sparshnesiah.blogspot.com/2022/12/23-ricetta-porridge-light-proteico.html
301 Moved Permanently 217 B URL HTTP/1.1 sparshnesiah.blogspot.com/2022/12/23-ricetta-porridge-light-proteico.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f6d6320c551dbc7c3164eba307dd09ae
ed0444d1fcac01df1e38711659177da8efbc3c0c
b1a54c7623d93ffadcd5cd3b14bc3fc82e888315cb1fbf6c48c8b5af23888a5b
GET /2022/12/23-ricetta-porridge-light-proteico.html HTTP/1.1
Host: sparshnesiah.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://sparshnesiah.blogspot.com/2022/12/23-ricetta-porridge-light-proteico.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 11:25:40 GMT
Expires: Tue, 06 Dec 2022 11:25:40 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 217
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8630
Expires: Tue, 06 Dec 2022 13:49:30 GMT
Date: Tue, 06 Dec 2022 11:25:40 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2619
Cache-Control: max-age=85758
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:40 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:14:58 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8699
Expires: Tue, 06 Dec 2022 13:50:39 GMT
Date: Tue, 06 Dec 2022 11:25:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 11:20:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 317
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SLrSiBG5W0sUhHB/lmFCem0jYho7cNT1laIUYmVFv1KxmL0Qwt98npqcouTR3+DMFZpFE+EKP7Q=
x-amz-request-id: EJHX8G2K35XTJ2GA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 10:48:54 GMT
age: 2206
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ce278e6fa3d34e3cc75a5ef879018ba5
18bb58a1d5c6057dc635664334edcddca3d085b9
6852446f2900885082395b9cb669fa0f6a4116f919493a1827119bb8c9025e6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 11:25:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 11:08:58 GMT
cache-control: public,max-age=3600
age: 1003
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ce278e6fa3d34e3cc75a5ef879018ba5
18bb58a1d5c6057dc635664334edcddca3d085b9
6852446f2900885082395b9cb669fa0f6a4116f919493a1827119bb8c9025e6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2593
Cache-Control: max-age=167062
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 09:50:03 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
sparshnesiah.blogspot.com/2022/12/23-ricetta-porridge-light-proteico.html
200 OK 57 kB URL HTTP/2 sparshnesiah.blogspot.com/2022/12/23-ricetta-porridge-light-proteico.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (12212)
Hash c867636378652193167ed6ca1eae042d
4b6e88d7b5321d89e07ad79960bfac47a4d04e59
7188c1dd9962d9609ffeee7ab2fa09804f27e90c912d0a8515a950c43fe698be
GET /2022/12/23-ricetta-porridge-light-proteico.html HTTP/1.1
Host: sparshnesiah.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type: text/html; charset=UTF-8
expires: Tue, 06 Dec 2022 11:25:41 GMT
date: Tue, 06 Dec 2022 11:25:41 GMT
cache-control: private, max-age=0
last-modified: Tue, 06 Dec 2022 03:03:16 GMT
etag: W/"6e175bd1c113c4607322b5da6465dddde04ea9991f60a3140eced9234149b49e"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 57106
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4759d6ca26cf8a070066d71b02fac91d
85695e27b097c8d40ea86439854084fc0b3967d3
d20b9793d654c41c562be52e3d5f3840f7bec0db031bda79a42c93959ff88a63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Tue, 06 Dec 2022 11:25:41 GMT
expires: Tue, 06 Dec 2022 11:25:41 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/www.ricettealvolo.it/wp-content/uploads/2015/06/porridge-logo.jpg?ssl=1
200 OK 164 kB URL HTTP/2 i0.wp.com/www.ricettealvolo.it/wp-content/uploads/2015/06/porridge-logo.jpg?ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x847, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 164 kB (163968 bytes)
Hash 1d31c423d4c5f38b8234d5c3ceb388e3
fc9c7010c3302e9c9c4f8a2bce1a58c1b79a7929
f922c9a232610ce312f31bb746c4bab2967c57cf7161935978770ad575cbc50f
