r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4653
Expires: Fri, 03 Feb 2023 22:20:25 GMT
Date: Fri, 03 Feb 2023 21:02:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6796
Expires: Fri, 03 Feb 2023 22:56:08 GMT
Date: Fri, 03 Feb 2023 21:02:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 20:36:11 GMT
content-type: application/json
age: 1601
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7826
Expires: Fri, 03 Feb 2023 23:13:18 GMT
Date: Fri, 03 Feb 2023 21:02:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: a07KIXB4ppMswrEUKgUGOyHXH6AeLxGw+zjGAAEjDyrZTlD2JBQD9MjBndMuAdReWDNkpe2cFu8=
x-amz-request-id: Z5HDCY82MZPTTJC2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 20:52:33 GMT
age: 619
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 21:02:52 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.programas.ml/programas/camtasia-studio/
185.199.111.153301 Moved Permanently 162 B URL HTTP/1.1 www.programas.ml/programas/camtasia-studio/
IP 185.199.111.153:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /programas/camtasia-studio/ HTTP/1.1
Host: www.programas.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Server: GitHub.com
Content-Type: text/html
Location: https://www.programas.ml/programas/camtasia-studio/
X-GitHub-Request-Id: DCD0:0190:54B425:57255A:63DD767C
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 21:02:52 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1639-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1675458172.463569,VS0,VE113
Vary: Accept-Encoding
X-Fastly-Request-ID: d7a312071f467e28dcc071f75627249fffb79773
www.programas.ml/programas/camtasia-studio/
185.199.110.153200 OK 2.8 kB URL HTTP/2 www.programas.ml/programas/camtasia-studio/
IP 185.199.110.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (839)
Hash 20911150508a20225cb21f0bd9cdf526
c0d39ddf594c005726e3e93438e8fb2438a39534
3e33c7c25b6e20936e26b8b9a191b4437a29e45c425441118bba94a56831530a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /programas/camtasia-studio/ HTTP/1.1
Host: www.programas.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
last-modified: Mon, 30 Jan 2023 14:29:13 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"63d7d439-28c9"
expires: Fri, 03 Feb 2023 21:12:52 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 9F7A:0190:54B437:572572:63DD767C
accept-ranges: bytes
date: Fri, 03 Feb 2023 21:02:52 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675458173.640214,VS0,VE112
vary: Accept-Encoding
x-fastly-request-id: f564aeb4bcf937b5b1da2fb544a5011b15fa0d38
content-length: 2772
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-CX5LSP1M8X
142.250.74.168200 OK 82 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-CX5LSP1M8X
IP 142.250.74.168:0
File type ASCII text, with very long lines (29647)
Hash 565e981c30ada44c6abd6f3d9bf7b20b
ccd08e08e1f519276d75d2f4dbc52332f3f6b79d
6b3fdfbede13db06a338261771e6107ae07d09d4c35bada3b9cd8d5de5569f41
GET /gtag/js?id=G-CX5LSP1M8X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 21:02:52 GMT
expires: Fri, 03 Feb 2023 21:02:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81638
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.programas.ml/helpers/index.js
185.199.110.153200 OK 654 B URL HTTP/2 www.programas.ml/helpers/index.js
IP 185.199.110.153:0
Hash ba38aa6c1b7c25d8b89b11816122417d
225f84b03583304972cefca57a757f4e34504e6d
db7dd50ec6e40d6c505a0f576da0b604080b063daf3f00ec51884bac2109fe75
GET /helpers/index.js HTTP/1.1
Host: www.programas.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/programas/camtasia-studio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 14:29:13 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"63d7d439-887"
expires: Fri, 03 Feb 2023 21:12:52 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 14DA:B8EF:925AFB:97DDD7:63DD767C
accept-ranges: bytes
date: Fri, 03 Feb 2023 21:02:52 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675458173.851929,VS0,VE117
vary: Accept-Encoding
x-fastly-request-id: 72d13c187b4134d1c88fefad2ba23394d7e8cc56
content-length: 654
X-Firefox-Spdy: h2
www.programas.ml/assets/d020a4a9.e966f99d.css
185.199.110.153200 OK 571 B URL HTTP/2 www.programas.ml/assets/d020a4a9.e966f99d.css
IP 185.199.110.153:0
File type ASCII text, with very long lines (1534)
Hash fd70c9fa5a78e7b9d5bb2380e81e1ed1
baae2645cd4dc12fa6809b3aaada4b59639ce760
8edd2fafb434ce959222e375ef5d6fc4cb0da514c1f409664d7599cb8198de2d
GET /assets/d020a4a9.e966f99d.css HTTP/1.1
Host: www.programas.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/programas/camtasia-studio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 14:29:13 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"63d7d439-5ff"
expires: Fri, 03 Feb 2023 21:12:52 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 4B3C:12A56:17B0672:1896E7F:63DD767C
accept-ranges: bytes
date: Fri, 03 Feb 2023 21:02:52 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675458173.848448,VS0,VE122
vary: Accept-Encoding
x-fastly-request-id: 37dafb87f1511152d6439d43561e39c12d75bd25
content-length: 571
X-Firefox-Spdy: h2
www.programas.ml/assets/1af5ef51.0f7ade99.css
185.199.110.153200 OK 2.4 kB URL HTTP/2 www.programas.ml/assets/1af5ef51.0f7ade99.css
IP 185.199.110.153:0
File type ASCII text, with very long lines (8043)
Hash c7721c21460e2f83995cb8313e08b94f
b43460ddbb3aa96f103a961a9632edda1fe86083
a746988d8f6f6a481678af0b522dd69ec9f56dc4070b274f05c6fda1cd2a751d
GET /assets/1af5ef51.0f7ade99.css HTTP/1.1
Host: www.programas.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/programas/camtasia-studio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 14:29:13 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"63d7d439-1f6c"
expires: Fri, 03 Feb 2023 21:12:52 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: FF30:9B28:213DE38:22883F2:63DD767C
accept-ranges: bytes
date: Fri, 03 Feb 2023 21:02:52 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675458173.850665,VS0,VE122
vary: Accept-Encoding
x-fastly-request-id: c4e1999dc622994616ce74c99a0a0a08b02ab181
content-length: 2352
X-Firefox-Spdy: h2
www.programas.ml/camtasia.png
185.199.110.153200 OK 3.1 kB URL HTTP/2 www.programas.ml/camtasia.png
IP 185.199.110.153:0
File type PNG image data, 82 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash 86f6b5147eee8b48510e29dc8ef71f40
4108228b5cddfc722575c775ccc4a4a0f7c54d90
92bba891a13d45338dac9b4c28f5af981fbbf287ac62cf9c0644121e02252f16
GET /camtasia.png HTTP/1.1
Host: www.programas.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/programas/camtasia-studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
last-modified: Mon, 30 Jan 2023 14:29:13 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "63d7d439-c02"
expires: Fri, 03 Feb 2023 21:12:52 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 445C:E236:17EC4C4:18DA5E7:63DD767C
accept-ranges: bytes
date: Fri, 03 Feb 2023 21:02:52 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675458173.851332,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: 10331448e4bc4338ab56b6cbe0ea1b98bbaa4828
content-length: 3074
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 20:07:19 GMT
age: 3333
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19682
Expires: Sat, 04 Feb 2023 02:30:55 GMT
Date: Fri, 03 Feb 2023 21:02:53 GMT
Connection: keep-alive
push.services.mozilla.com/
52.88.101.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.101.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SUL8zJkj1tiyndLu0zrcOA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9/yJxp6Ecr4860O2dKgcl61tVMo=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fa7906d37515ba9fbac4db3472299866
7090e9ebf7ee43e274fa00377332897409089a8a
7830400b9a2d253544d343d8e61dcb57b03d0fb6249774881fd483852d370f79
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7830400B9A2D253544D343D8E61DCB57B03D0FB6249774881FD483852D370F79"
Last-Modified: Wed, 01 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 04 Feb 2023 03:02:53 GMT
Date: Fri, 03 Feb 2023 21:02:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fa7906d37515ba9fbac4db3472299866
7090e9ebf7ee43e274fa00377332897409089a8a
7830400b9a2d253544d343d8e61dcb57b03d0fb6249774881fd483852d370f79
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7830400B9A2D253544D343D8E61DCB57B03D0FB6249774881FD483852D370F79"
Last-Modified: Wed, 01 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21558
Expires: Sat, 04 Feb 2023 03:02:11 GMT
Date: Fri, 03 Feb 2023 21:02:53 GMT
Connection: keep-alive
resetselected.com/78be06637190a55fcc5f3a7a2c47a8ca/invoke.js
192.243.59.20200 OK 9.3 kB URL HTTP/1.1 resetselected.com/78be06637190a55fcc5f3a7a2c47a8ca/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25072), with no line terminators
Hash 958927a13a8831341fccd14d1de7a200
bff392cdb62d0f43f893946ef14242b6be54bc5d
378d28f2658fb44be7d0d8219694ea858c1751d427d466714988dd32cdcf4444
GET /78be06637190a55fcc5f3a7a2c47a8ca/invoke.js HTTP/1.1
Host: resetselected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:02:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 099fe04e598a0b1f3fed361f898d759d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
resetselected.com/8d/ed/ff/8dedff145384ba4cd43eb782545e4261.js
192.243.59.20200 OK 21 kB URL HTTP/1.1 resetselected.com/8d/ed/ff/8dedff145384ba4cd43eb782545e4261.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60158), with no line terminators
Hash 34aceb4a1d389220386de80e72e9676c
574c48a24b1ddb8d6e31868e38d9cd6826be3b36
8294a96faae19acd6096a06964eed1913409567ef06cb8a11aeddd1eeff26f19
GET /8d/ed/ff/8dedff145384ba4cd43eb782545e4261.js HTTP/1.1
Host: resetselected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:02:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c4ede06ccda0d39ada56de4e8d71bee5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resetselected.com/b88c7049cbeacb718daece78133e1d5a/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 resetselected.com/b88c7049cbeacb718daece78133e1d5a/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 9f4dfc94cceae7aaa438453734879d62
14df41414781f55b80291c584ad2af2b3723cfbc
39dfa39e04cc14535332ff736ff57f5505f516c88a16923f64d373a026fe919f
GET /b88c7049cbeacb718daece78133e1d5a/invoke.js HTTP/1.1
Host: resetselected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:02:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ce1fc4b3b2327bb6031223769903e7d2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.programas.ml/logo.svg
185.199.110.153200 OK 355 B URL HTTP/2 www.programas.ml/logo.svg
IP 185.199.110.153:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 2e21a2b0de334b3ae5b5fe37d57ef174
af341239e51d55dcbc43a28752b48f02b189086e
c968df6a2386cbe64b00b157c1ea5359c824c8be999d37c0912cf33b19edb2e9
GET /logo.svg HTTP/1.1
Host: www.programas.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/programas/camtasia-studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/svg+xml
last-modified: Mon, 30 Jan 2023 14:29:13 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"63d7d439-398"
expires: Fri, 03 Feb 2023 21:12:54 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: A676:AF51:5C340D:5F0236:63DD767E
accept-ranges: bytes
date: Fri, 03 Feb 2023 21:02:54 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675458174.084291,VS0,VE112
vary: Accept-Encoding
x-fastly-request-id: bf7f8415b5c02c2e69c055faab84e7b240878e70
content-length: 355
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 51587a23f66c8249b593bdd3bc316c26
a44589aa9cf9e0a703e280f130f13783a4dce154
9d3982efed953d409b9ff9e88be9f517be1f563d0569bc8f39ca9c75be104477
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 21:02:54 GMT
Last-Modified: Fri, 03 Feb 2023 20:34:26 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qXt_o8XIVgW8nOQ2unMPXu3u2xhXTJbeV9PUQI2yCpd5bN5Jm4oG6w==
Age: 1709
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 47f07f491a4806ebe2f1dfd807b185be
6f3edc10ba0b08c6ea12606414deb1519adcd729
f131503150bdb3e3236d4553f294ceea00e3f2e521151eccefcd41449723ffa3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.programas.ml
access-control-allow-credentials: true
set-cookie: uid_id2=3c9d0770-6c34-41e3-8a58-46cf7fd6892a:3:1; expires=Mon, 31 Jan 2033 21:02:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 505e2936ca04b68d4090dca4543e028a
9c30c01d5a00a95ffa05178fda32a49344a385f5
69de804354d56ed2cffaa79c2253613e9eede784d154bd11c5de44e5d7545ce5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.programas.ml
access-control-allow-credentials: true
