-networks/google.svg HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1; _ga=GA1.2.1187791361.1673280547; _gid=GA1.2.150171126.1673280547; _gat=1; _gat_UA-79293610-7=1; _ym_uid=1673280547838481802; _ym_d=1673280547; _hjSessionUser_1620307=eyJpZCI6Ijc4YTEyZDA4LTkwZTAtNTVkMC05OWVhLTI5NGU3NzFlZGY2MyIsImNyZWF0ZWQiOjE2NzMyODA1NDY5NjEsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_1620307=eyJpZCI6IjM0NGZhNmIxLTgwZTQtNDIxOC04NGMyLTRlNWJkMzk5NDhmOCIsImNyZWF0ZWQiOjE2NzMyODA1NDcwNzcsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0; _ym_isad=2; _ym_visorc=b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:20 GMT
content-type: image/svg+xml
content-security-policy: block-all-mixed-content
etag: W/"86b49088f75bbaa574ff8790b86ae66a"
last-modified: Tue, 03 Jan 2023 14:49:20 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1736D3FAB307289F
x-cache: HIT
x-cache-lookup: HIT
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1672409591#0/gid:0/gname:root/mode:33188/mtime:1672409591#0/uid:0/uname:root
expires: Thu, 06 Jan 2033 16:09:20 GMT
cache-control: public, max-age=315360000
x-envoy-upstream-service-time: 1
x-frame-options: DENY
cf-cache-status: HIT
age: 517837
server: cloudflare
cf-ray: 786e6fcebaa6b51d-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vvegas-today.com/static/template/54/img/favicon_vvegas.ico
203.23.104.94200 OK 0 B URL HTTP/2 vvegas-today.com/static/template/54/img/favicon_vvegas.ico
IP 203.23.104.94:0
ASN #209242 Cloudflare London, LLC
GET /static/template/54/img/favicon_vvegas.ico HTTP/1.1
Host: vvegas-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vvegas-today.com/?s=54&ref=vp_w47329c118609l4425gnop252_17855&encoded_url=cmVnaXN0ZXI=&click_id=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6
Cookie: visit3b90a2078e080971b99d6c82a43939d4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:16 GMT
content-type: image/x-icon
last-modified: Wed, 14 Dec 2022 12:12:51 GMT
etag: W/"6399bdc3-47e"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 786e6fb40e66b512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
vvegas-today.com/js/redirector.js?1671019971
203.23.104.94200 OK 0 B URL HTTP/2 vvegas-today.com/js/redirector.js?1671019971
IP 203.23.104.94:0
ASN #209242 Cloudflare London, LLC
GET /js/redirector.js?1671019971 HTTP/1.1
Host: vvegas-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vvegas-today.com/?s=54&ref=vp_w47329c118609l4425gnop252_17855&encoded_url=cmVnaXN0ZXI=&click_id=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6
Cookie: visit3b90a2078e080971b99d6c82a43939d4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:15 GMT
content-type: application/javascript
last-modified: Wed, 14 Dec 2022 12:12:51 GMT
etag: W/"6399bdc3-cba"
cache-control: public, no-cache
content-encoding: gzip
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 786e6faedddeb512-OSL
X-Firefox-Spdy: h2
vegac-24.org/static/125028/assets/js/chunks/595.956168c8bcb5f6973060.js
203.34.80.53200 OK 0 B URL HTTP/2 vegac-24.org/static/125028/assets/js/chunks/595.956168c8bcb5f6973060.js
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
GET /static/125028/assets/js/chunks/595.956168c8bcb5f6973060.js HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:19 GMT
content-type: application/javascript
content-security-policy: block-all-mixed-content
etag: W/"62c428b9c8ba063e84bcfa185d675eee"
last-modified: Tue, 03 Jan 2023 14:41:52 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1736D38F128137DB
x-cache: HIT