GET /www.ricettealvolo.it/wp-content/uploads/2015/06/porridge-logo.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 11:25:41 GMT
content-type: image/webp
content-length: 163968
last-modified: Thu, 01 Dec 2022 05:16:35 GMT
expires: Sat, 30 Nov 2024 17:16:35 GMT
cache-control: public, max-age=63115200
link: <https://www.ricettealvolo.it/wp-content/uploads/2015/06/porridge-logo.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "2c203296f3c2db4d"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash dda238a05215b8c958b469b35aa6b616
ca9a51cf7396cd65d6dc269e2a8525961d9f4aac
6ebf84897edef8580c2ab4ab8360d10840adc71b172e3bbddd89ac79c6b02987
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 462
Cache-Control: max-age=101199
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Etag: "638e0d36-117"
Expires: Wed, 07 Dec 2022 15:32:20 GMT
Last-Modified: Mon, 05 Dec 2022 15:24:38 GMT
Server: ECS (amb/6BC1)
X-Cache: HIT
Content-Length: 279
i0.wp.com/www.ricettevegolose.com/wp-content/uploads/2020/03/Granola_proteica_fatta_in_casa_ricetta.jpg?resize=665%2C435&ssl=1
200 OK 92 kB URL HTTP/2 i0.wp.com/www.ricettevegolose.com/wp-content/uploads/2020/03/Granola_proteica_fatta_in_casa_ricetta.jpg?resize=665%2C435&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 665x435, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 591087eb16a8d9d006c12807ef7d83ac
e248f5bb39eb7ab145207baa8d897fb663a786bf
0e434b2cf28d25307319104be93e3b34171f46b1dc572b41731aa69487903ec0
GET /www.ricettevegolose.com/wp-content/uploads/2020/03/Granola_proteica_fatta_in_casa_ricetta.jpg?resize=665%2C435&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 11:25:41 GMT
content-type: image/webp
content-length: 91484
last-modified: Tue, 06 Dec 2022 11:25:41 GMT
expires: Thu, 05 Dec 2024 23:25:41 GMT
cache-control: public, max-age=63115200
link: <https://www.ricettevegolose.com/wp-content/uploads/2020/03/Granola_proteica_fatta_in_casa_ricetta.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "9202c19ec911d25b"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2355
Cache-Control: max-age=121117
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 21:04:18 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:41 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 567129
expires: Sun, 26 Nov 2023 11:25:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdBurmP%2BmEoSa9XMx0z8REmgf%2Bqv6iSEHfm%2FFukP08ePKrI%2B8sBB2tmunAGzXpIMZ9%2BHi16hI0P7GkKQW0jcCBnARC5xwSZTDE5o8slGbOQVZCsls1rtkDreFl3No7hODH%2FkmilV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7754a98fd8810b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d0a4298298230aea5ddb15915a28de37
5a9a31ac970f2395aa12cd5038476d0f7ed42e10
1803a1821db5c4478725a6362f5dc7c8f4d4fce436b233e176ff793e5fc76cad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d9eb2870e59b2313c46529a862dd2abc
710d2370fd65b0bb34d0c633497f4494258a94e4
3c5603cc9fc783be2538c54616e719e129e59c2cd9f9769f52adf3ebc933bfce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
res.cloudinary.com/oreegano/image/upload/c_fill,f_auto,g_center,h_200,q_auto,w_200/v1547934865/venkghwzvrvlc4mzp7xb.jpg
200 OK 5.8 kB URL HTTP/2 res.cloudinary.com/oreegano/image/upload/c_fill,f_auto,g_center,h_200,q_auto,w_200/v1547934865/venkghwzvrvlc4mzp7xb.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ae6df9262aba5b04aaa6a63c1db9459d
3392082f77da40b918112d57d96924cd085449dd
2b98ea3b87fa6e83b067fe662f6d6c8766f97e9210cd66acb4e9f95fdb8deaa6
GET /oreegano/image/upload/c_fill,f_auto,g_center,h_200,q_auto,w_200/v1547934865/venkghwzvrvlc4mzp7xb.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="venkghwzvrvlc4mzp7xb.webp"
content-type: image/webp
etag: "ae6df9262aba5b04aaa6a63c1db9459d"
last-modified: Sun, 07 Apr 2019 15:54:22 GMT
date: Tue, 06 Dec 2022 11:25:41 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=156;cpu=1;start=2022-12-06T11:25:41.634Z;desc=miss,rtt;dur=14,cloudinary;dur=62;start=2022-12-06T11:25:41.681Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 5778