set-cookie: uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; expires=Mon, 31 Jan 2033 21:02:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.youtube.com/s/player/97ea7458/www-player.css
142.250.74.78200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/97ea7458/www-player.css
IP 142.250.74.78:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 06da032848dee0d02f299eb5d9d0b47b
9328ede00a7daa3c3af4e9a745b2f288a89985e1
1b4032e39d4869ac4d51be6750760b10108ce5d47c357fec81c66dbc90578601
GET /s/player/97ea7458/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/iIDu66S7yuc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 15:52:28 GMT
expires: Thu, 01 Feb 2024 15:52:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
content-type: text/css
age: 191426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js
142.250.74.78200 OK 110 kB URL HTTP/2 www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (679)
Size 110 kB (110070 bytes)
Hash ebe79d652346a39f78ba70ecfb911269
b996db460e2862473018d11947ac7711bc8ca537
445ae1b45376bf82466aa698c16011ea0781d16f3e25653713d935a9bc39fda9
GET /s/player/97ea7458/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/iIDu66S7yuc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 110070
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 15:52:28 GMT
expires: Thu, 01 Feb 2024 15:52:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
content-type: text/javascript
age: 191426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/97ea7458/player_ias.vflset/en_US/base.js
142.250.74.78200 OK 613 kB URL HTTP/2 www.youtube.com/s/player/97ea7458/player_ias.vflset/en_US/base.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (517)
Size 613 kB (612749 bytes)
Hash 83c1c7c77b3e875a13d9caa902b9faa3
3da245b3aa77682c47e0fc016a536bbd827189ad
254753ab92f0e04763ce89d741819cf20ce5281f10ee7ace7444ac8b4d07e98c
GET /s/player/97ea7458/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/iIDu66S7yuc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 612749
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 16:02:00 GMT
expires: Thu, 01 Feb 2024 16:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
content-type: text/javascript
age: 190854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resetselected.com/e9d4da860a11a6d4eb87b77d035aa4f5/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 resetselected.com/e9d4da860a11a6d4eb87b77d035aa4f5/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Hash a1b248c94f3af9b063d775c3eec3bc52
b471fa5cac3a23bc64be8bc08688dfefb9903566
e2bcc7b68e64ba17bfd8b820f8b1607ffee009b7316f25bc5f9a6ad57def4a0c
GET /e9d4da860a11a6d4eb87b77d035aa4f5/invoke.js HTTP/1.1
Host: resetselected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:02:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 718cfc0874d95e7986f2bf10e899758d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 83691
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 16:40:43 GMT
expires: Fri, 02 Feb 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 102131
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47d3156a01937914d3788651a5a1df4e
9f757e95fa9ba9ea3949d29f2617040b3088464a
95796fa7ec26c1f9f6f4d1503b0034405e323786758ae835de2ae53f6e378ec5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95796FA7EC26C1F9F6F4D1503B0034405E323786758AE835DE2AE53F6E378EC5"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13610
Expires: Sat, 04 Feb 2023 00:49:44 GMT
Date: Fri, 03 Feb 2023 21:02:54 GMT
Connection: keep-alive
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 505e2936ca04b68d4090dca4543e028a
9c30c01d5a00a95ffa05178fda32a49344a385f5
69de804354d56ed2cffaa79c2253613e9eede784d154bd11c5de44e5d7545ce5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Connection: keep-alive
Referer: https://www.programas.ml/
Cookie: uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.programas.ml
access-control-allow-credentials: true
X-Firefox-Spdy: h2
resetselected.com/0cf6abbba1b265275998a9b9a6d5fbbe/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 resetselected.com/0cf6abbba1b265275998a9b9a6d5fbbe/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash fbf37c28ac43aa7c9edeab354c41002c
c4ae0d52cb4b3888f87d4370f49dfcca91a08894
499e4c6fa89c65218060f07d0f2102782c45874d2c04c022099c8af0e7869f7b
GET /0cf6abbba1b265275998a9b9a6d5fbbe/invoke.js HTTP/1.1
Host: resetselected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:02:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 08abfbf2d329a9d0e69f3bf5d18dc36f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
inflectedminimalbits.com/pixel/purst?dl=0&th=0&sc=0&rs=1930&rd=1930&fd=1223&bv=22.10.v.9&tmpl=70
192.243.61.227200 OK 0 B URL HTTP/1.1 inflectedminimalbits.com/pixel/purst?dl=0&th=0&sc=0&rs=1930&rd=1930&fd=1223&bv=22.10.v.9&tmpl=70
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1930&rd=1930&fd=1223&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6002
Expires: Fri, 03 Feb 2023 22:42:56 GMT
Date: Fri, 03 Feb 2023 21:02:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6002
Expires: Fri, 03 Feb 2023 22:42:56 GMT
Date: Fri, 03 Feb 2023 21:02:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6002
Expires: Fri, 03 Feb 2023 22:42:56 GMT
Date: Fri, 03 Feb 2023 21:02:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6002
Expires: Fri, 03 Feb 2023 22:42:56 GMT
Date: Fri, 03 Feb 2023 21:02:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e706db8a6107758a148463e916f2532d
4b0b8cb5ced3e3e67b0320a3bbaecd2176e21b81
673f18036a53f8ff297ef6a63fd094e7c41d90f3960f0e687a741cc7dd3f6172
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6791
x-amzn-requestid: 665115ea-728e-4a55-aaf8-b09db3fa67a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffl96FIzIAMFYGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61d25-0abbd7262ca10b7a7d2bf9eb;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:15:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nPgaBSGyLJQnN0ofVRFniW2LqzgKVWchSKYSjYCmuPtpL9Ner81ARQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:14:03 GMT
age: 82131
etag: "4b0b8cb5ced3e3e67b0320a3bbaecd2176e21b81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:49 GMT
age: 83105
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cf80667db0c35c9c6139eca4ba5d12fd
4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590
d63e69f4b6ea16333d242bf33d4f02a4a6c96a739ca018d86afc5741d85b774d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 20c6f462-0f1f-44d1-9b6b-6afbc4e79e8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpYpcELtIAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da07d5-44cd803c0feba28919b0a9ec;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 06:33:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T3PhGRcHX1X2hn8K_4587fXBrEyuY5Em-b9Jg41uH4uyQXeFoRBIYg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:56 GMT
age: 83758
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/embed/iIDu66S7yuc
142.250.74.78200 OK 38 kB URL HTTP/2 www.youtube.com/embed/iIDu66S7yuc
IP 142.250.74.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 4af16c3c79468e3f81aaf3c47186218b
edd5f650b096e4dd6970a9ca0a05ab53e14deb4b
b18271631bf869d0f31112150e70a11633a7de5d90a6cb2cebad27a51e36a1b1
GET /embed/iIDu66S7yuc HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 03 Feb 2023 21:02:54 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=g9L57OuzGIk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=4mJD-sI5epU; Domain=.youtube.com; Expires=Wed, 02-Aug-2023 21:02:54 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TmpBek9EQTJNell4TWpZME5URTFNdz09EP7s9Z4GGP7s9Z4G; Domain=.youtube.com; Expires=Wed, 02-Aug-2023 21:02:54 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+799; expires=Sun, 02-Feb-2025 21:02:54 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 83693
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
resetselected.com/446673efab97431f17198bd97c94fe29/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 resetselected.com/446673efab97431f17198bd97c94fe29/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 8d34308964e23f3032d41b2c7360f184
6aa35f2832a5b754f1dc2f040354330b2ad5f9e9
02cc2f12f778d7c2a4c1f368cddbcaf053bb31c51fbf1c96619e585e2b057967
GET /446673efab97431f17198bd97c94fe29/invoke.js HTTP/1.1
Host: resetselected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:02:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b4c398de596c3278cc9e137796fe05e4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fb4ecd839f7ed51e9ba9cac23c7a68e
562d72cdf0d15d346e67cb2b38957f215ef67728
5823262a8ee1332d649246f890c2e4065c27d963dec4aa6afa24cbbd50ef6746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5823262A8EE1332D649246F890C2E4065C27D963DEC4AA6AFA24CBBD50EF6746"
Last-Modified: Thu, 02 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6238
Expires: Fri, 03 Feb 2023 22:46:52 GMT
Date: Fri, 03 Feb 2023 21:02:54 GMT
Connection: keep-alive
resetselected.com/b88c7049cbeacb718daece78133e1d5a/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 resetselected.com/b88c7049cbeacb718daece78133e1d5a/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26967), with no line terminators
Hash ff7c01c83b66eb9885761e92d1130afa
d312fac7184a1e0796fafa736d98ec010f6b1e1b
5db3f40e4f2508d7f1963a2df07a46df4f051931ca40f905632c4456dd3d6ee9
GET /b88c7049cbeacb718daece78133e1d5a/invoke.js HTTP/1.1
Host: resetselected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:02:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3bc000934cfc391af6c8db6d27dddf31
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a08deb23a1a3fc9750743c73ef28869f
059679628116d2e54f0d6e2da629a1b0ce745d01
89b7d731d17a2aadea74386b5ca8ddc92e0e38ba0a8f3e0159a6a8648f2f3306
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89B7D731D17A2AADEA74386B5CA8DDC92E0E38BA0A8F3E0159A6A8648F2F3306"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5969
Expires: Fri, 03 Feb 2023 22:42:23 GMT
Date: Fri, 03 Feb 2023 21:02:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fcfded24631a1b18f0c0f0ca0d37a32d
40a4731eb28232749631636c3ad4924248cfe059
aea7c9ebb4fbbd587bb77a4d1b40674f72a1e573778272ab025186599ea60c2a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEA7C9EBB4FBBD587BB77A4D1B40674F72A1E573778272AB025186599EA60C2A"
Last-Modified: Thu, 02 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5554
Expires: Fri, 03 Feb 2023 22:35:29 GMT
Date: Fri, 03 Feb 2023 21:02:55 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 20:58:12 GMT
expires: Fri, 03 Feb 2023 21:13:12 GMT
cache-control: public, max-age=900
age: 283
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
172.217.21.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 03 Feb 2023 21:02:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
publishercounting.com/watch.113158351631.js?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 publishercounting.com/watch.113158351631.js?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.113158351631.js?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1 HTTP/1.1
Host: publishercounting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml
Access-Control-Allow-Origin: https://www.programas.ml
Access-Control-Allow-Credentials: true
Location: https://publishercounting.com/watch.113158351631.js?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=43a430a3395f92c2c01f49f13ac4aaa695cb094e361d2d3582298069cdba40f7191a2735fa7c0f74c102733cbd240e1ac82bedde35b85d24fcca284c3a2b11ba92a7ef8697796c6a29aa845ce6d946c3cd6b959a767f1fa119e2f08a465416ce8b5f48&pst=1675458235&rmtc=t
Set-Cookie: u_pl=17578757; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODc1NywiayI6ImI4OGM3MDQ5Y2JlYWNiNzE4ZGFlY2U3ODEzM2UxZDVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJoY2hpZ2ljdSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5wcm9ncmFtYXMubWwvcHJvZ3JhbWFzL2NhbXRhc2lhLXN0dWRpby8ifX0.cfyqv7qM8lRH-lNPv0eN2FjY76l8Ekjd9wk52rP0gkg; expires=Fri, 03 Feb 2023 21:03:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 00a01d94c6ae9f9e2ec8dc9b1844977e
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resetselected.com/e9d4da860a11a6d4eb87b77d035aa4f5/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 resetselected.com/e9d4da860a11a6d4eb87b77d035aa4f5/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash 4c402355ec1e6b1bad10175acc43ceba
0cace170ddf1e937bd140dd2e947d229b7eb3394
9b4009ea16ecee6ce8de113edbc4719d4bac977def237b4104273c89efa7f5c4
GET /e9d4da860a11a6d4eb87b77d035aa4f5/invoke.js HTTP/1.1
Host: resetselected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc14251956464cdc28ddbeee0e7a8713
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
