firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 03:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VuOpB40k3QrwwmrV8E-Cfdhsk5Pba_sm38aXrrFBrzUAt_kWHAtbRQ==
Age: 2946
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2292
Expires: Wed, 28 Sep 2022 04:42:57 GMT
Date: Wed, 28 Sep 2022 04:04:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9488
Expires: Wed, 28 Sep 2022 06:42:53 GMT
Date: Wed, 28 Sep 2022 04:04:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rl5kWCf5eIdVOTN4nCoAqC0Ghx2i00OMiXxrNbUfsPe8XjJCwVPYqpupTHjdPY8A+JXisXYyaeU=
x-amz-request-id: 9X5W02B96B4YSQPY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 28 Sep 2022 03:47:14 GMT
age: 1051
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 04:04:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 03:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 04:12:55 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sqXiAIETaJI2AACVraQG1VjjvtGGKeT0kwxgUhLHBw-KvIGCPW6IlA==
Age: 2112
api.nealvwillpams.com/api/addpostion/LJFSJKD6I9H7PJS5
8.214.108.8302 0 B URL HTTP/1.1 api.nealvwillpams.com/api/addpostion/LJFSJKD6I9H7PJS5
IP 8.214.108.8:0
ASN #45102 Alibaba US Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /api/addpostion/LJFSJKD6I9H7PJS5 HTTP/1.1
Host: api.nealvwillpams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Wed, 28 Sep 2022 04:04:45 GMT
Content-Length: 0
Connection: keep-alive
X-Application-Context: microservice-consumer-niceapi:prod-tui:6065
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, token
Access-Control-Expose-Headers: Location
Set-Cookie: userid=8cc095d1218f417d9d69e400c0429e85; Max-Age=2592000; Expires=Fri, 28-Oct-2022 04:04:45 GMT; Domain=nealvwillpams.com; Path=/
userid=52da80f429ee4402b49a5c1eca258717; Max-Age=2592000; Expires=Fri, 28-Oct-2022 04:04:45 GMT; Domain=nealvwillpams.com; Path=/
userid=4de5584a1be541c6a3d209995cb277e9; Max-Age=2592000; Expires=Fri, 28-Oct-2022 04:04:45 GMT; Domain=nealvwillpams.com; Path=/
Location: https://cddtsecure.com/?a=183949&c=294041&s1=Meta1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3987
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 04:04:46 GMT
Last-Modified: Wed, 28 Sep 2022 02:58:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 1df9aae9847a11076670567b2ebb4425
f27994dda9b21537ad5fc9e35b592a2c883714de
cd1d2e1869040fa6bb7941fbd437a127ed62e3406329f2c975f09c84cca8c1f2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 04:04:46 GMT
Server: ECS (dcb/7EC9)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3JjQY1kLpmjmkRN8_AycDVwptQfHMqaKFQV5AScr9FFGhA_ZxaNXJA==
push.services.mozilla.com/
52.27.12.161101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.27.12.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kULZxd0sZ+5YBHklT7MV7w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EoEt7/GswoDkWF6loYEJ7sfQ4d4=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2413e3f9b4d9e6e81da523140e2223e2
dc89e9b4049338bf1fcd899fda20ac74a7927053
c5c0d3dad89a205c1b8be48115399df433daba630d1a1e322972f20c832935e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5C0D3DAD89A205C1B8BE48115399DF433DABA630D1A1E322972F20C832935E9"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 28 Sep 2022 10:04:46 GMT
Date: Wed, 28 Sep 2022 04:04:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8160
Expires: Wed, 28 Sep 2022 06:20:47 GMT
Date: Wed, 28 Sep 2022 04:04:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8160
Expires: Wed, 28 Sep 2022 06:20:47 GMT
Date: Wed, 28 Sep 2022 04:04:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8160
Expires: Wed, 28 Sep 2022 06:20:47 GMT
Date: Wed, 28 Sep 2022 04:04:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8160
Expires: Wed, 28 Sep 2022 06:20:47 GMT
Date: Wed, 28 Sep 2022 04:04:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 22569
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9715fa-0606-41f2-b3fa-1c7048f24b48.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9715fa-0606-41f2-b3fa-1c7048f24b48.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c761355e3b9bdf64113c92591306b959
5dcf4fbd065e0850c2602a5e8791ba7af1999d9f
03464d30ae3a3199bb3b19e1c730385fc8f68444d41eb0099542bd83108e6ed5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9715fa-0606-41f2-b3fa-1c7048f24b48.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9710
x-amzn-requestid: 34553ef5-773c-4c06-835f-0382202b706d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCWDE74IAMF0xA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63311759-3a8cc99a4d529adc23d1dfc1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:07:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6WtNGTt-HH__-2fhF-DwduAIhqNW2D0nB24FIIwmSuNVLsQuLDQy1g==