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
res.cloudinary.com/oreegano/image/upload/c_fill,f_auto,g_center,h_200,q_auto,w_200/v1547934609/tfpzfw2ashwg4wmr6jwf.jpg
200 OK 7.0 kB URL HTTP/2 res.cloudinary.com/oreegano/image/upload/c_fill,f_auto,g_center,h_200,q_auto,w_200/v1547934609/tfpzfw2ashwg4wmr6jwf.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e24eaff7c17add09c88087c3aaa5d333
941c7c32c86bb86d7e01c742a29b2c0696b85fef
bbe8f10d715192f1bc1dda0c0110133f393ad9bb333ac25c34120822eb8232a8
GET /oreegano/image/upload/c_fill,f_auto,g_center,h_200,q_auto,w_200/v1547934609/tfpzfw2ashwg4wmr6jwf.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="tfpzfw2ashwg4wmr6jwf.webp"
content-type: image/webp
etag: "e24eaff7c17add09c88087c3aaa5d333"
last-modified: Sun, 07 Apr 2019 15:54:22 GMT
date: Tue, 06 Dec 2022 11:25:41 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=159;cpu=0;start=2022-12-06T11:25:41.639Z;desc=miss,rtt;dur=13,cloudinary;dur=66;start=2022-12-06T11:25:41.686Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 6952
X-Firefox-Spdy: h2
i0.wp.com/www.eroidelgusto.it/wp-content/uploads/2019/03/IMG_20190228_074956.jpg?fit=1000%2C1025&ssl=1
200 OK 265 kB URL HTTP/2 i0.wp.com/www.eroidelgusto.it/wp-content/uploads/2019/03/IMG_20190228_074956.jpg?fit=1000%2C1025&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x1025, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 265 kB (264580 bytes)
Hash 6bb7e2113d3e7115882d8b402c897572
e78abcb516d80d2dbbe03f8010dfa392ba192f21
017aab42efe980d060e95ecff08ed32221e832d405a4b7a24bdb6b37c0c20747
GET /www.eroidelgusto.it/wp-content/uploads/2019/03/IMG_20190228_074956.jpg?fit=1000%2C1025&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 11:25:41 GMT
content-type: image/webp
content-length: 264580
last-modified: Tue, 06 Dec 2022 11:25:41 GMT
expires: Thu, 05 Dec 2024 23:25:41 GMT
cache-control: public, max-age=63115200
link: <https://www.eroidelgusto.it/wp-content/uploads/2019/03/IMG_20190228_074956.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "0e8be36d13f1f5e8"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
200 OK 157 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP
File type ASCII text, with very long lines (2221)
Size 157 kB (156915 bytes)
Hash 64d62574443f9d2148012af05abf60ac
16fc9b9b71eb94dbfdc15da12e9b3f21dfe1636e
c752966435826f865df5163012e3066bd9f0339b1959098323533be261741246
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 156915
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 05:43:30 GMT
expires: Wed, 06 Dec 2023 05:43:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 08:51:54 GMT
content-type: text/javascript
age: 20531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash dda238a05215b8c958b469b35aa6b616
ca9a51cf7396cd65d6dc269e2a8525961d9f4aac
6ebf84897edef8580c2ab4ab8360d10840adc71b172e3bbddd89ac79c6b02987
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Etag: "638e0d36-117"
Server: ECS (amb/6B94)
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash dda238a05215b8c958b469b35aa6b616
ca9a51cf7396cd65d6dc269e2a8525961d9f4aac
6ebf84897edef8580c2ab4ab8360d10840adc71b172e3bbddd89ac79c6b02987
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=100737
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Etag: "638e0d36-117"
Expires: Wed, 07 Dec 2022 15:24:38 GMT
Last-Modified: Mon, 05 Dec 2022 15:24:38 GMT
Server: nginx
Content-Length: 279
i.ytimg.com/vi/2-GWqc7Djho/maxresdefault.jpg
200 OK 116 kB URL HTTP/2 i.ytimg.com/vi/2-GWqc7Djho/maxresdefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 116 kB (116546 bytes)
Hash ae08f25ff50e6b1e25ed0909dcab61af
fa586169b82305248d9f1ea43bbb7845dd613ba1
90478edcde19728891cc899220eda640ab040c75b9a1e2d2c9f83b1f72833c7d
GET /vi/2-GWqc7Djho/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 116546
date: Tue, 06 Dec 2022 11:25:41 GMT
expires: Tue, 06 Dec 2022 13:25:41 GMT
cache-control: public, max-age=7200