choreinevitable.com/watch.667574846564.js?key=e9d4da860a11a6d4eb87b77d035aa4f5&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 choreinevitable.com/watch.667574846564.js?key=e9d4da860a11a6d4eb87b77d035aa4f5&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.667574846564.js?key=e9d4da860a11a6d4eb87b77d035aa4f5&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1 HTTP/1.1
Host: choreinevitable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml
Access-Control-Allow-Origin: https://www.programas.ml
Access-Control-Allow-Credentials: true
Location: https://choreinevitable.com/watch.667574846564.js?key=e9d4da860a11a6d4eb87b77d035aa4f5&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=559ca67239b4af4ef32204a368241322a82aff823d7850c04c1ed0984c98a7009694d628b111bc42e07e575c2d419bab53c6db904c6a1cfe034099b7d9395ebdb59cc754c033414296975b2d7f29a0096598cbf33136e34492c9bce185096d92&pst=1675458235&rmtc=t
Set-Cookie: u_pl=17578607; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODYwNywiayI6ImU5ZDRkYTg2MGExMWE2ZDRlYjg3Yjc3ZDAzNWFhNGY1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNiwicHQiOjQsInBrIjoicXByODJ6N2p3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnByb2dyYW1hcy5tbC9wcm9ncmFtYXMvY2FtdGFzaWEtc3R1ZGlvLyJ9fQ.aDXzPgg2fqJyP2ak6pyeyCPvPk9vg-Yj7-VX1bx3Fkk; expires=Fri, 03 Feb 2023 21:03:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a2d1950f0a8d01bf66e3a0fcec94c382
Strict-Transport-Security: max-age=0; includeSubdomains
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 03 Feb 2023 21:02:55 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5bbbaa995453c104dca5e95e1d48a765
82f8592c73abf637c46dfe8c22112df6da02d805
df4fe1aaa46d3e23f6b8ec9a5906cf015b264eab9ca3c00268daa0e40aa9ea01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF4FE1AAA46D3E23F6B8EC9A5906CF015B264EAB9CA3C00268DAA0E40AA9EA01"
Last-Modified: Fri, 03 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=397
Expires: Fri, 03 Feb 2023 21:09:32 GMT
Date: Fri, 03 Feb 2023 21:02:55 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf963d54bd13560b2590d8397b99e265
c1afab79363f559cd3b44d7e88a473638628cae6
f2ecaee084b969c4893660a0da3130da592303384d33c98a70e2ab617335c567
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2ECAEE084B969C4893660A0DA3130DA592303384D33C98A70E2AB617335C567"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1883
Expires: Fri, 03 Feb 2023 21:34:18 GMT
Date: Fri, 03 Feb 2023 21:02:55 GMT
Connection: keep-alive
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a9723e445672fd343dfa6ee7f30bf4fd
b7f00a053cedf4128abada3a0bbb32a9f138e15b
243009f0f170c1f166f3ad857dc552f11b14a37dd9f0f641fdffa7075978e1a6
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 03 Feb 2023 21:02:55 GMT
server: ESF
cache-control: private
content-length: 30889
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/js/th/l0utS0ZcMB5sywH6Z0mm0C8P1QvukKtyleinqbLPbjc.js
216.58.211.4200 OK 14 kB URL HTTP/2 www.google.com/js/th/l0utS0ZcMB5sywH6Z0mm0C8P1QvukKtyleinqbLPbjc.js
IP 216.58.211.4:0
File type ASCII text, with very long lines (36324)
Hash 24357f6b75145cdb14280b5fbe7e4ebb
62b822518245a287168198cadb7fce829716ec43
cf00a10c6320ca9d3a46ceaf0fdd074398d0b9d8f57d9618fcb4c55a54127df5
GET /js/th/l0utS0ZcMB5sywH6Z0mm0C8P1QvukKtyleinqbLPbjc.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 06:08:24 GMT
expires: Thu, 01 Feb 2024 06:08:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
content-type: text/javascript
age: 226471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e16924e677b1cf77abc2c90c36b01b58
7608b4371357596c60d3ff2aed7fa181a3e8fefc
485a64335baac7fd3bfcc0063493c27ab58a8fe46e0873fc64f619c19cd8c59b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
subscribestormyapprobation.com/watch.893752108684.js?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 subscribestormyapprobation.com/watch.893752108684.js?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.893752108684.js?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1 HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml
Access-Control-Allow-Origin: https://www.programas.ml
Access-Control-Allow-Credentials: true
Location: https://subscribestormyapprobation.com/watch.893752108684.js?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=328b6e403ca9339240630a153354cdee5aec8239b1b03a29b61e1e9179c4575b6527ab7b2c1a695de4d669fbd37f4e4a77f16dd134497498d2b148411e9d097573572f05c58a486c85a525aaac5d116c22fa13b98e6386f501cee6ffbbbb6e1488d5e8&pst=1675458235&rmtc=t
Set-Cookie: u_pl=17578766; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODc2NiwiayI6IjBjZjZhYmJiYTFiMjY1Mjc1OTk4YTliOWE2ZDVmYmJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNywicHQiOjQsInBrIjoibXp4Yno5NDQyIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnByb2dyYW1hcy5tbC9wcm9ncmFtYXMvY2FtdGFzaWEtc3R1ZGlvLyJ9fQ.RyCdbvPIHPzCKrlmXTvMY4Xa_qeXcqBIop1uIz9O6HE; expires=Fri, 03 Feb 2023 21:03:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 40c8afdb87773770de9ef1033e0b3a34
Strict-Transport-Security: max-age=0; includeSubdomains
i.ytimg.com/vi_webp/iIDu66S7yuc/sddefault.webp
142.250.74.22200 OK 19 kB URL HTTP/2 i.ytimg.com/vi_webp/iIDu66S7yuc/sddefault.webp
IP 142.250.74.22:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 447843ea7888041557d2d4ab8495d272
7755ecab41ea97a7d913d6338167badef3305c8f
01289a36d28103949effded6165e90ee8cf5e8cbc0020c8da92798fffe535269
GET /vi_webp/iIDu66S7yuc/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 19070
date: Fri, 03 Feb 2023 21:02:55 GMT
expires: Fri, 03 Feb 2023 23:02:55 GMT
cache-control: public, max-age=7200
etag: "1673219611"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
publishercounting.com/watch.113158351631.js?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=43a430a3395f92c2c01f49f13ac4aaa695cb094e361d2d3582298069cdba40f7191a2735fa7c0f74c102733cbd240e1ac82bedde35b85d24fcca284c3a2b11ba92a7ef8697796c6a29aa845ce6d946c3cd6b959a767f1fa119e2f08a465416ce8b5f48&pst=1675458235&rmtc=t
173.233.139.164200 OK 2.1 kB URL HTTP/1.1 publishercounting.com/watch.113158351631.js?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=43a430a3395f92c2c01f49f13ac4aaa695cb094e361d2d3582298069cdba40f7191a2735fa7c0f74c102733cbd240e1ac82bedde35b85d24fcca284c3a2b11ba92a7ef8697796c6a29aa845ce6d946c3cd6b959a767f1fa119e2f08a465416ce8b5f48&pst=1675458235&rmtc=t
IP 173.233.139.164:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2641)
Hash 1f00fbd19aaa21726291370bdc539c5f
144ee4060c6224fceb54ced7b85a187c6b411720
c0a89dd7e5761e5188417869fe8e5eed57983182d1d8a70a670724dca4c5eb0a
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.113158351631.js?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=43a430a3395f92c2c01f49f13ac4aaa695cb094e361d2d3582298069cdba40f7191a2735fa7c0f74c102733cbd240e1ac82bedde35b85d24fcca284c3a2b11ba92a7ef8697796c6a29aa845ce6d946c3cd6b959a767f1fa119e2f08a465416ce8b5f48&pst=1675458235&rmtc=t HTTP/1.1
Host: publishercounting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Referer: https://www.programas.ml/
Connection: keep-alive
Cookie: u_pl=17578757; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODc1NywiayI6ImI4OGM3MDQ5Y2JlYWNiNzE4ZGFlY2U3ODEzM2UxZDVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJoY2hpZ2ljdSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5wcm9ncmFtYXMubWwvcHJvZ3JhbWFzL2NhbXRhc2lhLXN0dWRpby8ifX0.cfyqv7qM8lRH-lNPv0eN2FjY76l8Ekjd9wk52rP0gkg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml
Access-Control-Allow-Origin: https://www.programas.ml
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; expires=Fri, 10 Feb 2023 21:02:55 GMT; secure; SameSite=None
iprc150bf1687e086c1261f47e16dcb5a60a=3569806; expires=Sat, 04 Feb 2023 01:02:55 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 846a38d65ec5cfea94f868a5fab1d007
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
choreinevitable.com/watch.667574846564.js?key=e9d4da860a11a6d4eb87b77d035aa4f5&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=559ca67239b4af4ef32204a368241322a82aff823d7850c04c1ed0984c98a7009694d628b111bc42e07e575c2d419bab53c6db904c6a1cfe034099b7d9395ebdb59cc754c033414296975b2d7f29a0096598cbf33136e34492c9bce185096d92&pst=1675458235&rmtc=t
173.233.137.44200 OK 2.1 kB URL HTTP/1.1 choreinevitable.com/watch.667574846564.js?key=e9d4da860a11a6d4eb87b77d035aa4f5&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=559ca67239b4af4ef32204a368241322a82aff823d7850c04c1ed0984c98a7009694d628b111bc42e07e575c2d419bab53c6db904c6a1cfe034099b7d9395ebdb59cc754c033414296975b2d7f29a0096598cbf33136e34492c9bce185096d92&pst=1675458235&rmtc=t
IP 173.233.137.44:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2635)
Hash b489924fe33a6c85e7594130449f8bcb
0dbeee61bff435dd2bd4d25eb92af253fed7a9f2
a86886d601a8046e395664e619511e5184c18a1729d9c57231f5b6db5a3e0d36
GET /watch.667574846564.js?key=e9d4da860a11a6d4eb87b77d035aa4f5&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=559ca67239b4af4ef32204a368241322a82aff823d7850c04c1ed0984c98a7009694d628b111bc42e07e575c2d419bab53c6db904c6a1cfe034099b7d9395ebdb59cc754c033414296975b2d7f29a0096598cbf33136e34492c9bce185096d92&pst=1675458235&rmtc=t HTTP/1.1
Host: choreinevitable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Referer: https://www.programas.ml/
Connection: keep-alive
Cookie: u_pl=17578607; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODYwNywiayI6ImU5ZDRkYTg2MGExMWE2ZDRlYjg3Yjc3ZDAzNWFhNGY1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNiwicHQiOjQsInBrIjoicXByODJ6N2p3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnByb2dyYW1hcy5tbC9wcm9ncmFtYXMvY2FtdGFzaWEtc3R1ZGlvLyJ9fQ.aDXzPgg2fqJyP2ak6pyeyCPvPk9vg-Yj7-VX1bx3Fkk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml
Access-Control-Allow-Origin: https://www.programas.ml
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; expires=Fri, 10 Feb 2023 21:02:55 GMT; secure; SameSite=None
iprcae9f3f6b1eba5c2d33444ff8bcdefce4=3569804; expires=Sat, 04 Feb 2023 01:02:55 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
pdhtkv26=true; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
uncs26=1; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3e137b5e2eba6c73585424c913f7a24e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
resetselected.com/0cf6abbba1b265275998a9b9a6d5fbbe/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 resetselected.com/0cf6abbba1b265275998a9b9a6d5fbbe/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash 4c402355ec1e6b1bad10175acc43ceba
0cace170ddf1e937bd140dd2e947d229b7eb3394
9b4009ea16ecee6ce8de113edbc4719d4bac977def237b4104273c89efa7f5c4
GET /0cf6abbba1b265275998a9b9a6d5fbbe/invoke.js HTTP/1.1
Host: resetselected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ad12e09fc80425302a703e1a5ed509a8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f32763d17ee930a84421656330650bd1
688473a7c570a6e84406eef1927df94bfccd1870
33f1a840a87b8ef5136065f9be370aa640573ab68d82e8a822d48bbd2eb837c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/1cP98Svk3gz7e3W-lbJlEOzTpBxgpWf1aboMbHC_ZNOWQA_CZa0dBlixEE8gcc7GQT1XM-tv=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.6 kB URL HTTP/2 yt3.ggpht.com/1cP98Svk3gz7e3W-lbJlEOzTpBxgpWf1aboMbHC_ZNOWQA_CZa0dBlixEE8gcc7GQT1XM-tv=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 88f24863a0eb5503b9dd4468e99be236
e57cbe5f3a9d887ad6a0a0045dc4d835c2d7db60
933a2ca18195f459e7eaaf593bb1d3e265e39e901ab562a77fa25c57c06d202a
GET /1cP98Svk3gz7e3W-lbJlEOzTpBxgpWf1aboMbHC_ZNOWQA_CZa0dBlixEE8gcc7GQT1XM-tv=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1609
x-xss-protection: 0
date: Fri, 03 Feb 2023 21:02:55 GMT
expires: Wed, 25 Jan 2023 19:43:02 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e16924e677b1cf77abc2c90c36b01b58
7608b4371357596c60d3ff2aed7fa181a3e8fefc
485a64335baac7fd3bfcc0063493c27ab58a8fe46e0873fc64f619c19cd8c59b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
subscribestormyapprobation.com/watch.893752108684.js?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=328b6e403ca9339240630a153354cdee5aec8239b1b03a29b61e1e9179c4575b6527ab7b2c1a695de4d669fbd37f4e4a77f16dd134497498d2b148411e9d097573572f05c58a486c85a525aaac5d116c22fa13b98e6386f501cee6ffbbbb6e1488d5e8&pst=1675458235&rmtc=t
173.233.137.36200 OK 634 B URL HTTP/1.1 subscribestormyapprobation.com/watch.893752108684.js?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=328b6e403ca9339240630a153354cdee5aec8239b1b03a29b61e1e9179c4575b6527ab7b2c1a695de4d669fbd37f4e4a77f16dd134497498d2b148411e9d097573572f05c58a486c85a525aaac5d116c22fa13b98e6386f501cee6ffbbbb6e1488d5e8&pst=1675458235&rmtc=t
IP 173.233.137.36:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (581)
Hash aff1973876adf6155e4a5a274f2f4317