x-cache-lookup: HIT
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1672409591#0/gid:0/gname:root/mode:33188/mtime:1672409591#0/uid:0/uname:root
expires: Thu, 06 Jan 2033 16:09:19 GMT
cache-control: public, max-age=315360000
x-envoy-upstream-service-time: 0
x-frame-options: DENY
cf-cache-status: HIT
age: 517837
server: cloudflare
cf-ray: 786e6fc8dacdb51d-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widget.yhelper.net/iframe/src/assets/icons/chat/24//119f4539.history.svg
203.30.189.107200 OK 0 B URL HTTP/2 widget.yhelper.net/iframe/src/assets/icons/chat/24//119f4539.history.svg
IP 203.30.189.107:0
ASN #209242 Cloudflare London, LLC
GET /iframe/src/assets/icons/chat/24//119f4539.history.svg HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.yhelper.net/iframe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:20 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Monday, 09-Jan-2023 16:09:20 UTC
cache-control: no-store, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 786e6fce6c3bb4f9-OSL
X-Firefox-Spdy: h2
widget.yhelper.net/iframe/src/assets/icons/chat/24//3595c686.chat.svg
203.30.189.107200 OK 0 B URL HTTP/2 widget.yhelper.net/iframe/src/assets/icons/chat/24//3595c686.chat.svg
IP 203.30.189.107:0
ASN #209242 Cloudflare London, LLC
GET /iframe/src/assets/icons/chat/24//3595c686.chat.svg HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.yhelper.net/iframe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:20 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Monday, 09-Jan-2023 16:09:20 UTC
cache-control: no-store, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 786e6fce6c37b4f9-OSL
X-Firefox-Spdy: h2
happywithvegas.com/l/62728fd833fc2d03ec3ab3e3?click_id=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&sub_id=17855
188.114.96.1302 Found 0 B URL HTTP/2 happywithvegas.com/l/62728fd833fc2d03ec3ab3e3?click_id=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&sub_id=17855
IP 188.114.96.1:0
GET /l/62728fd833fc2d03ec3ab3e3?click_id=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&sub_id=17855 HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 09 Jan 2023 16:09:14 GMT
content-type: text/html; charset=UTF-8
location: https://vvegas-today.com/?s=54&ref=vp_w47329c118609l4425gnop252_17855&encoded_url=cmVnaXN0ZXI=&click_id=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FC%2Frm2uVgKJ96JGNE3Gfey91WnQ9jRARPsJWkFINAwKPz6saTDlavDFQJTtvWbPagwmLzOhUtDRkWtMBWC3Boauwv87h25fN5OJzUTIObgunjCFSndA1FP44EkG%2F2sukl%2BVoCi4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 786e6faaee81b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vegac-24.org/static/125028/assets/img/frontend/social-networks/twitter.svg
203.34.80.53200 OK 0 B URL HTTP/2 vegac-24.org/static/125028/assets/img/frontend/social-networks/twitter.svg
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
GET /static/125028/assets/img/frontend/social-networks/twitter.svg HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1; _ga=GA1.2.1187791361.1673280547; _gid=GA1.2.150171126.1673280547; _gat=1; _gat_UA-79293610-7=1; _ym_uid=1673280547838481802; _ym_d=1673280547; _hjSessionUser_1620307=eyJpZCI6Ijc4YTEyZDA4LTkwZTAtNTVkMC05OWVhLTI5NGU3NzFlZGY2MyIsImNyZWF0ZWQiOjE2NzMyODA1NDY5NjEsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_1620307=eyJpZCI6IjM0NGZhNmIxLTgwZTQtNDIxOC04NGMyLTRlNWJkMzk5NDhmOCIsImNyZWF0ZWQiOjE2NzMyODA1NDcwNzcsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0; _ym_isad=2; _ym_visorc=b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:20 GMT