etag: "1529848253"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VKMAs/mJPexA7NXKhL51/Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LSMl9uWE3XrGUTa6is234r558zA=
ocsp.digicert.com/
200 OK 279 B IP
Hash dda238a05215b8c958b469b35aa6b616
ca9a51cf7396cd65d6dc269e2a8525961d9f4aac
6ebf84897edef8580c2ab4ab8360d10840adc71b172e3bbddd89ac79c6b02987
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Last-Modified: Tue, 06 Dec 2022 11:25:41 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
res.cloudinary.com/oreegano/image/upload/c_fill,f_auto,g_center,h_800,q_auto,w_800/v1547934519/pcqpfq8sf9461xxymb5z.jpg
200 OK 39 kB URL HTTP/2 res.cloudinary.com/oreegano/image/upload/c_fill,f_auto,g_center,h_800,q_auto,w_800/v1547934519/pcqpfq8sf9461xxymb5z.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fc8d069c8865c3083e9d8316273b702c
e6ba09132b0b03c75faa189c6230a5aa5f3c67ec
7b6e6d89d114d4e4367e38278806f22b675720a3cf847efe7f8a7c4a81722cce
GET /oreegano/image/upload/c_fill,f_auto,g_center,h_800,q_auto,w_800/v1547934519/pcqpfq8sf9461xxymb5z.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="pcqpfq8sf9461xxymb5z.webp"
content-type: image/webp
etag: "fc8d069c8865c3083e9d8316273b702c"
last-modified: Thu, 28 Feb 2019 20:14:13 GMT
date: Tue, 06 Dec 2022 11:25:41 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=145;cpu=1;start=2022-12-06T11:25:41.634Z;desc=miss,rtt;dur=14,cloudinary;dur=51;start=2022-12-06T11:25:41.681Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 39012
X-Firefox-Spdy: h2
bayupras.com/ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
200 OK 0 B URL HTTP/2 bayupras.com/ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:41 GMT
content-type: application/javascript
content-length: 0
cache-control: public, max-age=604800
expires: Mon, 12 Dec 2022 18:26:55 GMT
last-modified: Tue, 22 Nov 2022 07:22:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 61126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BBsItMi8sSn8VJqlpgA1eEfZH6jif4njZLvIEeLjfRqU6DOlEwPu%2B5ILwDV13jVbK7d0zN40ez8VUNR6eW4UilDEdkqW4Cf%2BcFJQ4S1lbly2610PQ32aHSbUkLC6Ow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a990ac52b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash dda238a05215b8c958b469b35aa6b616
ca9a51cf7396cd65d6dc269e2a8525961d9f4aac
6ebf84897edef8580c2ab4ab8360d10840adc71b172e3bbddd89ac79c6b02987
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=100737
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Etag: "638e0d36-117"
Expires: Wed, 07 Dec 2022 15:24:38 GMT
Last-Modified: Mon, 05 Dec 2022 15:24:38 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash dda238a05215b8c958b469b35aa6b616
ca9a51cf7396cd65d6dc269e2a8525961d9f4aac
6ebf84897edef8580c2ab4ab8360d10840adc71b172e3bbddd89ac79c6b02987
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Etag: "638e0d36-117"
Server: ECS (amb/6B86)
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 280 B IP
Hash 3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1630
Cache-Control: max-age=120392
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 20:52:13 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/2-1657201135.png?crop=1xw:1xh;center,top&resize=480:*
200 OK 265 kB URL HTTP/2 hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/2-1657201135.png?crop=1xw:1xh;center,top&resize=480:*
IP
File type PNG image data, 480 x 270, 8-bit/color RGBA, non-interlaced\012- data
Size 265 kB (265431 bytes)
Hash d21fc02ef3a4333ed344309e195249d1
c6bc06c4049ec2f2dbd9cacc8c204054363942bd
5d117cc1bd48eefd934d66c320aa8be6863be8620afb82a5e1066dfaabdc0eb6
GET /hmg-prod.s3.amazonaws.com/images/2-1657201135.png?crop=1xw:1xh;center,top&resize=480:* HTTP/1.1
Host: hips.hearstapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, stale-while-revalidate=604800
content-type: image/png
x-animated: 0
x-canonical-ops: crop=1600:900;0,0&resize=480:270
x-image-dimensions: 480:270
x-source-image-dimensions: 1600:900
access-control-allow-origin: *
x-robots-tag: all
accept-ranges: bytes