9b45cd5cc78a60994633948ad96510d2c19bcec4
6fc4543f901e12a9d7d4fdf767fb50fb716ae700e3cd6784d498d07f45677cb3
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.893752108684.js?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=328b6e403ca9339240630a153354cdee5aec8239b1b03a29b61e1e9179c4575b6527ab7b2c1a695de4d669fbd37f4e4a77f16dd134497498d2b148411e9d097573572f05c58a486c85a525aaac5d116c22fa13b98e6386f501cee6ffbbbb6e1488d5e8&pst=1675458235&rmtc=t HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Referer: https://www.programas.ml/
Connection: keep-alive
Cookie: u_pl=17578766; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODc2NiwiayI6IjBjZjZhYmJiYTFiMjY1Mjc1OTk4YTliOWE2ZDVmYmJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNywicHQiOjQsInBrIjoibXp4Yno5NDQyIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnByb2dyYW1hcy5tbC9wcm9ncmFtYXMvY2FtdGFzaWEtc3R1ZGlvLyJ9fQ.RyCdbvPIHPzCKrlmXTvMY4Xa_qeXcqBIop1uIz9O6HE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml
Access-Control-Allow-Origin: https://www.programas.ml
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; expires=Fri, 10 Feb 2023 21:02:55 GMT; secure; SameSite=None
iprc23149bb4ff8a5669ad84180412d0b159=2717342; expires=Sat, 04 Feb 2023 23:02:55 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
uncs27=1; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 099c48f49eaf917ed27a9b5dcc1351ed
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
naveljutmistress.com/watch.1254299385717.js?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 naveljutmistress.com/watch.1254299385717.js?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1254299385717.js?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1 HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml
Access-Control-Allow-Origin: https://www.programas.ml
Access-Control-Allow-Credentials: true
Location: https://naveljutmistress.com/watch.1254299385717.js?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=afa44d9bceeed4c2496ccd40465dfd6e42001c03582ec1db11bfb25e14831338af5b0730d7499eab28504f9ce70eb13d65d1b8086620c975d4a1c98001b1844a6b9d3ca9cd1596b4566daaf4b9d7b7c3949952d1&pst=1675458235&rmtc=t
Set-Cookie: u_pl=17578673; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODY3MywiayI6IjQ0NjY3M2VmYWI5NzQzMWYxNzE5OGJkOTdjOTRmZTI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoiZ2dpYjNzaTRrYiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5wcm9ncmFtYXMubWwvcHJvZ3JhbWFzL2NhbXRhc2lhLXN0dWRpby8ifX0.kA5wESKCEVRHvJBsk2eqIbO6b60gw0U0CqN_yW5kv7Y; expires=Fri, 03 Feb 2023 21:03:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d5ab902cce91b89bdcc73ca96469124d
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f32763d17ee930a84421656330650bd1
688473a7c570a6e84406eef1927df94bfccd1870
33f1a840a87b8ef5136065f9be370aa640573ab68d82e8a822d48bbd2eb837c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c9c6d46af126f31f85e1d22625f3ee6
c654476f681c17300045e880059039afd5c686d0
d9aa3ed63443835a9844e1d874e12dad9c2f8ab945367b8b63a78dbf10861721
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9AA3ED63443835A9844E1D874E12DAD9C2F8AB945367B8B63A78DBF10861721"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2767
Expires: Fri, 03 Feb 2023 21:49:02 GMT
Date: Fri, 03 Feb 2023 21:02:55 GMT
Connection: keep-alive
naveljutmistress.com/watch.1254299385717.js?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=afa44d9bceeed4c2496ccd40465dfd6e42001c03582ec1db11bfb25e14831338af5b0730d7499eab28504f9ce70eb13d65d1b8086620c975d4a1c98001b1844a6b9d3ca9cd1596b4566daaf4b9d7b7c3949952d1&pst=1675458235&rmtc=t
192.243.61.225200 OK 2.0 kB URL HTTP/1.1 naveljutmistress.com/watch.1254299385717.js?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=afa44d9bceeed4c2496ccd40465dfd6e42001c03582ec1db11bfb25e14831338af5b0730d7499eab28504f9ce70eb13d65d1b8086620c975d4a1c98001b1844a6b9d3ca9cd1596b4566daaf4b9d7b7c3949952d1&pst=1675458235&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2534)
Hash ed5a02d96c76a46a0908f3dbae126968
75724d5213e28b1173ca983c5c48e61f1ce63394
53084515ea72411f308f0e3398ad0541768f5700938af9596aefe928d35edfce
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1254299385717.js?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=afa44d9bceeed4c2496ccd40465dfd6e42001c03582ec1db11bfb25e14831338af5b0730d7499eab28504f9ce70eb13d65d1b8086620c975d4a1c98001b1844a6b9d3ca9cd1596b4566daaf4b9d7b7c3949952d1&pst=1675458235&rmtc=t HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Referer: https://www.programas.ml/
Connection: keep-alive
Cookie: u_pl=17578673; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODY3MywiayI6IjQ0NjY3M2VmYWI5NzQzMWYxNzE5OGJkOTdjOTRmZTI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoiZ2dpYjNzaTRrYiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5wcm9ncmFtYXMubWwvcHJvZ3JhbWFzL2NhbXRhc2lhLXN0dWRpby8ifX0.kA5wESKCEVRHvJBsk2eqIbO6b60gw0U0CqN_yW5kv7Y
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml
Access-Control-Allow-Origin: https://www.programas.ml
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; expires=Fri, 10 Feb 2023 21:02:55 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
uncs32=1; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f187efa3971aa41aa923df1f3afabf15
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.74200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 03 Feb 2023 21:02:55 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resetselected.com/446673efab97431f17198bd97c94fe29/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 resetselected.com/446673efab97431f17198bd97c94fe29/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 9f4dfc94cceae7aaa438453734879d62
14df41414781f55b80291c584ad2af2b3723cfbc
39dfa39e04cc14535332ff736ff57f5505f516c88a16923f64d373a026fe919f
GET /446673efab97431f17198bd97c94fe29/invoke.js HTTP/1.1
Host: resetselected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eb0e196b4102b0924f215d297f82334b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.74200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2086bbbbe0d3974625f63d2fdb5f58b8
e48d3300991571b836f179eb557780a2a97b664e
f2d9930508f0393ea19f04338b0f23d9865ddaa19489d2d3cc6d7737ba900413
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 900
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 03 Feb 2023 21:02:55 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d13039d250f1d021a465372a2f8c3736
c7de12a63c56f71f77cbd227cbe54cb89e522421
b8f3b9bb597d54fba374ddb7f5efd71b2e7b40beeca0ca76f9877a091d997b38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8F3B9BB597D54FBA374DDB7F5EFD71B2E7B40BEECA0CA76F9877A091D997B38"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14744
Expires: Sat, 04 Feb 2023 01:08:39 GMT
Date: Fri, 03 Feb 2023 21:02:55 GMT
Connection: keep-alive
intimateexhibitedcontempt.com/watch.463305419044.js?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 intimateexhibitedcontempt.com/watch.463305419044.js?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.463305419044.js?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1 HTTP/1.1
Host: intimateexhibitedcontempt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml
Access-Control-Allow-Origin: https://www.programas.ml
Access-Control-Allow-Credentials: true
Location: https://intimateexhibitedcontempt.com/watch.463305419044.js?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=6d05fe6882182ad6b46c81090eda737c60ca1334537eed5f0549e10dcef713d9deba9e9d4a6b6a18540d6d89e48eac55a241429c00e43b83041f919fba8df4fcc1b1017b8fb8c0eec98230b830bcce0a3e1f6409cb072188deaa56925d&pst=1675458235&rmtc=t
Set-Cookie: u_pl=17578757; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODc1NywiayI6ImI4OGM3MDQ5Y2JlYWNiNzE4ZGFlY2U3ODEzM2UxZDVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJoY2hpZ2ljdSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5wcm9ncmFtYXMubWwvcHJvZ3JhbWFzL2NhbXRhc2lhLXN0dWRpby8ifX0.cfyqv7qM8lRH-lNPv0eN2FjY76l8Ekjd9wk52rP0gkg; expires=Fri, 03 Feb 2023 21:03:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4238524ac4f4eccff072282dc2ea47bd
Strict-Transport-Security: max-age=0; includeSubdomains
iceboxlitre.com/ntv.json?key=78be06637190a55fcc5f3a7a2c47a8ca&vstc=4&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D
173.233.139.164200 OK 18 kB URL HTTP/1.1 iceboxlitre.com/ntv.json?key=78be06637190a55fcc5f3a7a2c47a8ca&vstc=4&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D
IP 173.233.139.164:0
File type JSON data\012- , ASCII text, with very long lines (17485), with no line terminators
Hash 02226eab32a3a4139b314e84404437ae
d1f0b31677bea3a18b0e0ee19795a28ee4b534dc
781891a889c23983f08058c6c926ca380d02bcb618353eb12535593edf8b1a38
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=78be06637190a55fcc5f3a7a2c47a8ca&vstc=4&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D HTTP/1.1
Host: iceboxlitre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: application/json
Content-Length: 17485
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml
Access-Control-Allow-Origin: https://www.programas.ml
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17578661; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; expires=Fri, 10 Feb 2023 21:02:55 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
uncs49=1; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
nlec78be06637190a55fcc5f3a7a2c47a8ca=[2106764,2229215,3955576]; expires=Fri, 03 Feb 2023 21:03:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 91bac57d5cff9f600b0a133cf7de93f8
Strict-Transport-Security: max-age=0; includeSubdomains
publishercounting.com/watch.1298427759563.js?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 publishercounting.com/watch.1298427759563.js?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1298427759563.js?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1 HTTP/1.1
Host: publishercounting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Connection: keep-alive
Referer: https://www.programas.ml/
Cookie: u_pl=17578757; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODc1NywiayI6ImI4OGM3MDQ5Y2JlYWNiNzE4ZGFlY2U3ODEzM2UxZDVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJoY2hpZ2ljdSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5wcm9ncmFtYXMubWwvcHJvZ3JhbWFzL2NhbXRhc2lhLXN0dWRpby8ifX0.cfyqv7qM8lRH-lNPv0eN2FjY76l8Ekjd9wk52rP0gkg; uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; iprc150bf1687e086c1261f47e16dcb5a60a=3569806; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml
Access-Control-Allow-Origin: https://www.programas.ml
Access-Control-Allow-Credentials: true
Location: https://publishercounting.com/watch.1298427759563.js?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=de33f702b7be684df79d3f78dc7e9c137ccbe6ea775b8c871b46b5f078d85fddb44d216431525a0bbf989749a11f214a519fe132834019ac86f225bd038d8dbbdaa1f56e50a080bb93577654c35cdad25cad435426d1aa2cc77d328b7bedd17d21&pst=1675458235&rmtc=t
Set-Cookie: u_pl=17578757,17578673; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODY3MywiayI6IjQ0NjY3M2VmYWI5NzQzMWYxNzE5OGJkOTdjOTRmZTI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoiZ2dpYjNzaTRrYiIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5wcm9ncmFtYXMubWwvcHJvZ3JhbWFzL2NhbXRhc2lhLXN0dWRpby8ifX0.x85u2KSO0EzwQ40cpgNVihj-BQ0WeJTxf7-sN2mjBvA; expires=Fri, 03 Feb 2023 21:03:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ebfb7cc89f83de720bf7be2529f587fd
Strict-Transport-Security: max-age=0; includeSubdomains
resetselected.com/78be06637190a55fcc5f3a7a2c47a8ca/invoke.js
192.243.59.20200 OK 9.3 kB URL HTTP/1.1 resetselected.com/78be06637190a55fcc5f3a7a2c47a8ca/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25080), with no line terminators
Hash bf3b7f684ca30a527d3531185c84ef23
6eeaed2a1d705ba7d397c06302c80373cabd6648
4dc121e2d94184f76386e9213f831c1d456321cbb4693ed405bc3078ed64e453
GET /78be06637190a55fcc5f3a7a2c47a8ca/invoke.js HTTP/1.1
Host: resetselected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1295001be72ab0b6766201bbecf3b60b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 604c3cbda1f304eef93aa15329e8e7ac
d9f25abc81500d2740265d4a2b11fa7e2d251d1f
5b0938197333a46575fa5d665e649f70b3268e27d0f3cbcac04065cc70acf9c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B0938197333A46575FA5D665E649F70B3268E27D0F3CBCAC04065CC70ACF9C5"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16729
Expires: Sat, 04 Feb 2023 01:41:44 GMT
Date: Fri, 03 Feb 2023 21:02:55 GMT
Connection: keep-alive
helpedhandwritingintestine.com/watch.1500466624717.js?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