via: 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 05:04:56 GMT
age: 82791
etag: "5dcf4fbd065e0850c2602a5e8791ba7af1999d9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 22727
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccfb4931d41ca01aa55b4b8e9ef6b4e1
2351d2547f4bd0aac45bb21a5aa8277e80ef15f2
89de9954ee2874b476c907810189812efe13234a46910180f34f68082429260f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7020
x-amzn-requestid: 1258ee7b-987a-4454-8963-e76b7c1470f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4EVxIAMFrmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7a1fbaa251600686757f9583;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ISJfVYtY7kLIm87GZEvqMmEr3D4vYcZDi-WJAu4GyaxLQKRUDbVjg==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 22724
etag: "2351d2547f4bd0aac45bb21a5aa8277e80ef15f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
age: 22483
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cddtsecure.com/?a=183949&c=294041&s1=Meta1
52.210.54.244302 Found 6.2 kB URL HTTP/2 cddtsecure.com/?a=183949&c=294041&s1=Meta1
IP 52.210.54.244:0
Hash 17c1e5a57a20caf4f96c2ef27b59e6a2
3fa5f7575db98554784e42ed22bc39efda449edc
ab75f997a7041992dcc9b2b7e049f7eedbb2a1230b4472023b138a99433a88e2
GET /?a=183949&c=294041&s1=Meta1 HTTP/1.1
Host: cddtsecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 28 Sep 2022 04:04:46 GMT
content-type: text/html;charset=ISO-8859-1
location: https://17pq.nowsubmission.com/?kw=183949&s1=3de863d6c4c449a494d6b78c513f98fa1bd0d&s2=Meta1
server: nginx
set-cookie: gdm_click_freq_v2_1_001=Nzyu4aYUl8t72KLXR1V4CQgf7DtSR9dBJctXVPd1xFQxqT6Q44zwYKw5IK2hLKBM; Domain=.cddtsecure.com; Expires=Tue, 27-Dec-2022 04:04:46 GMT; Path=/; Secure; SameSite=None
gdm_sid_v2_3_001=9CL4NZNpjLHjrQpB5R79wKd9Q7T4N9PP6QLfqed6UMIL92k5Dev6UHd70KTW27cicqpbW8ws0rujEV00/zKTuCn3d1CHiks8COL2csYbqvMhKctA253lxj8NgS03zb+6C4MlKYQdtzCnzcZDvp4H5Q3AgxgvrRYUZO7VhbIbDHPXAjBkO3Blctid8LWwbSXnjIDYiGNZCxztUCaZGw4YxwI3hKKgOi6IwBXDlwv1dloyr1b3Wn7zrFJAbIUDXmk0CiCuEaETfr7RZ0jHSb/SNLg7JHIk2BTVNBNNIor/TZdFSAePLLXnFofbsfLkKboXIpXlDnhHdnKvsUWzQDrwIoZD+Cjevfhpj/luxw7qgFQs9nsjX2u0Mx5Mlq+FuAV59ar4TKAVlWxeXVn8ydEAGqiM3RhirRAoazn0b4AUnDVpKEeVQEWLygJ2IKDgJP9iDzb0gQgvXMyxh2D5vTtxMEnZ8efgzoi1oorZz5dfcnBkwC+kw8ouiZ2KCGZVw3QtvfyqYdjO4TTblkaYczICwUk5tRLQLNGjvJx/so/xYJ0OWphGKyFc7u6+2tsKwKZGElcUcTaU03SD7A0qXr7KRFfAvfGPgeWzYBjUEo5cNConL4bjrzPMcBFFUaEonFf6ACShCcYPin1JYCLCh/0ToCXxuQ4fgOYwSEz7wAIU8TIFxeqw8hW0NKdSQBw2d1tEzbx9q6XqMS7ZAMQrJ2bBCG8M+TAw1fDcknhIMNs2LRGoe5gcJxBa4jScaJAyxp+ccVLoHg5Ip8Q3TwAHkvckAzbOclY3yUge9CozCN+Kk8IDGYgJmbxHWFLh/ixDJnwVn11V5hsmnegL+sgavNVQJUI1jQYly3sMkZxM/zOJdBJLD+p5oU1BUmJ7OwcWdOBD+uls99sN+Sm6pdvMiVQ714gzHTDu97ICqNGzJ3ItPc5puwGhpL3/84Qoy1QugVqlFvnt31nHSMdkuKIdxd78gEJilIk0Rp1wv7CPIa1N3c4=; Domain=.cddtsecure.com; Expires=Tue, 27-Dec-2022 04:04:46 GMT; Path=/; Secure; SameSite=None
gdm_click_adv_freq_v2_1_001=B6XtSNf0/Fok3GcB4BTdMlAiO1qGP0JqyRo0ewyPQpgdB0wfWzkeVnhc8Kl77iDo; Domain=.cddtsecure.com; Expires=Tue, 27-Dec-2022 04:04:46 GMT; Path=/; Secure; SameSite=None
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.cddtsecure.com; Expires=Tue, 27-Dec-2022 04:04:46 GMT; Path=/
gdm_uid_v2_1_001=5VS5FbEd+WZ6aTO+Z/ZqZO7Au5imGwVaSTMt9jgrPhppfEsFJHgsNHMnVcj7rVS+; Domain=.cddtsecure.com; Expires=Tue, 27-Dec-2022 04:04:46 GMT; Path=/; Secure; SameSite=None
gdm_click_adv_freq_v1_1_001=B6XtSNf0/Fok3GcB4BTdMlAiO1qGP0JqyRo0ewyPQpgdB0wfWzkeVnhc8Kl77iDo; Domain=.cddtsecure.com; Expires=Tue, 27-Dec-2022 04:04:46 GMT; Path=/
gdm_sid_v1_3_001=9CL4NZNpjLHjrQpB5R79wKd9Q7T4N9PP6QLfqed6UMIL92k5Dev6UHd70KTW27cicqpbW8ws0rujEV00/zKTuCn3d1CHiks8COL2csYbqvMhKctA253lxj8NgS03zb+6C4MlKYQdtzCnzcZDvp4H5Q3AgxgvrRYUZO7VhbIbDHPXAjBkO3Blctid8LWwbSXnjIDYiGNZCxztUCaZGw4YxwI3hKKgOi6IwBXDlwv1dloyr1b3Wn7zrFJAbIUDXmk0CiCuEaETfr7RZ0jHSb/SNLg7JHIk2BTVNBNNIor/TZdFSAePLLXnFofbsfLkKboXIpXlDnhHdnKvsUWzQDrwIoZD+Cjevfhpj/luxw7qgFQs9nsjX2u0Mx5Mlq+FuAV59ar4TKAVlWxeXVn8ydEAGqiM3RhirRAoazn0b4AUnDVpKEeVQEWLygJ2IKDgJP9iDzb0gQgvXMyxh2D5vTtxMEnZ8efgzoi1oorZz5dfcnBkwC+kw8ouiZ2KCGZVw3QtvfyqYdjO4TTblkaYczICwUk5tRLQLNGjvJx/so/xYJ0OWphGKyFc7u6+2tsKwKZGElcUcTaU03SD7A0qXr7KRFfAvfGPgeWzYBjUEo5cNConL4bjrzPMcBFFUaEonFf6ACShCcYPin1JYCLCh/0ToCXxuQ4fgOYwSEz7wAIU8TIFxeqw8hW0NKdSQBw2d1tEzbx9q6XqMS7ZAMQrJ2bBCG8M+TAw1fDcknhIMNs2LRGoe5gcJxBa4jScaJAyxp+ccVLoHg5Ip8Q3TwAHkvckAzbOclY3yUge9CozCN+Kk8IDGYgJmbxHWFLh/ixDJnwVn11V5hsmnegL+sgavNVQJUI1jQYly3sMkZxM/zOJdBJLD+p5oU1BUmJ7OwcWdOBD+uls99sN+Sm6pdvMiVQ714gzHTDu97ICqNGzJ3ItPc5puwGhpL3/84Qoy1QugVqlFvnt31nHSMdkuKIdxd78gEJilIk0Rp1wv7CPIa1N3c4=; Domain=.cddtsecure.com; Expires=Tue, 27-Dec-2022 04:04:46 GMT; Path=/