content-type: image/svg+xml
content-security-policy: block-all-mixed-content
etag: W/"6443f6e48d52e50c4e5ab23977573200"
last-modified: Tue, 03 Jan 2023 14:43:13 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1736D3DCAF25251E
x-cache: HIT
x-cache-lookup: HIT
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1672409591#0/gid:0/gname:root/mode:33188/mtime:1672409591#0/uid:0/uname:root
expires: Thu, 06 Jan 2033 16:09:20 GMT
cache-control: public, max-age=315360000
x-envoy-upstream-service-time: 0
x-frame-options: DENY
cf-cache-status: HIT
age: 517837
server: cloudflare
cf-ray: 786e6fcecaadb51d-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vegac-24.org/static/125028/assets/img/frontend/social-networks/tiktok.svg
203.34.80.53200 OK 0 B URL HTTP/2 vegac-24.org/static/125028/assets/img/frontend/social-networks/tiktok.svg
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
GET /static/125028/assets/img/frontend/social-networks/tiktok.svg HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1; _ga=GA1.2.1187791361.1673280547; _gid=GA1.2.150171126.1673280547; _gat=1; _gat_UA-79293610-7=1; _ym_uid=1673280547838481802; _ym_d=1673280547; _hjSessionUser_1620307=eyJpZCI6Ijc4YTEyZDA4LTkwZTAtNTVkMC05OWVhLTI5NGU3NzFlZGY2MyIsImNyZWF0ZWQiOjE2NzMyODA1NDY5NjEsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_1620307=eyJpZCI6IjM0NGZhNmIxLTgwZTQtNDIxOC04NGMyLTRlNWJkMzk5NDhmOCIsImNyZWF0ZWQiOjE2NzMyODA1NDcwNzcsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0; _ym_isad=2; _ym_visorc=b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:20 GMT
content-type: image/svg+xml
content-security-policy: block-all-mixed-content
etag: W/"c6e108a061869cb1dade7b318758fa74"
last-modified: Tue, 03 Jan 2023 14:42:26 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1736D3B3EA405D7C
x-cache: HIT
x-cache-lookup: HIT
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1672409591#0/gid:0/gname:root/mode:33188/mtime:1672409591#0/uid:0/uname:root
expires: Thu, 06 Jan 2033 16:09:20 GMT
cache-control: public, max-age=315360000
x-envoy-upstream-service-time: 0
x-frame-options: DENY
cf-cache-status: HIT
age: 287670
server: cloudflare
cf-ray: 786e6fcecab0b51d-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sat.plagubkril.net/ie/e?m=NTBjZmI2Y2M0ZmRkZGQ5MWNlNWZiOGI0NzgwOTg4MGMgPSBDYW52YXMgZWxlbWVudCBkb2Vzbid0IGhhdmUgYW55IG9mIHRoaXMgY29udGV4dCAtIHdlYmdsMixleHBlcmltZW50YWwtd2ViZ2wyLCB3ZWJnbCwgZXhwZXJpbWVudGFsLXdlYmdsLCBtb3otd2ViZ2wuIFdlYkdsIHN1cHBvcnQgaXMgZGlzYWJsZWQ%3D&h=aHR0cHM6Ly92dmVnYXMtdG9kYXkuY29tLz9zPTU0JnJlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmVuY29kZWRfdXJsPWNtVm5hWE4wWlhJPSZjbGlja19pZD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2&ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA%3D
203.17.126.124200 OK 0 B URL HTTP/2 sat.plagubkril.net/ie/e?m=NTBjZmI2Y2M0ZmRkZGQ5MWNlNWZiOGI0NzgwOTg4MGMgPSBDYW52YXMgZWxlbWVudCBkb2Vzbid0IGhhdmUgYW55IG9mIHRoaXMgY29udGV4dCAtIHdlYmdsMixleHBlcmltZW50YWwtd2ViZ2wyLCB3ZWJnbCwgZXhwZXJpbWVudGFsLXdlYmdsLCBtb3otd2ViZ2wuIFdlYkdsIHN1cHBvcnQgaXMgZGlzYWJsZWQ%3D&h=aHR0cHM6Ly92dmVnYXMtdG9kYXkuY29tLz9zPTU0JnJlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmVuY29kZWRfdXJsPWNtVm5hWE4wWlhJPSZjbGlja19pZD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2&ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA%3D
IP 203.17.126.124:0
ASN #209242 Cloudflare London, LLC