173.233.137.52307 Temporary Redirect 0 B URL HTTP/1.1 helpedhandwritingintestine.com/watch.1500466624717.js?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1500466624717.js?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1 HTTP/1.1
Host: helpedhandwritingintestine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml
Access-Control-Allow-Origin: https://www.programas.ml
Access-Control-Allow-Credentials: true
Location: https://helpedhandwritingintestine.com/watch.1500466624717.js?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&shu=96ed816c16a90abc13024a1d210a8b954fd3449277bbf9940e7d3c36f02080d6d1aa93e0e68f1c72e380dc2f8416069942d8a1a9363a1ebeb77cee2484e0ce8fc5e0d30a9b0edae65ee561cd822434d74e6d30c8be6f75dd57b471d24b4efdac62a2ba&pst=1675458235&rmtc=t
Set-Cookie: u_pl=17578766; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODc2NiwiayI6IjBjZjZhYmJiYTFiMjY1Mjc1OTk4YTliOWE2ZDVmYmJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNywicHQiOjQsInBrIjoibXp4Yno5NDQyIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnByb2dyYW1hcy5tbC9wcm9ncmFtYXMvY2FtdGFzaWEtc3R1ZGlvLyJ9fQ.RyCdbvPIHPzCKrlmXTvMY4Xa_qeXcqBIop1uIz9O6HE; expires=Fri, 03 Feb 2023 21:03:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b9a52a5010de35e6e392be0594898dc4
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
45.133.44.10200 OK 29 kB URL HTTP/2 cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 76f54f42b70d14a6d6bfe2f8b1945265
197daa3737be8968bf39ff28000663c1c17deeb2
c864fde3026e05a2cc34b4348fa4888d3ae44202179277877d082cadd9971abc
GET /cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:55 GMT
content-type: image/jpeg
content-length: 28852
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:18:59 GMT
etag: "61124483-70b4"
expires: Sun, 05 Feb 2023 21:02:55 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/14/d6/f0/14d6f0079ffda60cd9961f9c32e1cb1b/1674209884.png
45.133.44.10200 OK 108 kB URL HTTP/2 cdn.cloudimagesb.com/si/14/d6/f0/14d6f0079ffda60cd9961f9c32e1cb1b/1674209884.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 108 kB (108061 bytes)
Hash f25a89906f49b309b04a788657e63775
fafed8a699a3942ca5d277b5f329e1e2377d3747
05d3612dca9ad5a805bd967d52285f06a4e8f028a3e94f4cef6031b985b9796d
GET /si/14/d6/f0/14d6f0079ffda60cd9961f9c32e1cb1b/1674209884.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:55 GMT
content-type: image/png
content-length: 108061
server: nginx/1.17.6
last-modified: Fri, 20 Jan 2023 10:18:12 GMT
etag: "63ca6a64-1a61d"
expires: Sun, 05 Feb 2023 21:02:55 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg
45.133.44.10200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash c6f19781c79ff746b99178f813cfbff2
5c307e43c63001535aa3a3683777dbb1a7f0775b
816b5a5d078f27271fa2d7c210d708f386a6f9fbd9242531b07f0b051382870d
GET /cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:55 GMT
content-type: image/jpeg
content-length: 22883
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:15:16 GMT
etag: "611243a4-5963"
expires: Sun, 05 Feb 2023 21:02:55 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/06/17/a0/0617a061e6a71952b94e88ab57d30d21/1674471968.png
45.133.44.10200 OK 78 kB URL HTTP/2 cdn.cloudimagesb.com/si/06/17/a0/0617a061e6a71952b94e88ab57d30d21/1674471968.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 489907c95d7afef0cc236fad317a1112
6ba0470a7e9fdf90fcc481e31f8866ea7d4fb063
2030387c9affa0ca884585bb770bb8577acbde75c63ee9005c318b676a769142
GET /si/06/17/a0/0617a061e6a71952b94e88ab57d30d21/1674471968.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:55 GMT
content-type: image/png
content-length: 78315
server: nginx/1.17.6
last-modified: Mon, 23 Jan 2023 11:06:17 GMT
etag: "63ce6a29-131eb"
expires: Sun, 05 Feb 2023 21:02:55 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/66/77/35/667735f0500e98a68bc73487c35b40bb/1652452916.jpg
45.133.44.10200 OK 10 kB URL HTTP/2 cdn.cloudimagesb.com/bi/66/77/35/667735f0500e98a68bc73487c35b40bb/1652452916.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 320x50, components 3\012- data
Hash ac14c547c1f732a4b37a4b5ecab88a6d
b9d8d1a072c9714c2436e0b3a22ffca180242d60
77d8ebdf1b1d60ef7ae2371181c141d43b920599b95fedd8a6d76e1211c298da
GET /bi/66/77/35/667735f0500e98a68bc73487c35b40bb/1652452916.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:55 GMT
content-type: image/jpeg
content-length: 10278
server: nginx/1.17.6
last-modified: Fri, 13 May 2022 14:42:04 GMT
etag: "627e6e3c-2826"
expires: Sun, 05 Feb 2023 21:02:55 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
helpedhandwritingintestine.com/watch.1145463718645?key=e9d4da860a11a6d4eb87b77d035aa4f5&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
173.233.137.52200 OK 1.2 kB URL HTTP/1.1 helpedhandwritingintestine.com/watch.1145463718645?key=e9d4da860a11a6d4eb87b77d035aa4f5&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (494)
Hash 46a0e721a085b8076b498acfc757c151
127c5e9010b4d300ea32a3ccf4c06cd7e82c3fb8
5f3fedd08e859b7835109e4461c15a5d0c52fff98a9e636143f5e1eedec7a4ae
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1145463718645?key=e9d4da860a11a6d4eb87b77d035aa4f5&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1 HTTP/1.1
Host: helpedhandwritingintestine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Cookie: u_pl=17578766; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODc2NiwiayI6IjBjZjZhYmJiYTFiMjY1Mjc1OTk4YTliOWE2ZDVmYmJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNywicHQiOjQsInBrIjoibXp4Yno5NDQyIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnByb2dyYW1hcy5tbC9wcm9ncmFtYXMvY2FtdGFzaWEtc3R1ZGlvLyJ9fQ.RyCdbvPIHPzCKrlmXTvMY4Xa_qeXcqBIop1uIz9O6HE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17578766,17578607; expires=Sat, 04 Feb 2023 21:02:55 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODYwNywiayI6ImU5ZDRkYTg2MGExMWE2ZDRlYjg3Yjc3ZDAzNWFhNGY1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNiwicHQiOjQsInBrIjoicXByODJ6N2p3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnByb2dyYW1hcy5tbC9wcm9ncmFtYXMvY2FtdGFzaWEtc3R1ZGlvLyJ9fQ.aDXzPgg2fqJyP2ak6pyeyCPvPk9vg-Yj7-VX1bx3Fkk; expires=Fri, 03 Feb 2023 21:03:55 GMT; secure; SameSite=None
uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; expires=Fri, 10 Feb 2023 21:02:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cefd4056284049ea1e4aba9b67c7d5ba
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b7a276cc2dd7702e41c8cb504052743
ad22cf4130abcc28cc5375d53f869d6660290d28
4c30703e963824fe0e0e3adcac647939a81fb68586cf1e816ab408c5abbc661c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C30703E963824FE0E0E3ADCAC647939A81FB68586CF1E816AB408C5ABBC661C"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16425
Expires: Sat, 04 Feb 2023 01:36:41 GMT
Date: Fri, 03 Feb 2023 21:02:56 GMT
Connection: keep-alive
helpedhandwritingintestine.com/watch.1500466624717?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
173.233.137.52200 OK 1.2 kB URL HTTP/1.1 helpedhandwritingintestine.com/watch.1500466624717?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (494)
Hash 440b010fe88470bfac4890d6ae0332f5
46447b868de75f18ca5304899700dbe99875e5bc
e8ec6b89b0cfe06e9d244edfa56aaaa576dafe426ad1a6fed2d9a78e6fbd0214
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1500466624717?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1 HTTP/1.1
Host: helpedhandwritingintestine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Cookie: u_pl=17578766; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODc2NiwiayI6IjBjZjZhYmJiYTFiMjY1Mjc1OTk4YTliOWE2ZDVmYmJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNywicHQiOjQsInBrIjoibXp4Yno5NDQyIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnByb2dyYW1hcy5tbC9wcm9ncmFtYXMvY2FtdGFzaWEtc3R1ZGlvLyJ9fQ.RyCdbvPIHPzCKrlmXTvMY4Xa_qeXcqBIop1uIz9O6HE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODc2NiwiayI6IjBjZjZhYmJiYTFiMjY1Mjc1OTk4YTliOWE2ZDVmYmJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNywicHQiOjQsInBrIjoibXp4Yno5NDQyIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5wcm9ncmFtYXMubWwvcHJvZ3JhbWFzL2NhbXRhc2lhLXN0dWRpby8ifX0.vJMBCx8Yeas-zhYIsda5HO0QLU5_-HxSmiTCyGtV6CQ; expires=Fri, 03 Feb 2023 21:03:55 GMT; secure; SameSite=None
uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; expires=Fri, 10 Feb 2023 21:02:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb2f525e15ce1934b1eec4ebb911b56b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16382f274c17c25978a5f3e291ef984b
1856f18164fbd4e355bc334d7b356249a8dcdbe3
f3e69b4a9c485b22ad35edda40c653b5b40f4477354e6c4554eb8ba60511547e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3E69B4A9C485B22AD35EDDA40C653B5B40F4477354E6C4554EB8BA60511547E"
Last-Modified: Thu, 02 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3624
Expires: Fri, 03 Feb 2023 22:03:20 GMT
Date: Fri, 03 Feb 2023 21:02:56 GMT
Connection: keep-alive
publishercounting.com/watch.1298427759563?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
173.233.139.164200 OK 1.2 kB URL HTTP/1.1 publishercounting.com/watch.1298427759563?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (494)
Hash d7a4959da853ca915a5faec4d51bf854
8c35a33a21d69ed1fc4ec61525836291af5a50f9
bcf2d0afe0894296ee855d807bf3d513b10884b3f0e48b5ff42a841fc09256ef
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1298427759563?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1 HTTP/1.1
Host: publishercounting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Cookie: u_pl=17578757,17578673; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODY3MywiayI6IjQ0NjY3M2VmYWI5NzQzMWYxNzE5OGJkOTdjOTRmZTI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoiZ2dpYjNzaTRrYiIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5wcm9ncmFtYXMubWwvcHJvZ3JhbWFzL2NhbXRhc2lhLXN0dWRpby8ifX0.x85u2KSO0EzwQ40cpgNVihj-BQ0WeJTxf7-sN2mjBvA; uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; iprc150bf1687e086c1261f47e16dcb5a60a=3569806; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODY3MywiayI6IjQ0NjY3M2VmYWI5NzQzMWYxNzE5OGJkOTdjOTRmZTI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoiZ2dpYjNzaTRrYiIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly93d3cucHJvZ3JhbWFzLm1sL3Byb2dyYW1hcy9jYW10YXNpYS1zdHVkaW8vIn19.7Un6AkPzZ2EQgQzJuNZ9h3Im4JtciLhT5BkRLXa926A; expires=Fri, 03 Feb 2023 21:03:56 GMT; secure; SameSite=None
uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; expires=Fri, 10 Feb 2023 21:02:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 68b6386db49f6646fe240e27db9946e1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
helpedhandwritingintestine.com/watch.1145463718645?shu=0620373835a9fa3c1e16a07d6b2bc99bba0088c6531cebf6d85201712d78140fc3b99cad710677d2042421a343f1c267f42be116d987c3e8c2497a6167e45803cce49dc9ccac7c679a8867b697d55c21466306a2870ff97015409494939b8d1d&pst=1675458235&rmtc=t&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&pii=&in=false&key=e9d4da860a11a6d4eb87b77d035aa4f5&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D
173.233.137.52200 OK 1.8 kB URL HTTP/1.1 helpedhandwritingintestine.com/watch.1145463718645?shu=0620373835a9fa3c1e16a07d6b2bc99bba0088c6531cebf6d85201712d78140fc3b99cad710677d2042421a343f1c267f42be116d987c3e8c2497a6167e45803cce49dc9ccac7c679a8867b697d55c21466306a2870ff97015409494939b8d1d&pst=1675458235&rmtc=t&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&pii=&in=false&key=e9d4da860a11a6d4eb87b77d035aa4f5&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2528)
Hash e426bd5101bdc397441ed85574e3d19c
5851a3e03b0e1f8635cc26ad09291c4bb2641512
26510a4c59987c1101adcbf8c3fb0a944d944a7cc83ff7c29214e0ab51681083
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1145463718645?shu=0620373835a9fa3c1e16a07d6b2bc99bba0088c6531cebf6d85201712d78140fc3b99cad710677d2042421a343f1c267f42be116d987c3e8c2497a6167e45803cce49dc9ccac7c679a8867b697d55c21466306a2870ff97015409494939b8d1d&pst=1675458235&rmtc=t&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&pii=&in=false&key=e9d4da860a11a6d4eb87b77d035aa4f5&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D HTTP/1.1
Host: helpedhandwritingintestine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helpedhandwritingintestine.com/watch.1145463718645?key=e9d4da860a11a6d4eb87b77d035aa4f5&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
Cookie: u_pl=17578766,17578607; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODYwNywiayI6ImU5ZDRkYTg2MGExMWE2ZDRlYjg3Yjc3ZDAzNWFhNGY1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNiwicHQiOjQsInBrIjoicXByODJ6N2p3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnByb2dyYW1hcy5tbC9wcm9ncmFtYXMvY2FtdGFzaWEtc3R1ZGlvLyJ9fQ.aDXzPgg2fqJyP2ak6pyeyCPvPk9vg-Yj7-VX1bx3Fkk; uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml/programas/camtasia-studio/