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.cddtsecure.com; Expires=Tue, 27-Dec-2022 04:04:46 GMT; Path=/; Secure; SameSite=None
gdm_uid_v1_1_001=5VS5FbEd+WZ6aTO+Z/ZqZO7Au5imGwVaSTMt9jgrPhppfEsFJHgsNHMnVcj7rVS+; Domain=.cddtsecure.com; Expires=Tue, 27-Dec-2022 04:04:46 GMT; Path=/
gdm_click_freq_v1_1_001=Nzyu4aYUl8t72KLXR1V4CQgf7DtSR9dBJctXVPd1xFQxqT6Q44zwYKw5IK2hLKBM; Domain=.cddtsecure.com; Expires=Tue, 27-Dec-2022 04:04:46 GMT; Path=/
content-language: en-US
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
X-Firefox-Spdy: h2
17pq.nowsubmission.com/?kw=183949&s1=3de863d6c4c449a494d6b78c513f98fa1bd0d&s2=Meta1
179.61.143.121302 Found 730 B URL HTTP/1.1 17pq.nowsubmission.com/?kw=183949&s1=3de863d6c4c449a494d6b78c513f98fa1bd0d&s2=Meta1
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 915765aa10764bc78e193f7232ba6bed
3aad7b5271414d4d1c181be49c53cf5030592ee7
4bdfa7e8b3768eee7f2a4be80f7b34c2a4d3dbaa7e088b0bf109418f6586855a
GET /?kw=183949&s1=3de863d6c4c449a494d6b78c513f98fa1bd0d&s2=Meta1 HTTP/1.1
Host: 17pq.nowsubmission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
date: Wed, 28 Sep 2022 04:04:47 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://17pq.expressedsupply.com/t/8f0d93c8664e/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9/b171719c-3ee2-11ed-a12e-f1d59b8940b5
x-redir: true
set-cookie: XSRF-TOKEN=eyJpdiI6ImZkczV2Z3dSZ2M0anhtcjBlbUNTRXc9PSIsInZhbHVlIjoianlkRHRRRFRpTU1ZaVAyaTVQSkFtQmx0MWlWY2MwSzFFMlNEcEQ1OTVtdHhiTGlFYkJFMHpGTzlIbHRZb012azk2UHFpS3BpOER2N0MrU3RzRVNRc1NHMzVoL3JlUDArdGRBUHEyNzBnbFdSazlMcWFmSkttYXZQdkNzTWNDcjQiLCJtYWMiOiIxNGI2MzIxNTBjN2ZjM2Y0OGFkZTc5MzYzZmZkMzUxNmFhOTFiNmQyMjU3NTM3ODc5ZjM4OGQ0NDc5ODZiMjk2IiwidGFnIjoiIn0%3D; expires=Wed, 28 Sep 2022 06:04:47 GMT; Max-Age=7200; path=/; samesite=lax
yredir_session=eyJpdiI6IkE0K2dMZ0xQcWlBK0M4SWFROVR4Z3c9PSIsInZhbHVlIjoiRDkwYVh5VGZ2T3I5cFViVTF2ZUtEUXVTYk1ac2YrMmtVRHJQQ3JRM01IeTlEK01Idkh0T3JrS24wL0ZYQVpLVHZrcW9sSDl2Szc4TVR2SlJ2a1FNdzZYbkswTzBrTHNqZFV6VWx1VkxoTjhOeTJxTmo0NTRlTEdheDE5a25RRFMiLCJtYWMiOiI3YjI2MWI2ZDBkMjFhYzhkYjEwNTg1MjRiNWU2N2M4ZTc1NWU2YWRiMjkzZmM4ZTBkMDc5YjA4OWM2ZjQwZjk2IiwidGFnIjoiIn0%3D; expires=Wed, 28 Sep 2022 06:04:47 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=15768000
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f881e9f207b92d6312166d0cb4b5281f
3c46ef88ca41a0416129fce6f3e3dc3eed948fc6
76eeb27425e44d1bd9e6c5409f37be2e1d4b65b623e90ed020249b8bed87ca08
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "76EEB27425E44D1BD9E6C5409F37BE2E1D4B65B623E90ED020249B8BED87CA08"
Last-Modified: Tue, 27 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20804
Expires: Wed, 28 Sep 2022 09:51:32 GMT
Date: Wed, 28 Sep 2022 04:04:48 GMT
Connection: keep-alive
17pq.expressedsupply.com/t/8f0d93c8664e/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9/b171719c-3ee2-11ed-a12e-f1d59b8940b5
179.61.143.12200 OK 3.5 kB URL HTTP/1.1 17pq.expressedsupply.com/t/8f0d93c8664e/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9/b171719c-3ee2-11ed-a12e-f1d59b8940b5
IP 179.61.143.12:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash af1230b1037cb1e647505a9ecedff497
9cf2475797bc0d183a0b5afeccc3b2e470b3eab3
a5eea77c3b4daa8ad10747ec0927aaa79c0a23b2d8f7d39dc16c9df05143bf7a
GET /t/8f0d93c8664e/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9/b171719c-3ee2-11ed-a12e-f1d59b8940b5 HTTP/1.1
Host: 17pq.expressedsupply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
date: Wed, 28 Sep 2022 04:04:48 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
service-worker-allowed: /
cache-control: no-cache, private
x-redir: true
set-cookie: XSRF-TOKEN=eyJpdiI6Ii9RYW9SVHQzdjR5OTFCY1VjNTI4Ymc9PSIsInZhbHVlIjoiVlN4WENHV1NxU0pzTldmQ01ENnhUNG9DcXBwMUEweSs3RVJtKzI4bmJvUlZ0SktTRnlab0xzdS84YjVYWVA0N253ZEZWU05WeDdBQnRqMGdzNnczNkR6NjNzVzREeU9hY3Y2OE1zQlNZemNJVXdPSnIwR2ZOUHR2aDhWL21Gbm4iLCJtYWMiOiIwY2QyZTI2OGVkZWI2MGUyYmJmYjg5OWM0YjViMmE2MzE0ZDAyY2Y4YWFlOGQ3Y2JmZWMyOTljMzNhMzkwMDFjIiwidGFnIjoiIn0%3D; expires=Wed, 28 Sep 2022 06:04:48 GMT; Max-Age=7200; path=/; samesite=lax
yredir_session=eyJpdiI6IndvdFFPR2cxVEFSNGtwSGd6WkdFYnc9PSIsInZhbHVlIjoiaU9UaU9sYytTYjhuamhlRUNDa0RxYzMxdFpNS2xZeC9ZMW05eE1IM2cwUk1CVS90Um5GVE9EUlZ3L1hBZUN6ejdFZ2dLN1lnaTBndUZEU0R4NndsQjdvUlN2K041T2JQVXN0UzdMVTFPQW80bEZ6RFlJZjJhNHlxYzhqOXNVZlciLCJtYWMiOiJlNWMwNjNiYjA5N2I1OGEwOWQwYzQwYmM2Y2UyMTBmNzQ2ZGQ3ZWI0ZWRkMmE0Y2JmOTFhZWRjZmFhYzRjMTRkIiwidGFnIjoiIn0%3D; expires=Wed, 28 Sep 2022 06:04:48 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
strict-transport-security: max-age=15768000
code.jquery.com/jquery-1.11.3.min.js