date: Tue, 06 Dec 2022 11:25:41 GMT
age: 1967444
x-cache: HIT, MISS
timing-allow-origin: *
content-length: 265431
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d9eb2870e59b2313c46529a862dd2abc
710d2370fd65b0bb34d0c633497f4494258a94e4
3c5603cc9fc783be2538c54616e719e129e59c2cd9f9769f52adf3ebc933bfce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.metodiperdimagrire.it/wp-content/uploads/2021/01/porridge-ricetta.jpg
200 OK 155 kB URL HTTP/2 www.metodiperdimagrire.it/wp-content/uploads/2021/01/porridge-ricetta.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, description=top view of oatmeal porridge in a bowl and fresh berries and nuts on the wooden white rustic background, orientation=upper-left, xresolution=262, yresolution=270, resolutionunit=2, software=Adobe Photoshop 22.1 (Macintosh), datetime=2021:01:30 16:50:37], baseline, precision 8, 850x567, components 3\012- data
Size 155 kB (154779 bytes)
Hash a7e01acdc9b10235b777da2b599a9ff0
787252b4bdf366fc7ca0a48f76bebb8c390eed25
61c7ef26cd05a5894bd89ec30df82139942a9ee3d1b1b9f9ba8283541cd4c268
GET /wp-content/uploads/2021/01/porridge-ricetta.jpg HTTP/1.1
Host: www.metodiperdimagrire.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 30 Jan 2021 15:50:47 GMT
accept-ranges: bytes
content-length: 154779
cache-control: max-age=10368000, public
expires: Wed, 05 Apr 2023 11:25:41 GMT
vary: Accept-Encoding
content-type: image/jpeg
date: Tue, 06 Dec 2022 11:25:41 GMT
server: Apache
X-Firefox-Spdy: h2
i2.wp.com/frankderosa.it/wp-content/uploads/2017/07/porridge_proteico2.jpg?fit=1280%2C738&ssl=1
200 OK 97 kB URL HTTP/2 i2.wp.com/frankderosa.it/wp-content/uploads/2017/07/porridge_proteico2.jpg?fit=1280%2C738&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x738, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3a9bf950e838af4c3313c1ba9db33278
afcb4aa725bba2675b85a307e8c84eb792447752
98e3bdab2b4179207d141070dcdc8f9c65bdf8da18104c7f177adde3cc544364
GET /frankderosa.it/wp-content/uploads/2017/07/porridge_proteico2.jpg?fit=1280%2C738&ssl=1 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 11:25:42 GMT
content-type: image/webp
content-length: 97186
last-modified: Tue, 06 Dec 2022 11:25:41 GMT
expires: Thu, 05 Dec 2024 23:25:41 GMT
cache-control: public, max-age=63115200
link: <https://frankderosa.it/wp-content/uploads/2017/07/porridge_proteico2.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "f439f58e475d7964"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d0a4298298230aea5ddb15915a28de37
5a9a31ac970f2395aa12cd5038476d0f7ed42e10
1803a1821db5c4478725a6362f5dc7c8f4d4fce436b233e176ff793e5fc76cad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=6756886624952126283&zx=60a03b68-e386-4071-adee-74637920d870
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=6756886624952126283&zx=60a03b68-e386-4071-adee-74637920d870
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=6756886624952126283&zx=60a03b68-e386-4071-adee-74637920d870 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Dec 2022 11:25:42 GMT
last-modified: Tue, 06 Dec 2022 11:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash d961520383e50acab5d057eefe4745b1
c64a409ffa2171025a62c248893ac27cd991df79
cfa8a2a4202b07cf8903ebd254cce8e0cd9fb49166b6ccde2364aa576f939d67
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3464
Cache-Control: max-age=103888
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:42 GMT
Etag: "638e0bfe-117"
Expires: Wed, 07 Dec 2022 16:17:10 GMT
Last-Modified: Mon, 05 Dec 2022 15:19:26 GMT
Server: ECS (amb/6BBA)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 007f06d0a9f50d66be88b3ddf28ecd8b
214ecccda1994c59b0b4e19f05435cb482148e7f
14e4152570b9c55d6cb83965c52a4eb6048d7df7db6b892c770ab66f4700fb51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 007f06d0a9f50d66be88b3ddf28ecd8b
214ecccda1994c59b0b4e19f05435cb482148e7f
14e4152570b9c55d6cb83965c52a4eb6048d7df7db6b892c770ab66f4700fb51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 007f06d0a9f50d66be88b3ddf28ecd8b