Access-Control-Allow-Origin: https://www.programas.ml/programas/camtasia-studio/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; expires=Fri, 10 Feb 2023 21:02:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
pdhtkv26=true; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
uncs26=1; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0a4aff0bc9b13b4121859281afbb36f0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
helpedhandwritingintestine.com/watch.1500466624717?shu=30d54ce7606848165edcb2369035179328774eaa94f7d8dd8078b00b2984a2e14322fd752326fad6138f1f06fc19f698b23855ebe725843372a8c9bed1aac0aaf955e0a50ddc3159f89bc869a125d88b8f98a5973e3e330038475d9dcc98a01798cc03&pst=1675458235&rmtc=t&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&pii=&in=false&key=0cf6abbba1b265275998a9b9a6d5fbbe&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&res=12.1055&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&tz=0&dev=e
173.233.137.52200 OK 1.8 kB URL HTTP/1.1 helpedhandwritingintestine.com/watch.1500466624717?shu=30d54ce7606848165edcb2369035179328774eaa94f7d8dd8078b00b2984a2e14322fd752326fad6138f1f06fc19f698b23855ebe725843372a8c9bed1aac0aaf955e0a50ddc3159f89bc869a125d88b8f98a5973e3e330038475d9dcc98a01798cc03&pst=1675458235&rmtc=t&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&pii=&in=false&key=0cf6abbba1b265275998a9b9a6d5fbbe&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&res=12.1055&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&tz=0&dev=e
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2526)
Hash d9ca0de8fb169696b0f1e6f52b73a665
072c5682485062d531ab21a1e63238ec3f41e5ff
4658b083dabdb4112cace6830773e76f3c3b2f0817df36e8aa81c63a5eefc03a
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1500466624717?shu=30d54ce7606848165edcb2369035179328774eaa94f7d8dd8078b00b2984a2e14322fd752326fad6138f1f06fc19f698b23855ebe725843372a8c9bed1aac0aaf955e0a50ddc3159f89bc869a125d88b8f98a5973e3e330038475d9dcc98a01798cc03&pst=1675458235&rmtc=t&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&pii=&in=false&key=0cf6abbba1b265275998a9b9a6d5fbbe&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&res=12.1055&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&tz=0&dev=e HTTP/1.1
Host: helpedhandwritingintestine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helpedhandwritingintestine.com/watch.1500466624717?key=0cf6abbba1b265275998a9b9a6d5fbbe&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
Cookie: u_pl=17578766,17578607; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODc2NiwiayI6IjBjZjZhYmJiYTFiMjY1Mjc1OTk4YTliOWE2ZDVmYmJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNywicHQiOjQsInBrIjoibXp4Yno5NDQyIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5wcm9ncmFtYXMubWwvcHJvZ3JhbWFzL2NhbXRhc2lhLXN0dWRpby8ifX0.vJMBCx8Yeas-zhYIsda5HO0QLU5_-HxSmiTCyGtV6CQ; uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml/programas/camtasia-studio/
Access-Control-Allow-Origin: https://www.programas.ml/programas/camtasia-studio/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; expires=Fri, 10 Feb 2023 21:02:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
uncs27=1; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 672b78d902e2bd64df8e85bbfe5fd1c7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
intimateexhibitedcontempt.com/watch.463305419044?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
192.243.59.20200 OK 1.2 kB URL HTTP/1.1 intimateexhibitedcontempt.com/watch.463305419044?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (494)
Hash 0a12e814beee9c6c5fbe819057fad36d
e850dd99ea6d5c6f024e6832ecfcc0d4842fd14b
aae3675a04d48c30da4ac00255e618d5cd48def7049632eba1d57cfa9cecb7f5
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.463305419044?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1 HTTP/1.1
Host: intimateexhibitedcontempt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Cookie: u_pl=17578757; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODc1NywiayI6ImI4OGM3MDQ5Y2JlYWNiNzE4ZGFlY2U3ODEzM2UxZDVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJoY2hpZ2ljdSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5wcm9ncmFtYXMubWwvcHJvZ3JhbWFzL2NhbXRhc2lhLXN0dWRpby8ifX0.cfyqv7qM8lRH-lNPv0eN2FjY76l8Ekjd9wk52rP0gkg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:02:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODc1NywiayI6ImI4OGM3MDQ5Y2JlYWNiNzE4ZGFlY2U3ODEzM2UxZDVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJoY2hpZ2ljdSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly93d3cucHJvZ3JhbWFzLm1sL3Byb2dyYW1hcy9jYW10YXNpYS1zdHVkaW8vIn19._gsMkw5k9HxsBTU5f5vHALrbOckccRbUoOwDNp5uVKc; expires=Fri, 03 Feb 2023 21:03:56 GMT; secure; SameSite=None
uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; expires=Fri, 10 Feb 2023 21:02:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f8bb5b097e4af9e73a3ab84926602df6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/63/55/d3/6355d36e41fa1e1a6c85b2c35fee02a1/1664274735.gif
45.133.44.10200 OK 446 kB URL HTTP/2 cdn.cloudimagesb.com/bi/63/55/d3/6355d36e41fa1e1a6c85b2c35fee02a1/1664274735.gif
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 160 x 300\012- data
Size 446 kB (446030 bytes)
Hash a994e632acb255bfe6a21ba4c4a94fbc
151e035df75aa12fcdb2925ea466288b7430bc22
7740ebe5e515ffbf2660ed724a0add302edeaccd5e99903443bb87deb1820338
GET /bi/63/55/d3/6355d36e41fa1e1a6c85b2c35fee02a1/1664274735.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helpedhandwritingintestine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:56 GMT
content-type: image/gif
content-length: 446030
server: nginx/1.17.6
last-modified: Tue, 27 Sep 2022 10:32:24 GMT
etag: "6332d138-6ce4e"
expires: Sun, 05 Feb 2023 21:02:56 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/06/f5/01/06f501bc80fddf133e0b53ea2ba7a46a/1671117426.jpg
45.133.44.10200 OK 30 kB URL HTTP/2 cdn.cloudimagesb.com/bi/06/f5/01/06f501bc80fddf133e0b53ea2ba7a46a/1671117426.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2022:12:01 13:00:06], baseline, precision 8, 468x60, components 3\012- data
Hash 69767baa4e6a159c840dbeba610902d9
193e2bb077e4c3c25b743d3ae98f35f5eb3a90bb
28c5c0501c498112b1b96176f99c2595891e35be13017897d43cd8a010a515a4
GET /bi/06/f5/01/06f501bc80fddf133e0b53ea2ba7a46a/1671117426.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helpedhandwritingintestine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:56 GMT
content-type: image/jpeg
content-length: 30397
server: nginx/1.17.6
last-modified: Thu, 15 Dec 2022 15:17:14 GMT
etag: "639b3a7a-76bd"
expires: Sun, 05 Feb 2023 21:02:56 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17578766
192.243.59.12200 OK 1.3 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17578766
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 5438b4cba6e8dede482f489000a638c4
49d5ffb93c5e8568f80ca9056d50ee03a3ece990
83583537de1184c13cc96da85d10e5f39e257955732f54dc5d8be729776739ba
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17578766 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 21:02:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Sat, 04 Feb 2023 21:02:56 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc1Nzg3NjYiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucHJvZ3JhbWFzLm1sLyJ9fQ.ojFlNEIy14mjqxha-yhLxb15kyGMbb6zHj6a8eONGS8; expires=Fri, 03 Feb 2023 21:03:56 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7fbcdcbd104de2df62ebe7cd5c829d52
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e476e1df8a079aee827243f893145391
9a0b5e3483577ba24b6b7df6126f7509332fa9d5
e37ded31c0ac49becf83cc34cb0ed7c43a7425524271c4ee8dc79dede94cf1c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E37DED31C0AC49BECF83CC34CB0ED7C43A7425524271C4EE8DC79DEDE94CF1C4"
Last-Modified: Fri, 03 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18336
Expires: Sat, 04 Feb 2023 02:08:32 GMT
Date: Fri, 03 Feb 2023 21:02:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e476e1df8a079aee827243f893145391
9a0b5e3483577ba24b6b7df6126f7509332fa9d5
e37ded31c0ac49becf83cc34cb0ed7c43a7425524271c4ee8dc79dede94cf1c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E37DED31C0AC49BECF83CC34CB0ED7C43A7425524271C4EE8DC79DEDE94CF1C4"
Last-Modified: Fri, 03 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4627
Expires: Fri, 03 Feb 2023 22:20:03 GMT
Date: Fri, 03 Feb 2023 21:02:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e476e1df8a079aee827243f893145391
9a0b5e3483577ba24b6b7df6126f7509332fa9d5
e37ded31c0ac49becf83cc34cb0ed7c43a7425524271c4ee8dc79dede94cf1c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E37DED31C0AC49BECF83CC34CB0ED7C43A7425524271C4EE8DC79DEDE94CF1C4"
Last-Modified: Fri, 03 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4627
Expires: Fri, 03 Feb 2023 22:20:03 GMT
Date: Fri, 03 Feb 2023 21:02:56 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
173.233.137.44200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:56 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6b1164f2b8b39e01c7c5ac39c0c209e8
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e476e1df8a079aee827243f893145391
9a0b5e3483577ba24b6b7df6126f7509332fa9d5
e37ded31c0ac49becf83cc34cb0ed7c43a7425524271c4ee8dc79dede94cf1c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E37DED31C0AC49BECF83CC34CB0ED7C43A7425524271C4EE8DC79DEDE94CF1C4"
Last-Modified: Fri, 03 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4627
Expires: Fri, 03 Feb 2023 22:20:03 GMT
Date: Fri, 03 Feb 2023 21:02:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e476e1df8a079aee827243f893145391
9a0b5e3483577ba24b6b7df6126f7509332fa9d5
e37ded31c0ac49becf83cc34cb0ed7c43a7425524271c4ee8dc79dede94cf1c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E37DED31C0AC49BECF83CC34CB0ED7C43A7425524271C4EE8DC79DEDE94CF1C4"
Last-Modified: Fri, 03 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4667
Expires: Fri, 03 Feb 2023 22:20:43 GMT
Date: Fri, 03 Feb 2023 21:02:56 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-CX5LSP1M8X>m=45je3210&_p=373620108&cid=1821302476.1675458208&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675458208&sct=1&seg=0&dl=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&dt=Gxto%20Negro%20-%20Camtasia%20Studio&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-CX5LSP1M8X>m=45je3210&_p=373620108&cid=1821302476.1675458208&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675458208&sct=1&seg=0&dl=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&dt=Gxto%20Negro%20-%20Camtasia%20Studio&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-CX5LSP1M8X>m=45je3210&_p=373620108&cid=1821302476.1675458208&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675458208&sct=1&seg=0&dl=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&dt=Gxto%20Negro%20-%20Camtasia%20Studio&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.programas.ml
Connection: keep-alive
Referer: https://www.programas.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.programas.ml
date: Fri, 03 Feb 2023 21:02:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
publishercounting.com/watch.1298427759563?shu=c313d3dae2bb6688517d58991505c64e0826e116297cda7c91c3978e749ff1fe6d97afb658fc50838729a5d24a1c978e5ad61e4ea2dc9850afad32216e9bbb09d9343ed23923e7100e5b41f5644237927075b2f830107a121d04679540d3e87b1541dd&pst=1675458236&rmtc=t&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&pii=&in=false&key=446673efab97431f17198bd97c94fe29&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&res=12.1055&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&tz=0&dev=e
173.233.139.164200 OK 1.9 kB URL HTTP/1.1 publishercounting.com/watch.1298427759563?shu=c313d3dae2bb6688517d58991505c64e0826e116297cda7c91c3978e749ff1fe6d97afb658fc50838729a5d24a1c978e5ad61e4ea2dc9850afad32216e9bbb09d9343ed23923e7100e5b41f5644237927075b2f830107a121d04679540d3e87b1541dd&pst=1675458236&rmtc=t&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&pii=&in=false&key=446673efab97431f17198bd97c94fe29&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&res=12.1055&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&tz=0&dev=e
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2602)
Hash 32b6f100d4dbda79c3c4a95c1029194c
265483fbb4489a4921ba2c5f2648be917188bfc3
3fe55beed90b6ebfe423b573a55023567042fe4fc5cd9a91dade0e2c3032eeee