69.16.175.42200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.11.3.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32038)
Hash 1c8acbf5f411ace3b76578a1fd1a603e
b1bbee9db24d885c25afd2e5a7720e4f79b6b991
e37464521b5447580a641b775ddb258a76f3bc7a3ca5a34eb452b12908b350a9
GET /jquery-1.11.3.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17pq.expressedsupply.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 04:04:48 GMT
content-encoding: gzip
content-length: 33261
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-176d5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664337888.dop012.sk1.t,1664337888.cds240.sk1.hn,1664337888.cds216.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 04:04:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 04:04:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
142.250.74.42200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32072)
Hash d38e2944bbc9ae54b8947a2bd0b9a932
782a825679b248d38979c2d7ecae257873344437
65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd
GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17pq.expressedsupply.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 18:17:53 GMT
expires: Mon, 25 Sep 2023 18:17:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 208015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 04:04:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
IP 142.250.74.10:0
Hash e80afe158319bc3bbf183a6b6db7e43d
0e67a174501456570a5476f63b4d7f883758b433
e24b3c17fdcd093c5d1d7aa4e9056f0b292836c5f548821cdd89e7920b0a488d
GET /css?family=Roboto+Condensed%7COpen+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17pq.expressedsupply.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 04:04:48 GMT
date: Wed, 28 Sep 2022 04:04:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/css/style.css
179.61.143.12200 OK 25 kB URL HTTP/1.1 17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/css/style.css
IP 179.61.143.12:0
ASN #61317 Ipxo Uk Limited
Hash bc84bd3caee9a7b227a5054179477e02
bc1b53ceedb9b91f4d4bec2037126b4d05c20912
d86b239f3ad7fc29593df1655848824493b2299a203c9be2f67adae10f94309e
GET /templates/templates/spin-casino_MASTER/css/style.css HTTP/1.1
Host: 17pq.expressedsupply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17pq.expressedsupply.com/t/8f0d93c8664e/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9/b171719c-3ee2-11ed-a12e-f1d59b8940b5
Cookie: XSRF-TOKEN=eyJpdiI6Ii9RYW9SVHQzdjR5OTFCY1VjNTI4Ymc9PSIsInZhbHVlIjoiVlN4WENHV1NxU0pzTldmQ01ENnhUNG9DcXBwMUEweSs3RVJtKzI4bmJvUlZ0SktTRnlab0xzdS84YjVYWVA0N253ZEZWU05WeDdBQnRqMGdzNnczNkR6NjNzVzREeU9hY3Y2OE1zQlNZemNJVXdPSnIwR2ZOUHR2aDhWL21Gbm4iLCJtYWMiOiIwY2QyZTI2OGVkZWI2MGUyYmJmYjg5OWM0YjViMmE2MzE0ZDAyY2Y4YWFlOGQ3Y2JmZWMyOTljMzNhMzkwMDFjIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IndvdFFPR2cxVEFSNGtwSGd6WkdFYnc9PSIsInZhbHVlIjoiaU9UaU9sYytTYjhuamhlRUNDa0RxYzMxdFpNS2xZeC9ZMW05eE1IM2cwUk1CVS90Um5GVE9EUlZ3L1hBZUN6ejdFZ2dLN1lnaTBndUZEU0R4NndsQjdvUlN2K041T2JQVXN0UzdMVTFPQW80bEZ6RFlJZjJhNHlxYzhqOXNVZlciLCJtYWMiOiJlNWMwNjNiYjA5N2I1OGEwOWQwYzQwYmM2Y2UyMTBmNzQ2ZGQ3ZWI0ZWRkMmE0Y2JmOTFhZWRjZmFhYzRjMTRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Tue, 27 Sep 2022 08:45:19 GMT
last-modified: Wed, 21 Sep 2022 14:35:19 GMT
etag: "bc84bd3caee9a7b227a5054179477e02"
content-type: text/css
content-length: 25401
x-varnish: 155904701 155206561
age: 69569
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
17pq.expressedsupply.com/o/2XXQ6DLP/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9
179.61.143.12302 Found 762 B URL HTTP/1.1 17pq.expressedsupply.com/o/2XXQ6DLP/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9
IP 179.61.143.12:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2f909640c005411f259ec6cc23ce0dd3
79fc7f41471d93e5546c7423922b2e80ba546e42
7d5953d623d44c0bc983e0bce829232c24011672c88f7fed3a6ea5aded04db5c
GET /o/2XXQ6DLP/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9 HTTP/1.1
Host: 17pq.expressedsupply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17pq.expressedsupply.com/t/8f0d93c8664e/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9/b171719c-3ee2-11ed-a12e-f1d59b8940b5
Cookie: XSRF-TOKEN=eyJpdiI6Ii9RYW9SVHQzdjR5OTFCY1VjNTI4Ymc9PSIsInZhbHVlIjoiVlN4WENHV1NxU0pzTldmQ01ENnhUNG9DcXBwMUEweSs3RVJtKzI4bmJvUlZ0SktTRnlab0xzdS84YjVYWVA0N253ZEZWU05WeDdBQnRqMGdzNnczNkR6NjNzVzREeU9hY3Y2OE1zQlNZemNJVXdPSnIwR2ZOUHR2aDhWL21Gbm4iLCJtYWMiOiIwY2QyZTI2OGVkZWI2MGUyYmJmYjg5OWM0YjViMmE2MzE0ZDAyY2Y4YWFlOGQ3Y2JmZWMyOTljMzNhMzkwMDFjIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IndvdFFPR2cxVEFSNGtwSGd6WkdFYnc9PSIsInZhbHVlIjoiaU9UaU9sYytTYjhuamhlRUNDa0RxYzMxdFpNS2xZeC9ZMW05eE1IM2cwUk1CVS90Um5GVE9EUlZ3L1hBZUN6ejdFZ2dLN1lnaTBndUZEU0R4NndsQjdvUlN2K041T2JQVXN0UzdMVTFPQW80bEZ6RFlJZjJhNHlxYzhqOXNVZlciLCJtYWMiOiJlNWMwNjNiYjA5N2I1OGEwOWQwYzQwYmM2Y2UyMTBmNzQ2ZGQ3ZWI0ZWRkMmE0Y2JmOTFhZWRjZmFhYzRjMTRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