GET /ie/e?m=NTBjZmI2Y2M0ZmRkZGQ5MWNlNWZiOGI0NzgwOTg4MGMgPSBDYW52YXMgZWxlbWVudCBkb2Vzbid0IGhhdmUgYW55IG9mIHRoaXMgY29udGV4dCAtIHdlYmdsMixleHBlcmltZW50YWwtd2ViZ2wyLCB3ZWJnbCwgZXhwZXJpbWVudGFsLXdlYmdsLCBtb3otd2ViZ2wuIFdlYkdsIHN1cHBvcnQgaXMgZGlzYWJsZWQ%3D&h=aHR0cHM6Ly92dmVnYXMtdG9kYXkuY29tLz9zPTU0JnJlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmVuY29kZWRfdXJsPWNtVm5hWE4wWlhJPSZjbGlja19pZD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2&ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA%3D HTTP/1.1
Host: sat.plagubkril.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vvegas-today.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:15 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786e6fb1a983b515-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700|Open+Sans:400,600,700&subset=cyrillic
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700|Open+Sans:400,600,700&subset=cyrillic
IP 142.250.74.106:0
GET /css?family=Open+Sans+Condensed:300,700|Open+Sans:400,600,700&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 09 Jan 2023 16:09:18 GMT
date: Mon, 09 Jan 2023 16:09:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vegac-24.org/static/125028/assets/img/frontend/sprites/mono.svg
203.34.80.53200 OK 0 B URL HTTP/2 vegac-24.org/static/125028/assets/img/frontend/sprites/mono.svg
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
GET /static/125028/assets/img/frontend/sprites/mono.svg HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1; _ga=GA1.2.1187791361.1673280547; _gid=GA1.2.150171126.1673280547; _gat=1; _gat_UA-79293610-7=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:19 GMT
content-type: image/svg+xml
content-security-policy: block-all-mixed-content
etag: W/"a2d3da28bca94a06fc5e24e82f8009cf"
last-modified: Tue, 03 Jan 2023 14:43:03 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1736D39D562D16FA
x-cache: HIT
x-cache-lookup: HIT
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1672409591#0/gid:0/gname:root/mode:33188/mtime:1672409591#0/uid:0/uname:root
expires: Thu, 06 Jan 2033 16:09:19 GMT
cache-control: public, max-age=315360000
x-envoy-upstream-service-time: 0
x-frame-options: DENY
cf-cache-status: HIT
age: 517837
server: cloudflare
cf-ray: 786e6fca8d19b51d-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widget.yhelper.net/iframe/main.c0362751.js?0b038f4a0b097f15ae53
203.30.189.107200 OK 0 B URL HTTP/2 widget.yhelper.net/iframe/main.c0362751.js?0b038f4a0b097f15ae53
IP 203.30.189.107:0
ASN #209242 Cloudflare London, LLC
GET /iframe/main.c0362751.js?0b038f4a0b097f15ae53 HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.yhelper.net/iframe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Monday, 09-Jan-2023 16:09:19 UTC
cache-control: no-store, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 786e6fc95ccbb4f9-OSL
X-Firefox-Spdy: h2
vegac-24.org/static/125028/assets/img/frontend/social-networks/facebook.svg
203.34.80.53200 OK 0 B URL HTTP/2 vegac-24.org/static/125028/assets/img/frontend/social-networks/facebook.svg
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
GET /static/125028/assets/img/frontend/social-networks/facebook.svg HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1; _ga=GA1.2.1187791361.1673280547; _gid=GA1.2.150171126.1673280547; _gat=1; _gat_UA-79293610-7=1; _ym_uid=1673280547838481802; _ym_d=1673280547; _hjSessionUser_1620307=eyJpZCI6Ijc4YTEyZDA4LTkwZTAtNTVkMC05OWVhLTI5NGU3NzFlZGY2MyIsImNyZWF0ZWQiOjE2NzMyODA1NDY5NjEsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_1620307=eyJpZCI6IjM0NGZhNmIxLTgwZTQtNDIxOC04NGMyLTRlNWJkMzk5NDhmOCIsImNyZWF0ZWQiOjE2NzMyODA1NDcwNzcsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0; _ym_isad=2; _ym_visorc=b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:20 GMT