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1298427759563?shu=c313d3dae2bb6688517d58991505c64e0826e116297cda7c91c3978e749ff1fe6d97afb658fc50838729a5d24a1c978e5ad61e4ea2dc9850afad32216e9bbb09d9343ed23923e7100e5b41f5644237927075b2f830107a121d04679540d3e87b1541dd&pst=1675458236&rmtc=t&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&pii=&in=false&key=446673efab97431f17198bd97c94fe29&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&res=12.1055&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&tz=0&dev=e HTTP/1.1
Host: publishercounting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://publishercounting.com/watch.1298427759563?key=446673efab97431f17198bd97c94fe29&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
Cookie: u_pl=17578757,17578673; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODY3MywiayI6IjQ0NjY3M2VmYWI5NzQzMWYxNzE5OGJkOTdjOTRmZTI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoiZ2dpYjNzaTRrYiIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly93d3cucHJvZ3JhbWFzLm1sL3Byb2dyYW1hcy9jYW10YXNpYS1zdHVkaW8vIn19.7Un6AkPzZ2EQgQzJuNZ9h3Im4JtciLhT5BkRLXa926A; uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; iprc150bf1687e086c1261f47e16dcb5a60a=3569806; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 21:02:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml/programas/camtasia-studio/
Access-Control-Allow-Origin: https://www.programas.ml/programas/camtasia-studio/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; expires=Fri, 10 Feb 2023 21:02:56 GMT; secure; SameSite=None
uncs=2; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
uncs32=1; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d4fb3b101050285c10b80aafd1456403
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
intimateexhibitedcontempt.com/watch.463305419044?shu=425b8fc2b97e21a4546238cb7416e82fe6c1841abdc9d8f5c04cae8fab93a5e9aaf31cf30b93e5e4d1b2ae02397f88a6295f51226ccbe91ddf0c1684eb467048777f3e0d6af678cbcb6505e9ec79f7170f556390&pst=1675458236&rmtc=t&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&pii=&in=false&key=b88c7049cbeacb718daece78133e1d5a&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D
192.243.59.20200 OK 1.7 kB URL HTTP/1.1 intimateexhibitedcontempt.com/watch.463305419044?shu=425b8fc2b97e21a4546238cb7416e82fe6c1841abdc9d8f5c04cae8fab93a5e9aaf31cf30b93e5e4d1b2ae02397f88a6295f51226ccbe91ddf0c1684eb467048777f3e0d6af678cbcb6505e9ec79f7170f556390&pst=1675458236&rmtc=t&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&pii=&in=false&key=b88c7049cbeacb718daece78133e1d5a&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2397)
Hash e4e042ee18cd4084892b5eff96764d64
55986e7be382c39eb85ec1c49806df0c575c3de8
5cae55a9b0a6b14b751a412f66dfb5408b5673b3cf9b90093e70ded6f6d697dc
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.463305419044?shu=425b8fc2b97e21a4546238cb7416e82fe6c1841abdc9d8f5c04cae8fab93a5e9aaf31cf30b93e5e4d1b2ae02397f88a6295f51226ccbe91ddf0c1684eb467048777f3e0d6af678cbcb6505e9ec79f7170f556390&pst=1675458236&rmtc=t&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1&pii=&in=false&key=b88c7049cbeacb718daece78133e1d5a&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D HTTP/1.1
Host: intimateexhibitedcontempt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intimateexhibitedcontempt.com/watch.463305419044?key=b88c7049cbeacb718daece78133e1d5a&kw=%5B%22gxto%22%2C%22negro%22%2C%22-%22%2C%22camtasia%22%2C%22studio%22%5D&refer=https%3A%2F%2Fwww.programas.ml%2Fprogramas%2Fcamtasia-studio%2F&tz=0&dev=e&res=12.1055&uuid=7bb3e281-ce58-424e-a592-206e68333d6f%3A1%3A1
Cookie: u_pl=17578757; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3ODc1NywiayI6ImI4OGM3MDQ5Y2JlYWNiNzE4ZGFlY2U3ODEzM2UxZDVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MDczLCJwaWQiOjUyMzA5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJoY2hpZ2ljdSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly93d3cucHJvZ3JhbWFzLm1sL3Byb2dyYW1hcy9jYW10YXNpYS1zdHVkaW8vIn19._gsMkw5k9HxsBTU5f5vHALrbOckccRbUoOwDNp5uVKc; uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 21:02:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.programas.ml/programas/camtasia-studio/
Access-Control-Allow-Origin: https://www.programas.ml/programas/camtasia-studio/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7bb3e281-ce58-424e-a592-206e68333d6f:1:1; expires=Fri, 10 Feb 2023 21:02:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 04 Feb 2023 21:02:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a277714d3658847be8a3acdac416da7f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?shu=85b596186591dce5d952026ff3ec2c307426431476570ce6ad07dcfba6beacce49ffd1cd3d290d4983d9b2e68366207a9bca2355784fcdf4ec7a62c06026d1aa629e23c55a0e1e9fe052b69c455d6e7eb502b65578b90357c1ea8938b78a17&pst=1675458236&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.programas.ml%2F&psid=17578766
192.243.59.12302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=85b596186591dce5d952026ff3ec2c307426431476570ce6ad07dcfba6beacce49ffd1cd3d290d4983d9b2e68366207a9bca2355784fcdf4ec7a62c06026d1aa629e23c55a0e1e9fe052b69c455d6e7eb502b65578b90357c1ea8938b78a17&pst=1675458236&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.programas.ml%2F&psid=17578766
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=85b596186591dce5d952026ff3ec2c307426431476570ce6ad07dcfba6beacce49ffd1cd3d290d4983d9b2e68366207a9bca2355784fcdf4ec7a62c06026d1aa629e23c55a0e1e9fe052b69c455d6e7eb502b65578b90357c1ea8938b78a17&pst=1675458236&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.programas.ml%2F&psid=17578766 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc1Nzg3NjYiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucHJvZ3JhbWFzLm1sLyJ9fQ.ojFlNEIy14mjqxha-yhLxb15kyGMbb6zHj6a8eONGS8; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 21:02:56 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: pdhtkv=true; expires=Sat, 04 Feb 2023 21:02:56 GMT
uncs=1; expires=Sat, 04 Feb 2023 21:02:56 GMT
pdhtkv28=true; expires=Sat, 04 Feb 2023 21:02:56 GMT
uncs28=1; expires=Sat, 04 Feb 2023 21:02:56 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eaf4a8d8b0f2c6b006a0b143218310fb
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
23.36.79.43307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 03 Feb 2023 21:02:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 03 Feb 2023 21:02:56 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; domain=.unibet.com; expires=Sun, 03-Feb-3022 21:02:56 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=22, origin; dur=108
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 21:02:57 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node01jw8ksf4st4w21wxpq73wmtz5j1777919.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01jw8ksf4st4w21wxpq73wmtz5; Path=/; Domain=.unibet.nu; Expires=Sun, 02-Feb-2025 21:02:56 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sun, 02-Feb-2025 21:02:56 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://jennyvisits.com/"; Path=/; Domain=.unibet.nu; Expires=Sun, 02-Feb-2025 21:02:56 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_EA268C63AF844F5F9FECB2528903A0C6; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fjennyvisits.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_EA268C63AF844F5F9FECB2528903A0C6%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://jennyvisits.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Fri, 03 Feb 2023 21:02:56 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: __ucbt=node01jw8ksf4st4w21wxpq73wmtz5; uniattr=ST.0.T; uniattr_ref="https://jennyvisits.com/"; affiliateId=1; B-TAG=127656177_EA268C63AF844F5F9FECB2528903A0C6; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fjennyvisits.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_EA268C63AF844F5F9FECB2528903A0C6%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 21:02:57 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Fri, 03 Feb 2023 21:02:57 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5c6eae7356c7c117d75d88d84420f61
ef1bf1756057d56ff2070537f5cff02827ced62b
96e9d535daeb01ba5cb4409ac40f2d74540db1505510a5ddbe9e9090ec772cc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96E9D535DAEB01BA5CB4409AC40F2D74540DB1505510A5DDBE9E9090EC772CC4"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12281
Expires: Sat, 04 Feb 2023 00:27:38 GMT
Date: Fri, 03 Feb 2023 21:02:57 GMT
Connection: keep-alive
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
104.18.25.188200 OK 2.5 kB URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.25.188:0
Hash a5ecd3c6c18e791f08772d82d86c1093
e0c522de44e79538c5cb36096915c6d9dfcd97f8
5145df8e5fbf336bf265931a1220c7b5b8abc6fcc5fdb21ed9d8bb197e6f6a4d
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 390622
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c492d73b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.25.188200 OK 10 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (15888), with no line terminators
Hash 3903b9e630ed08dc6babbf232b67d9ee
8c0d30d628184dab2ec3048cf43fec0c7519ae69
36d7789aafd4f4b5a9e1e8a79228ce16e71ecb70ddbba17718bf8d556b4d2f6a
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF991835F51F"
x-ms-request-id: 1328b90b-701e-0024-5c81-31e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 117151
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c493d90b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
216.58.211.10200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 09:05:01 GMT
expires: Wed, 31 Jan 2024 09:05:01 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 302276
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
104.18.25.188200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP 104.18.25.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DAFF991565B252"
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 3cf155d6-101e-000d-3081-31dad6000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 117149
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c4a4f01b51b-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.25.188200 OK 15 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Hash 4ac9e8ad519989a1b728087eeb094102
663904e3ad6f9becc88f8a3dc91b8ea381cb50ae
0c40d1aa1c3557dc4aaad79f0776045b68c17d40c638c4e4f3592fad0202d7c4
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99183CF8FA"
x-ms-request-id: d4160c8c-201e-0016-7481-31e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 117150
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c493d91b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.25.188200 OK 75 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1066), with no line terminators
Hash b553decb310d390c7c3aacaf288bb779
0fa79ceb52bef295d47bbf91f984a16779756125
60f9f0c1b039344ae8aeefb76c20a527750859d5b5434003411f8440320e40ca
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99173FAB3F"
x-ms-request-id: af16bb2e-701e-0046-1c81-312685000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 117150
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c493d97b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.25.188200 OK 5.7 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.25.188:0
Hash d864aad40a1e3aeede67ec688d30eddd
78a3aba0a23942b59c50cf741c5de951c79b5b26
a485fa9a1d704da94cdfd19f6dda0f3139a5c698a6c156ca589e7548d64c4417
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914DE94BB"
x-ms-request-id: 580bcb77-701e-0034-8081-3121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 117145
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c491d5eb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 428457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/widget/betslip/betslip.js
104.18.25.188200 OK 85 kB URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP 104.18.25.188:0
File type ASCII text, with very long lines (693)
Hash cccd05a90b6c574eb85d4d6675fed129
2ee9d88bc843d80a064923d560eb6b1a75575f85
fcd64cb1c65ae5c6529dd1dbe4bd45a7f43b7d1dd5890f4fdccc9c717d66f940
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 390622
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c4a1ec2b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.132.15200 OK 28 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Hash a0e4adabb4e5f93041861f6c21eee3ec
670994f18ca693734ac8505a40aceb143c776703
5add31977b86287c1b2c428478983141fa0b2f5e63093d140d66c6684e06f3d0
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: text/css
x-amz-id-2: kIWUcp4/gRprxrhG4Bo7YL49QfCfoJzgcb+lBni7kDeALpU6YcOHbXZK3Ce3+VKgInDBPr7yuoA=
x-amz-request-id: GQJ6HHGYZ6JW9X6Q
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 604235
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkgt4J33GbenTralq10OSMQPK8jL8nEkx8bJexQ9VaDnoAwOZ3GPWa7ET%2FtiCgYXIF4AiuI7IFmwWnDIkStxp4eA9QkGAJ%2Fct3wHZvzQDBLfkT%2FnTs59qHrpvJtsSjIP5J57Yutm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793e1c49ae597708-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 070a293072d1e256be6800c94536d5a6