date: Wed, 28 Sep 2022 04:04:48 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=b21516b2-3ee2-11ed-ac8b-751e9c80411d&
x-redir: true
set-cookie: XSRF-TOKEN=eyJpdiI6IlJHbkFvdEdHaERZQ3lSMDdaaW1XM1E9PSIsInZhbHVlIjoiWUxLdk1TemxHdlZHWEorR0lYTC9ncEJrVGJFNjRIenB2b0xNT2lGUkpPK2c4SGQxMkw1WE9ybFAyeG92UDNScThWTnpHRVVwcWdxaGRRSkRnN2lQQnRuNlh3RFZlNW5LRUhiTkNvajFGZHV5NURNdTY3ZDVlaHpVRnJtS2JlVFciLCJtYWMiOiJkZTkxOWFmZGFhMGRhOTRhYWQ2MzU1NWQ2NTRiN2EwNjYwY2U5ZTAzZjM2ZDliNzNkOGZjY2NhNTI2YzY0NTYzIiwidGFnIjoiIn0%3D; expires=Wed, 28 Sep 2022 06:04:48 GMT; Max-Age=7200; path=/; samesite=lax
yredir_session=eyJpdiI6InkxV0M4MlpYZXNjRHhxR2hTcEhlQ3c9PSIsInZhbHVlIjoiZmoxRG12Z050V0VRYTVDb2ltQlJhWXRvVzJ1NW56L2tBTHIxWTJ2clNTQnBTL3U1ZHRpNmF3TFArMThoT29xWGlyQ0EvTnpaL09DbkR2V2VqZnB3K0EwbnhyM05NZyt4SlR0TVFEWGh4K3VoS1dHa0JibW83anZ6QzVCbEFTWk8iLCJtYWMiOiIyY2NjOGNiYmE0N2IxYzFkYTNhOWViNmNlZGE5M2FiYzdlMzBhNjY2NWJmMzE0MWQzYmFhMmQ2N2JlM2FmNjllIiwidGFnIjoiIn0%3D; expires=Wed, 28 Sep 2022 06:04:48 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=15768000
17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/images/overlay2.png
179.61.143.12200 OK 19 kB URL HTTP/1.1 17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/images/overlay2.png
IP 179.61.143.12:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 300 x 325, 8-bit/color RGBA, non-interlaced\012- data
Hash 90f8155b00c6e9ec624a12e8a67bd264
fbf3b21af8cc2c2d44879f19f5893dbe696113f1
677aebad5741b57c1a3a51f8a65cd295a7aae1d656958313a882ef199f046418
GET /templates/templates/spin-casino_MASTER/images/overlay2.png HTTP/1.1
Host: 17pq.expressedsupply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17pq.expressedsupply.com/t/8f0d93c8664e/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9/b171719c-3ee2-11ed-a12e-f1d59b8940b5
Cookie: XSRF-TOKEN=eyJpdiI6Ii9RYW9SVHQzdjR5OTFCY1VjNTI4Ymc9PSIsInZhbHVlIjoiVlN4WENHV1NxU0pzTldmQ01ENnhUNG9DcXBwMUEweSs3RVJtKzI4bmJvUlZ0SktTRnlab0xzdS84YjVYWVA0N253ZEZWU05WeDdBQnRqMGdzNnczNkR6NjNzVzREeU9hY3Y2OE1zQlNZemNJVXdPSnIwR2ZOUHR2aDhWL21Gbm4iLCJtYWMiOiIwY2QyZTI2OGVkZWI2MGUyYmJmYjg5OWM0YjViMmE2MzE0ZDAyY2Y4YWFlOGQ3Y2JmZWMyOTljMzNhMzkwMDFjIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IndvdFFPR2cxVEFSNGtwSGd6WkdFYnc9PSIsInZhbHVlIjoiaU9UaU9sYytTYjhuamhlRUNDa0RxYzMxdFpNS2xZeC9ZMW05eE1IM2cwUk1CVS90Um5GVE9EUlZ3L1hBZUN6ejdFZ2dLN1lnaTBndUZEU0R4NndsQjdvUlN2K041T2JQVXN0UzdMVTFPQW80bEZ6RFlJZjJhNHlxYzhqOXNVZlciLCJtYWMiOiJlNWMwNjNiYjA5N2I1OGEwOWQwYzQwYmM2Y2UyMTBmNzQ2ZGQ3ZWI0ZWRkMmE0Y2JmOTFhZWRjZmFhYzRjMTRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Tue, 27 Sep 2022 08:45:07 GMT
last-modified: Wed, 21 Sep 2022 14:35:19 GMT
etag: "90f8155b00c6e9ec624a12e8a67bd264"
content-type: image/png
content-length: 18646
x-varnish: 156144297 155392930
age: 69582
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/images/overlay.png
179.61.143.12200 OK 19 kB URL HTTP/1.1 17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/images/overlay.png
IP 179.61.143.12:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 300 x 325, 8-bit/color RGBA, non-interlaced\012- data
Hash a3f2c95451c2201b26033d755a0164c9
f150487dacf8607e49c31abebaf034e34ef8e8aa
bd03836c50a13a9d0c5868a5656f4112f69909cc52c50ca21de772da164e13a2
GET /templates/templates/spin-casino_MASTER/images/overlay.png HTTP/1.1
Host: 17pq.expressedsupply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17pq.expressedsupply.com/t/8f0d93c8664e/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9/b171719c-3ee2-11ed-a12e-f1d59b8940b5
Cookie: XSRF-TOKEN=eyJpdiI6Ii9RYW9SVHQzdjR5OTFCY1VjNTI4Ymc9PSIsInZhbHVlIjoiVlN4WENHV1NxU0pzTldmQ01ENnhUNG9DcXBwMUEweSs3RVJtKzI4bmJvUlZ0SktTRnlab0xzdS84YjVYWVA0N253ZEZWU05WeDdBQnRqMGdzNnczNkR6NjNzVzREeU9hY3Y2OE1zQlNZemNJVXdPSnIwR2ZOUHR2aDhWL21Gbm4iLCJtYWMiOiIwY2QyZTI2OGVkZWI2MGUyYmJmYjg5OWM0YjViMmE2MzE0ZDAyY2Y4YWFlOGQ3Y2JmZWMyOTljMzNhMzkwMDFjIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IndvdFFPR2cxVEFSNGtwSGd6WkdFYnc9PSIsInZhbHVlIjoiaU9UaU9sYytTYjhuamhlRUNDa0RxYzMxdFpNS2xZeC9ZMW05eE1IM2cwUk1CVS90Um5GVE9EUlZ3L1hBZUN6ejdFZ2dLN1lnaTBndUZEU0R4NndsQjdvUlN2K041T2JQVXN0UzdMVTFPQW80bEZ6RFlJZjJhNHlxYzhqOXNVZlciLCJtYWMiOiJlNWMwNjNiYjA5N2I1OGEwOWQwYzQwYmM2Y2UyMTBmNzQ2ZGQ3ZWI0ZWRkMmE0Y2JmOTFhZWRjZmFhYzRjMTRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Tue, 27 Sep 2022 08:45:07 GMT
last-modified: Wed, 21 Sep 2022 14:35:19 GMT