content-type: image/svg+xml
content-security-policy: block-all-mixed-content
etag: W/"6fa18fedec395d9f8a81599f4f3bcad7"
last-modified: Tue, 03 Jan 2023 14:42:33 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1736D39E0205D230
x-cache: HIT
x-cache-lookup: HIT
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1672409591#0/gid:0/gname:root/mode:33188/mtime:1672409591#0/uid:0/uname:root
expires: Thu, 06 Jan 2033 16:09:20 GMT
cache-control: public, max-age=315360000
x-envoy-upstream-service-time: 0
x-frame-options: DENY
cf-cache-status: HIT
age: 517837
server: cloudflare
cf-ray: 786e6fcecaaeb51d-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vegac-24.org/static/125028/assets/js/chunks/23.a28cd798fcef7036c0cc.js
203.34.80.53200 OK 0 B URL HTTP/2 vegac-24.org/static/125028/assets/js/chunks/23.a28cd798fcef7036c0cc.js
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
GET /static/125028/assets/js/chunks/23.a28cd798fcef7036c0cc.js HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:19 GMT
content-type: application/javascript
content-security-policy: block-all-mixed-content
etag: W/"9fb97c91a3987be13fee269a3299d427"
last-modified: Tue, 03 Jan 2023 14:42:28 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1736D39E8B333987
x-cache: HIT
x-cache-lookup: HIT
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1672409591#0/gid:0/gname:root/mode:33188/mtime:1672409591#0/uid:0/uname:root
expires: Thu, 06 Jan 2033 16:09:19 GMT
cache-control: public, max-age=315360000
x-envoy-upstream-service-time: 0
x-frame-options: DENY
cf-cache-status: HIT
age: 517837
server: cloudflare
cf-ray: 786e6fc8baa0b51d-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vegac-24.org/static/125028/assets/js/chunks/215.ec538eb316c751cb50d7.js
203.34.80.53200 OK 0 B URL HTTP/2 vegac-24.org/static/125028/assets/js/chunks/215.ec538eb316c751cb50d7.js
IP 203.34.80.53:0
ASN #209242 Cloudflare London, LLC
GET /static/125028/assets/js/chunks/215.ec538eb316c751cb50d7.js HTTP/1.1
Host: vegac-24.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vegac-24.org/en/register?ref=vp_w47329c118609l4425gnop252_17855&affdata%5Bsubdata%5D=50cfb6cc4fdddd91ce5fb8b47809880c&affdata%5Bclick_id%5D=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=118609&affdata%5Blanding%5D=4425&affdata%5Bsub_id%5D=17855
Cookie: uuid=cee6782e-f865-4c5f-b1d8-f712dce2c288; refCode=vp_w47329c118609l4425gnop252_17855; affdata=subdata%3D50cfb6cc4fdddd91ce5fb8b47809880c%26click_id%3D8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6%26geo%3Dno%26rotator%3D118609%26landing%3D4425%26sub_id%3D17855; landingId=4425; first_entrypoint=L2VuL3JlZ2lzdGVyP3JlZj12cF93NDczMjljMTE4NjA5bDQ0MjVnbm9wMjUyXzE3ODU1JmFmZmRhdGElNUJzdWJkYXRhJTVEPTUwY2ZiNmNjNGZkZGRkOTFjZTVmYjhiNDc4MDk4ODBjJmFmZmRhdGElNUJjbGlja19pZCU1RD04YWJiNWZiYzBmMTNmZDg5YjkxODc4YmI1NGVlNzg3M2RkOWEwZDc5N2FlMjZlMTk5MzA1YWRhNzMwMmFlMGM2JmFmZmRhdGElNUJnZW8lNUQ9bm8mYWZmZGF0YSU1QnJvdGF0b3IlNUQ9MTE4NjA5JmFmZmRhdGElNUJsYW5kaW5nJTVEPTQ0MjUmYWZmZGF0YSU1QnN1Yl9pZCU1RD0xNzg1NQ%3D%3D; _ym_debug=1; PageNumber=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:19 GMT
content-type: application/javascript
content-security-policy: block-all-mixed-content
etag: W/"d1722c1bff6c4a851765da88312067e0"
last-modified: Tue, 03 Jan 2023 14:47:40 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1736D3E09C376644
x-cache: HIT
x-cache-lookup: HIT