c45f564a4c24708cec1e53794e60d7aa24ec9e9d
0e19789078fa4dd3e6650f433383d71eeea5563a6659dc80513ec4b823e6da8a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3206
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:57 GMT
Last-Modified: Fri, 03 Feb 2023 20:09:31 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.25.188200 OK 1.8 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.25.188:0
File type HTML document, Unicode text, UTF-8 text
Hash 8e2e29f6def836861b19fed0c764cd27
35ce7f3943ef46f8bb5e24f42c994747e0f49a43
900117b953eb0a86c5a7d25f03bc672cd023e1d06ea103e0e6c7927c4d5d8e93
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF99188E686E"
x-ms-request-id: fae4441f-101e-0040-4d81-31153a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 117151
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c491d62b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
185.89.210.90307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 03 Feb 2023 21:02:57 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 1ec94ab5-1a00-4d9f-9dc2-66bf01e89cf9
Set-Cookie: uuid2=3504375108841070716; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 04-May-2023 21:02:57 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8e4b7b47ed75e9e975adc9fc304e3219
0b4f8dacc8685161103a352dd4221f69aa111626
852df028f28349db72a347eb3627f3f102c4e4dd6418cbdba6b94e44092ab43f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 307
Cache-Control: max-age=119346
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:57 GMT
Etag: "63dca480-1d7"
Expires: Sun, 05 Feb 2023 06:12:03 GMT
Last-Modified: Fri, 03 Feb 2023 06:06:56 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
104.18.25.188200 OK 2.3 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP 104.18.25.188:0
File type PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c47db355778daa0a4ddea2399b0446a
c20fed8bf41d3ce1b52a66300d48c23634641386
0f894a2aeb44db42f35d56470a3b78b7c59b8498fa2bab04250f075cfefe2935
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914F4D898"
x-ms-request-id: e6735b96-c01e-0021-0381-313679000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 117142
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c4b384cb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675458210376
34.241.134.251200 OK 498 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675458210376
IP 34.241.134.251:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash 42dc564cb0f33dda31e717f787ad0fab
11c25276d7f1f4f7a23c2ff00fd525b0dc70f2b2
da4702c3bc7dd40ae469ab21880936a4c338c5f46396affc7d96ed93b716b069
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675458210376 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-093556e0f.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=40396399068231305282846729159700325221; Max-Age=15552000; Expires=Wed, 02 Aug 2023 21:02:58 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: I8ZhPDe7RLI=
Content-Length: 498
Connection: keep-alive
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
185.89.210.90200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 185.89.210.90:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 03 Feb 2023 21:02:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: bd1d77fa-bfd3-403f-93de-da52a531c7fc
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2HaNqm.V-!@wnf-Te9(>wL5L!!'VW$m2mW; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 04-May-2023 21:02:58 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f625763f5802c7b8926de24c6c220f1d
93b348c68d0920f8f28f2db6b9065a6664e1fd51
f6695e1ca1c3be928cc9d8231d168e903d85bc95718d45f41fb8ec9c37f2d4ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6377
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:58 GMT
Last-Modified: Fri, 03 Feb 2023 19:16:41 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f625763f5802c7b8926de24c6c220f1d
93b348c68d0920f8f28f2db6b9065a6664e1fd51
f6695e1ca1c3be928cc9d8231d168e903d85bc95718d45f41fb8ec9c37f2d4ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6377
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:58 GMT
Last-Modified: Fri, 03 Feb 2023 19:16:41 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f625763f5802c7b8926de24c6c220f1d
93b348c68d0920f8f28f2db6b9065a6664e1fd51
f6695e1ca1c3be928cc9d8231d168e903d85bc95718d45f41fb8ec9c37f2d4ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3755
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:58 GMT
Last-Modified: Fri, 03 Feb 2023 20:00:23 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fdeefe9d1e614e31fbdedba482c240b0
8aa5be14360b16448239aaf48bf53a6b366d7bc5
0f4daaa241c690d5b7529d44fab951e6f57e43a61e795762ffee646293e5e551
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6265
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 21:02:58 GMT
Last-Modified: Fri, 03 Feb 2023 19:18:33 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=40356154630490153552850586015911665406&ts=1675458210569
13.37.25.97200 OK 2 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=40356154630490153552850586015911665406&ts=1675458210569
IP 13.37.25.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=40356154630490153552850586015911665406&ts=1675458210569 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Fri, 03 Feb 2023 21:02:58 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
104.16.174.188200 OK 8.1 kB URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP 104.16.174.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f8bc141944d4479f3f23f123429177f3
1a04e94779d82cd1dbc1994704a6f4a4bb66648f
70571abf08d1f6eaedbf8fc5695ecd5a21e152b5e48d5ea95455a80a742ebbf3
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:58 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 30
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c4d8bddb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
3.248.39.194200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 3.248.39.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 3 Feb 2023 21:02:58 GMT
DCS: dcs-prod-irl1-1-v045-0d492e21d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: C90QcahiRKE=
Content-Length: 2791
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 186955a6d5f5463cacf13550fe4dc51b
362ef36541473311828a954a4ca84d347148476f
e4f7ae33264791e6dd5cc4266d2ade0a2828168d17345ebb4089c7d08cbf7e30
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 21:02:58 GMT
Last-Modified: Fri, 03 Feb 2023 20:45:15 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wbC8MPjHmtij8wkoFM1tIpZ13IVgRtyixxzwBhnFhA--_8BQwK5RMw==
Age: 1063
cm.everesttech.net/cm/dd?d_uuid=40396399068231305282846729159700325221
18.201.4.185302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=40396399068231305282846729159700325221
IP 18.201.4.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=40396399068231305282846729159700325221 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 03 Feb 2023 21:02:58 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y912ggAAAHUfGAOV; Domain=.everesttech.net; Expires=Sat, 03-Feb-2024 21:02:58 GMT; Path=/
everest_session_v2=Y912ggAAAHUfGQOV; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y912ggAAAHUfGAOV
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y912ggAAAHUfGAOV
34.241.134.251302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y912ggAAAHUfGAOV
IP 34.241.134.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y912ggAAAHUfGAOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0fb9f79b9.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y912ggAAAHUfGAOV
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=01166227322844121893395932501127036315; Max-Age=15552000; Expires=Wed, 02 Aug 2023 21:02:58 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: OIJ8qGkRTWI=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y912ggAAAHUfGAOV
34.241.134.251200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y912ggAAAHUfGAOV
IP 34.241.134.251:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y912ggAAAHUfGAOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-04c35fc5e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: CY5m5M47TT4=
Content-Length: 59
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF99157C1D3C"
x-ms-request-id: ec6073d8-501e-0051-6881-318f8e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 117151
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c493d8cb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF9917716257"
x-ms-request-id: 78c0b78e-401e-0000-7881-311202000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 117150
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c493d9bb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.25.188404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: application/xml
x-ms-request-id: f466ac6f-801e-000f-0112-38646e000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 261
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c493d9db51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915A7459F"
x-ms-request-id: e677fb13-901e-0061-5581-313141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 117151
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c493d89b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF991898A021"
x-ms-request-id: e9253db8-601e-0075-8081-31792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 117145
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c492d6ab51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 21:02:57 GMT
date: Fri, 03 Feb 2023 21:02:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
104.16.174.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP 104.16.174.188:0
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:58 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 24
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c4d7bc4b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99184AD9A4"
x-ms-request-id: fa9ed380-a01e-0027-7f81-3105c6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 117150
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c493d92b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: djoKeCzytkLU3NSdQsOPbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
x-ms-request-id: 2d05ce62-401e-003f-4112-38daa1000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=127656177_EA268C63AF844F5F9FECB2528903A0C6;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 793e1c471a05b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99174612EA"
x-ms-request-id: 82c2bcc2-201e-0029-1081-312c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 117150
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c493d9ab51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_EA268C63AF844F5F9FECB2528903A0C6&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915D02464"
x-ms-request-id: 9ee27f41-c01e-000e-3881-313bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 117149
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c494da9b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js?465405
104.19.148.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?465405
IP 104.19.148.8:0
GET /pages/scripts/0012/9242.js?465405 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.22
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Fri, 03 Feb 2023 18:01:45 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 10872
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c4bac73b505-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
104.16.174.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP 104.16.174.188:0
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:58 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 367
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c4d8bdcb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
104.19.148.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP 104.19.148.8:0
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.22
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Fri, 03 Feb 2023 18:01:45 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 10872
vary: Accept-Encoding
server: cloudflare
cf-ray: 793e1c4b9c58b505-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675458176821)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323212%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228777797404%7c1%22%7d%5d; btag=127656177_EA268C63AF844F5F9FECB2528903A0C6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 21:02:57 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2