etag: "a3f2c95451c2201b26033d755a0164c9"
content-type: image/png
content-length: 18661
x-varnish: 155904704 155045647
age: 69582
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/images/spin2.png
179.61.143.12200 OK 88 kB URL HTTP/1.1 17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/images/spin2.png
IP 179.61.143.12:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 639 x 479, 8-bit/color RGBA, non-interlaced\012- data
Hash f12f850a9ec2daa0b2dbb07e11252122
012a03ac053a0367ef9cdb76685a77d61f3d8a22
ada8eb4421bf605c058c123aa95bd5e4590b4507c68809f563c921e4db31ea8a
GET /templates/templates/spin-casino_MASTER/images/spin2.png HTTP/1.1
Host: 17pq.expressedsupply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17pq.expressedsupply.com/t/8f0d93c8664e/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9/b171719c-3ee2-11ed-a12e-f1d59b8940b5
Cookie: XSRF-TOKEN=eyJpdiI6Ii9RYW9SVHQzdjR5OTFCY1VjNTI4Ymc9PSIsInZhbHVlIjoiVlN4WENHV1NxU0pzTldmQ01ENnhUNG9DcXBwMUEweSs3RVJtKzI4bmJvUlZ0SktTRnlab0xzdS84YjVYWVA0N253ZEZWU05WeDdBQnRqMGdzNnczNkR6NjNzVzREeU9hY3Y2OE1zQlNZemNJVXdPSnIwR2ZOUHR2aDhWL21Gbm4iLCJtYWMiOiIwY2QyZTI2OGVkZWI2MGUyYmJmYjg5OWM0YjViMmE2MzE0ZDAyY2Y4YWFlOGQ3Y2JmZWMyOTljMzNhMzkwMDFjIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IndvdFFPR2cxVEFSNGtwSGd6WkdFYnc9PSIsInZhbHVlIjoiaU9UaU9sYytTYjhuamhlRUNDa0RxYzMxdFpNS2xZeC9ZMW05eE1IM2cwUk1CVS90Um5GVE9EUlZ3L1hBZUN6ejdFZ2dLN1lnaTBndUZEU0R4NndsQjdvUlN2K041T2JQVXN0UzdMVTFPQW80bEZ6RFlJZjJhNHlxYzhqOXNVZlciLCJtYWMiOiJlNWMwNjNiYjA5N2I1OGEwOWQwYzQwYmM2Y2UyMTBmNzQ2ZGQ3ZWI0ZWRkMmE0Y2JmOTFhZWRjZmFhYzRjMTRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Tue, 27 Sep 2022 08:44:36 GMT
last-modified: Wed, 21 Sep 2022 14:35:19 GMT
etag: "f12f850a9ec2daa0b2dbb07e11252122"
content-type: image/png
content-length: 88130
x-varnish: 156049131 155375167
age: 69613
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/images/spin1.png
179.61.143.12200 OK 85 kB URL HTTP/1.1 17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/images/spin1.png
IP 179.61.143.12:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 639 x 479, 8-bit/color RGBA, non-interlaced\012- data
Hash 827076646858c6cc499ec675c45b147d
4b6bf3459af50ba8db76d31f9dc3876b50a4c5fe
bc50750cd41cbabc77efc8143fb1b210c983a23e5c954b65b02562958b922e63
GET /templates/templates/spin-casino_MASTER/images/spin1.png HTTP/1.1
Host: 17pq.expressedsupply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17pq.expressedsupply.com/t/8f0d93c8664e/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9/b171719c-3ee2-11ed-a12e-f1d59b8940b5
Cookie: XSRF-TOKEN=eyJpdiI6Ii9RYW9SVHQzdjR5OTFCY1VjNTI4Ymc9PSIsInZhbHVlIjoiVlN4WENHV1NxU0pzTldmQ01ENnhUNG9DcXBwMUEweSs3RVJtKzI4bmJvUlZ0SktTRnlab0xzdS84YjVYWVA0N253ZEZWU05WeDdBQnRqMGdzNnczNkR6NjNzVzREeU9hY3Y2OE1zQlNZemNJVXdPSnIwR2ZOUHR2aDhWL21Gbm4iLCJtYWMiOiIwY2QyZTI2OGVkZWI2MGUyYmJmYjg5OWM0YjViMmE2MzE0ZDAyY2Y4YWFlOGQ3Y2JmZWMyOTljMzNhMzkwMDFjIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IndvdFFPR2cxVEFSNGtwSGd6WkdFYnc9PSIsInZhbHVlIjoiaU9UaU9sYytTYjhuamhlRUNDa0RxYzMxdFpNS2xZeC9ZMW05eE1IM2cwUk1CVS90Um5GVE9EUlZ3L1hBZUN6ejdFZ2dLN1lnaTBndUZEU0R4NndsQjdvUlN2K041T2JQVXN0UzdMVTFPQW80bEZ6RFlJZjJhNHlxYzhqOXNVZlciLCJtYWMiOiJlNWMwNjNiYjA5N2I1OGEwOWQwYzQwYmM2Y2UyMTBmNzQ2ZGQ3ZWI0ZWRkMmE0Y2JmOTFhZWRjZmFhYzRjMTRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Tue, 27 Sep 2022 08:45:08 GMT
last-modified: Wed, 21 Sep 2022 14:35:19 GMT
etag: "827076646858c6cc499ec675c45b147d"
content-type: image/png
content-length: 85123
x-varnish: 156116431 155488636
age: 69581
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/images/loader.gif
179.61.143.12200 OK 2.9 kB URL HTTP/1.1 17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/images/loader.gif
IP 179.61.143.12:0
ASN #61317 Ipxo Uk Limited
File type GIF image data, version 89a, 128 x 15\012- data
Hash 35de537ece3bfee3ab3f7af4c19e2151
9139201df5d36e1b2b9a8a6566683c95a49e0006
2a020670608060e8f05776815edaa0696f1dd553545ee49946e24be7741433f5
GET /templates/templates/spin-casino_MASTER/images/loader.gif HTTP/1.1
Host: 17pq.expressedsupply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17pq.expressedsupply.com/t/8f0d93c8664e/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9/b171719c-3ee2-11ed-a12e-f1d59b8940b5