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1672409591#0/gid:0/gname:root/mode:33188/mtime:1672409591#0/uid:0/uname:root
expires: Thu, 06 Jan 2033 16:09:19 GMT
cache-control: public, max-age=315360000
x-envoy-upstream-service-time: 0
x-frame-options: DENY
cf-cache-status: HIT
age: 517837
server: cloudflare
cf-ray: 786e6fc8dac8b51d-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widget.yhelper.net/iframe/src/assets/icons/chat/24//1e6304ab.article.svg
203.30.189.107200 OK 0 B URL HTTP/2 widget.yhelper.net/iframe/src/assets/icons/chat/24//1e6304ab.article.svg
IP 203.30.189.107:0
ASN #209242 Cloudflare London, LLC
GET /iframe/src/assets/icons/chat/24//1e6304ab.article.svg HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.yhelper.net/iframe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:21 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Monday, 09-Jan-2023 16:09:21 UTC
cache-control: no-store, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 786e6fd16912b4f9-OSL
X-Firefox-Spdy: h2
vvegas-today.com/?s=54&ref=vp_w47329c118609l4425gnop252_17855&encoded_url=cmVnaXN0ZXI=&click_id=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6
203.23.104.94200 OK 0 B URL HTTP/2 vvegas-today.com/?s=54&ref=vp_w47329c118609l4425gnop252_17855&encoded_url=cmVnaXN0ZXI=&click_id=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6
IP 203.23.104.94:0
ASN #209242 Cloudflare London, LLC
GET /?s=54&ref=vp_w47329c118609l4425gnop252_17855&encoded_url=cmVnaXN0ZXI=&click_id=8abb5fbc0f13fd89b91878bb54ee7873dd9a0d797ae26e199305ada7302ae0c6 HTTP/1.1
Host: vvegas-today.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: visit3b90a2078e080971b99d6c82a43939d4=1; expires=Wed, 08-Feb-2023 16:09:15 GMT; Max-Age=2592000
content-encoding: gzip
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786e6fad4b7db512-OSL
X-Firefox-Spdy: h2
sat.plagubkril.net/ie/js/50cfb6cc4fdddd91ce5fb8b47809880c
203.17.126.124200 OK 0 B URL HTTP/2 sat.plagubkril.net/ie/js/50cfb6cc4fdddd91ce5fb8b47809880c
IP 203.17.126.124:0
ASN #209242 Cloudflare London, LLC
POST /ie/js/50cfb6cc4fdddd91ce5fb8b47809880c HTTP/1.1
Host: sat.plagubkril.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 4156
Origin: https://vvegas-today.com
Connection: keep-alive
Referer: https://vvegas-today.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:17 GMT
content-type: application/json
cache-control: no-cache, private
access-control-allow-origin: https://vvegas-today.com
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786e6fbb784fb515-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
sat.plagubkril.net/gnt908wk0bl6xyll5bj94zafs74gwo53/script.min.js?sub_1=vp_w47329c118609l4425gnop252_17855&visitorId=63bc3c2bdff9916624593a9a
203.17.126.124200 OK 0 B URL HTTP/2 sat.plagubkril.net/gnt908wk0bl6xyll5bj94zafs74gwo53/script.min.js?sub_1=vp_w47329c118609l4425gnop252_17855&visitorId=63bc3c2bdff9916624593a9a
IP 203.17.126.124:0
ASN #209242 Cloudflare London, LLC
GET /gnt908wk0bl6xyll5bj94zafs74gwo53/script.min.js?sub_1=vp_w47329c118609l4425gnop252_17855&visitorId=63bc3c2bdff9916624593a9a HTTP/1.1
Host: sat.plagubkril.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vvegas-today.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 16:09:15 GMT
content-type: application/javascript
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
last-modified: Mon, 09 Jan 2023 16:09:15 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 786e6faf4d81b515-OSL
content-encoding: gzip
X-Firefox-Spdy: h2