Cookie: XSRF-TOKEN=eyJpdiI6Ii9RYW9SVHQzdjR5OTFCY1VjNTI4Ymc9PSIsInZhbHVlIjoiVlN4WENHV1NxU0pzTldmQ01ENnhUNG9DcXBwMUEweSs3RVJtKzI4bmJvUlZ0SktTRnlab0xzdS84YjVYWVA0N253ZEZWU05WeDdBQnRqMGdzNnczNkR6NjNzVzREeU9hY3Y2OE1zQlNZemNJVXdPSnIwR2ZOUHR2aDhWL21Gbm4iLCJtYWMiOiIwY2QyZTI2OGVkZWI2MGUyYmJmYjg5OWM0YjViMmE2MzE0ZDAyY2Y4YWFlOGQ3Y2JmZWMyOTljMzNhMzkwMDFjIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IndvdFFPR2cxVEFSNGtwSGd6WkdFYnc9PSIsInZhbHVlIjoiaU9UaU9sYytTYjhuamhlRUNDa0RxYzMxdFpNS2xZeC9ZMW05eE1IM2cwUk1CVS90Um5GVE9EUlZ3L1hBZUN6ejdFZ2dLN1lnaTBndUZEU0R4NndsQjdvUlN2K041T2JQVXN0UzdMVTFPQW80bEZ6RFlJZjJhNHlxYzhqOXNVZlciLCJtYWMiOiJlNWMwNjNiYjA5N2I1OGEwOWQwYzQwYmM2Y2UyMTBmNzQ2ZGQ3ZWI0ZWRkMmE0Y2JmOTFhZWRjZmFhYzRjMTRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Tue, 27 Sep 2022 08:45:08 GMT
last-modified: Wed, 21 Sep 2022 14:35:19 GMT
etag: "35de537ece3bfee3ab3f7af4c19e2151"
content-type: image/gif
content-length: 2892
x-varnish: 155904707 155519937
age: 69581
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 04:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://17pq.expressedsupply.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 16:04:44 GMT
expires: Sat, 23 Sep 2023 16:04:44 GMT
cache-control: public, max-age=31536000
age: 388805
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif
179.61.143.12200 OK 23 kB URL HTTP/1.1 17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif
IP 179.61.143.12:0
ASN #61317 Ipxo Uk Limited
File type GIF image data, version 89a, 500 x 150\012- data
Hash f79f189bde401dfac7723f7c963d0ef8
83530e9d6248767d661c4996c14414621c857ed6
bdc936e847facab60f4b4a9153dc8145ebccdeca49becc4cd684e007cd0459ca
GET /templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif HTTP/1.1
Host: 17pq.expressedsupply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IlJHbkFvdEdHaERZQ3lSMDdaaW1XM1E9PSIsInZhbHVlIjoiWUxLdk1TemxHdlZHWEorR0lYTC9ncEJrVGJFNjRIenB2b0xNT2lGUkpPK2c4SGQxMkw1WE9ybFAyeG92UDNScThWTnpHRVVwcWdxaGRRSkRnN2lQQnRuNlh3RFZlNW5LRUhiTkNvajFGZHV5NURNdTY3ZDVlaHpVRnJtS2JlVFciLCJtYWMiOiJkZTkxOWFmZGFhMGRhOTRhYWQ2MzU1NWQ2NTRiN2EwNjYwY2U5ZTAzZjM2ZDliNzNkOGZjY2NhNTI2YzY0NTYzIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6InkxV0M4MlpYZXNjRHhxR2hTcEhlQ3c9PSIsInZhbHVlIjoiZmoxRG12Z050V0VRYTVDb2ltQlJhWXRvVzJ1NW56L2tBTHIxWTJ2clNTQnBTL3U1ZHRpNmF3TFArMThoT29xWGlyQ0EvTnpaL09DbkR2V2VqZnB3K0EwbnhyM05NZyt4SlR0TVFEWGh4K3VoS1dHa0JibW83anZ6QzVCbEFTWk8iLCJtYWMiOiIyY2NjOGNiYmE0N2IxYzFkYTNhOWViNmNlZGE5M2FiYzdlMzBhNjY2NWJmMzE0MWQzYmFhMmQ2N2JlM2FmNjllIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Tue, 27 Sep 2022 08:45:13 GMT
last-modified: Wed, 21 Sep 2022 14:35:19 GMT
etag: "f79f189bde401dfac7723f7c963d0ef8"
content-type: image/gif
content-length: 23095
x-varnish: 155904708 155488648
age: 69576
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 04:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png
179.61.143.12200 OK 171 kB URL HTTP/1.1 17pq.expressedsupply.com/templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png
IP 179.61.143.12:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 142 x 7733, 8-bit colormap, non-interlaced\012- data
Size 171 kB (171408 bytes)
Hash 276c26514be610b5c6fa413756b33671
43c532ff2dc2ce6ed8360fc5d05116b222036e4b
453150bf90ff9debe217f3734a4d3cf4bf6ed9017635d4f2d867096132ad4e28
GET /templates/templates/spin-casino_MASTER/images/kr_reel.fs8.png HTTP/1.1
Host: 17pq.expressedsupply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17pq.expressedsupply.com/t/8f0d93c8664e/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9/b171719c-3ee2-11ed-a12e-f1d59b8940b5
Cookie: XSRF-TOKEN=eyJpdiI6Ii9RYW9SVHQzdjR5OTFCY1VjNTI4Ymc9PSIsInZhbHVlIjoiVlN4WENHV1NxU0pzTldmQ01ENnhUNG9DcXBwMUEweSs3RVJtKzI4bmJvUlZ0SktTRnlab0xzdS84YjVYWVA0N253ZEZWU05WeDdBQnRqMGdzNnczNkR6NjNzVzREeU9hY3Y2OE1zQlNZemNJVXdPSnIwR2ZOUHR2aDhWL21Gbm4iLCJtYWMiOiIwY2QyZTI2OGVkZWI2MGUyYmJmYjg5OWM0YjViMmE2MzE0ZDAyY2Y4YWFlOGQ3Y2JmZWMyOTljMzNhMzkwMDFjIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6IndvdFFPR2cxVEFSNGtwSGd6WkdFYnc9PSIsInZhbHVlIjoiaU9UaU9sYytTYjhuamhlRUNDa0RxYzMxdFpNS2xZeC9ZMW05eE1IM2cwUk1CVS90Um5GVE9EUlZ3L1hBZUN6ejdFZ2dLN1lnaTBndUZEU0R4NndsQjdvUlN2K041T2JQVXN0UzdMVTFPQW80bEZ6RFlJZjJhNHlxYzhqOXNVZlciLCJtYWMiOiJlNWMwNjNiYjA5N2I1OGEwOWQwYzQwYmM2Y2UyMTBmNzQ2ZGQ3ZWI0ZWRkMmE0Y2JmOTFhZWRjZmFhYzRjMTRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Tue, 27 Sep 2022 11:00:41 GMT
last-modified: Wed, 21 Sep 2022 14:35:19 GMT
etag: "276c26514be610b5c6fa413756b33671"
content-type: image/png
content-length: 171408
x-varnish: 155904705 155434209
age: 61448
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
17pq.expressedsupply.com/_common/js/service-workers/neptuneads/service-worker.js
179.61.143.12200 OK 90 B URL HTTP/1.1 17pq.expressedsupply.com/_common/js/service-workers/neptuneads/service-worker.js
IP 179.61.143.12:0
ASN #61317 Ipxo Uk Limited
File type ASCII text, with no line terminators
Hash 1060884cf64d39c3fb28309d83ead97c
6c370dffa201da316e7dc11ff7ac7fec556a1273
d299b7fe0f0da619c1a2c016f631cf004b8a7f92fdb0104dfb6fc0ab03105123
GET /_common/js/service-workers/neptuneads/service-worker.js HTTP/1.1
Host: 17pq.expressedsupply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJHbkFvdEdHaERZQ3lSMDdaaW1XM1E9PSIsInZhbHVlIjoiWUxLdk1TemxHdlZHWEorR0lYTC9ncEJrVGJFNjRIenB2b0xNT2lGUkpPK2c4SGQxMkw1WE9ybFAyeG92UDNScThWTnpHRVVwcWdxaGRRSkRnN2lQQnRuNlh3RFZlNW5LRUhiTkNvajFGZHV5NURNdTY3ZDVlaHpVRnJtS2JlVFciLCJtYWMiOiJkZTkxOWFmZGFhMGRhOTRhYWQ2MzU1NWQ2NTRiN2EwNjYwY2U5ZTAzZjM2ZDliNzNkOGZjY2NhNTI2YzY0NTYzIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6InkxV0M4MlpYZXNjRHhxR2hTcEhlQ3c9PSIsInZhbHVlIjoiZmoxRG12Z050V0VRYTVDb2ltQlJhWXRvVzJ1NW56L2tBTHIxWTJ2clNTQnBTL3U1ZHRpNmF3TFArMThoT29xWGlyQ0EvTnpaL09DbkR2V2VqZnB3K0EwbnhyM05NZyt4SlR0TVFEWGh4K3VoS1dHa0JibW83anZ6QzVCbEFTWk8iLCJtYWMiOiIyY2NjOGNiYmE0N2IxYzFkYTNhOWViNmNlZGE5M2FiYzdlMzBhNjY2NWJmMzE0MWQzYmFhMmQ2N2JlM2FmNjllIiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=b087ec21-f265-794d-7c56-421fc1cee45f
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 27 Sep 2022 08:44:08 GMT
last-modified: Fri, 20 May 2022 14:50:35 GMT
etag: "1060884cf64d39c3fb28309d83ead97c"
content-type: application/javascript
content-length: 90
service-worker-allowed: /
x-varnish: 156116434 155375080
age: 69641
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
17pq.expressedsupply.com/favicon.ico
179.61.143.12403 Forbidden 243 B URL HTTP/1.1 17pq.expressedsupply.com/favicon.ico
IP 179.61.143.12:0
ASN #61317 Ipxo Uk Limited
File type XML 1.0 document text\012- XML document, ASCII text
Hash afc8600e19a18f347c55b6bd21086a5f
2e8cbfa70ce6b2a30b11b0cd07723b00e581c77a
3084eedee85ba28fcc12a5e32d40fddb053fe4e10a6dc66082e8090e17c65923
GET /favicon.ico HTTP/1.1
Host: 17pq.expressedsupply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17pq.expressedsupply.com/t/8f0d93c8664e/b16c2dfe-3ee2-11ed-8295-bfda4e7bf3e9/b171719c-3ee2-11ed-a12e-f1d59b8940b5
Cookie: XSRF-TOKEN=eyJpdiI6IlJHbkFvdEdHaERZQ3lSMDdaaW1XM1E9PSIsInZhbHVlIjoiWUxLdk1TemxHdlZHWEorR0lYTC9ncEJrVGJFNjRIenB2b0xNT2lGUkpPK2c4SGQxMkw1WE9ybFAyeG92UDNScThWTnpHRVVwcWdxaGRRSkRnN2lQQnRuNlh3RFZlNW5LRUhiTkNvajFGZHV5NURNdTY3ZDVlaHpVRnJtS2JlVFciLCJtYWMiOiJkZTkxOWFmZGFhMGRhOTRhYWQ2MzU1NWQ2NTRiN2EwNjYwY2U5ZTAzZjM2ZDliNzNkOGZjY2NhNTI2YzY0NTYzIiwidGFnIjoiIn0%3D; yredir_session=eyJpdiI6InkxV0M4MlpYZXNjRHhxR2hTcEhlQ3c9PSIsInZhbHVlIjoiZmoxRG12Z050V0VRYTVDb2ltQlJhWXRvVzJ1NW56L2tBTHIxWTJ2clNTQnBTL3U1ZHRpNmF3TFArMThoT29xWGlyQ0EvTnpaL09DbkR2V2VqZnB3K0EwbnhyM05NZyt4SlR0TVFEWGh4K3VoS1dHa0JibW83anZ6QzVCbEFTWk8iLCJtYWMiOiIyY2NjOGNiYmE0N2IxYzFkYTNhOWViNmNlZGE5M2FiYzdlMzBhNjY2NWJmMzE0MWQzYmFhMmQ2N2JlM2FmNjllIiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=b087ec21-f265-794d-7c56-421fc1cee45f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 403 Forbidden
content-type: application/xml
date: Tue, 27 Sep 2022 08:44:30 GMT
x-varnish: 155904709 155426986
age: 69617
via: 1.1 varnish (Varnish/7.0)
content-length: 243
strict-transport-security: max-age=15768000
pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true
172.64.111.28200 OK 0 B URL HTTP/2 pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true
IP 172.64.111.28:0
GET /javascripts/trackpush-v2-vapid.js?v=1&custom=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17pq.expressedsupply.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 04:04:49 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: HIT
age: 7071
last-modified: Wed, 28 Sep 2022 02:06:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1mtGPwbnNQ8F6zG%2FyWporf4UtxWViOxLs07xL3TgTLHTpKOB38gi1qKGMuwKopYRV1LW%2BBOxjHXkCoVFExbz9uWc8LiUKxdTjPDK1B5D5WSZTy7Brc%2FcNEz3OGgucHL3L4P73DqNGn5qARaBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751998e12ff0e668-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=b21516b2-3ee2-11ed-ac8b-751e9c80411d&
172.64.111.28200 OK 0 B URL HTTP/2 pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=b21516b2-3ee2-11ed-ac8b-751e9c80411d&
IP 172.64.111.28:0
GET /tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=b21516b2-3ee2-11ed-ac8b-751e9c80411d& HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://17pq.expressedsupply.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 04:04:49 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: MISS
last-modified: Wed, 28 Sep 2022 04:04:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bU7Lu6M8kH7jcWgnfm8tDETyqCil3En3PNS8E2zaWlYX4sQ4rl%2BFyyX14pu1KF4K%2B6U5EyAiSttwT1BFZlE8iIvtrR1fM5zag16yzPBv3On0j6gX7jt7jEm3cYtElDkJ3CBgiRfDpIX9sHx%2FjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751998df0f4be668-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2