214ecccda1994c59b0b4e19f05435cb482148e7f
14e4152570b9c55d6cb83965c52a4eb6048d7df7db6b892c770ab66f4700fb51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i2.wp.com/frankderosa.it/wp-content/uploads/2017/07/porridge_proteico.jpg?resize=750%2C474&ssl=1
200 OK 45 kB URL HTTP/2 i2.wp.com/frankderosa.it/wp-content/uploads/2017/07/porridge_proteico.jpg?resize=750%2C474&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 750x474, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 960d31f1fe9a5daf151c1cb0111e0180
dec4f53a644c2ea8f5a12e76c2724b73945e21c8
b2ce5af8b22108aecce51b0b3ce4541067ab31bf14d90f0873dd9c2466392809
GET /frankderosa.it/wp-content/uploads/2017/07/porridge_proteico.jpg?resize=750%2C474&ssl=1 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 11:25:42 GMT
content-type: image/webp
content-length: 44790
last-modified: Tue, 06 Dec 2022 11:25:42 GMT
expires: Thu, 05 Dec 2024 23:25:42 GMT
cache-control: public, max-age=63115200
link: <https://frankderosa.it/wp-content/uploads/2017/07/porridge_proteico.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "82125049d3ca744a"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Mon, 05 Dec 2022 20:43:43 GMT
expires: Mon, 19 Dec 2022 20:43:43 GMT
cache-control: public, max-age=1209600
age: 52919
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 1de07fd95760318c8fbc36e259a17a80
dcde9dbbc110df20d138b55d68394757f3d2c9df
85e0e61a02b0929262e1053d8d2cb34dceb7c19f009e5b8a20ed446c35bde9c7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 11:25:42 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 07:06:37 GMT
Expires: Sat, 10 Dec 2022 07:06:36 GMT
Etag: "dcde9dbbc110df20d138b55d68394757f3d2c9df"
Cache-Control: max-age=329453,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7754a9922f2ffac0-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 162108a8ede50125255ac3832904b5ae
540d9393453ee355cac6e1a911dafa942a6d21e6
a90d62761ab514ff2efd88d07dcbd5793bc21d5a27315cc0cbe7585a056821bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A90D62761AB514FF2EFD88D07DCBD5793BC21D5A27315CC0CBE7585A056821BF"
Last-Modified: Sun, 04 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 17:25:42 GMT
Date: Tue, 06 Dec 2022 11:25:42 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 622a7d02bb051f412f9828b0ef812338
819d11da7b8095f6d9f6c432ad9632bd839a77cd
7367ebd46c4c64d5af8b4cbc2a5e540131e4098d1a95c145582206d817aadedf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7367EBD46C4C64D5AF8B4CBC2A5E540131E4098D1A95C145582206D817AADEDF"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Tue, 06 Dec 2022 17:25:26 GMT
Date: Tue, 06 Dec 2022 11:25:42 GMT
Connection: keep-alive
www.fitwithfun.it/wp-content/uploads/2019/07/Porridge-Freddo-ai-Frutti-di-Bosco-e-Arachidi-sito-320x240.jpg
200 OK 39 kB URL HTTP/2 www.fitwithfun.it/wp-content/uploads/2019/07/Porridge-Freddo-ai-Frutti-di-Bosco-e-Arachidi-sito-320x240.jpg
IP
ASN #24961 myLoc managed IT AG
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=16, manufacturer=Sony, model=F3211, orientation=upper-left, xresolution=270, yresolution=278, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2019:07:15 20:27:51], baseline, precision 8, 320x240, components 3\012- data
Hash 53d0c17b111d9e8d971131fb0a2f0e75
1747b32887bcc4d5684ee1260848a1c6eddcc4f1
85d46287545fc1fe99c7ff7bc46dff10ec2fe3fb261ea284b3c09666b1c4ce17
GET /wp-content/uploads/2019/07/Porridge-Freddo-ai-Frutti-di-Bosco-e-Arachidi-sito-320x240.jpg HTTP/1.1
Host: www.fitwithfun.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 11:25:42 GMT
content-type: image/jpeg
content-length: 39395
last-modified: Mon, 15 Jul 2019 19:31:57 GMT
etag: "5d2cd4ad-99e3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 769c4a707d97b10328277648c914c9b8
280502d85be9a5d526428bf7db1d4ff9ecfd3591
f25b701d8dd630960d6bd123673a26d94db9be8aeb3e84347399220dd6b128b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F25B701D8DD630960D6BD123673A26D94DB9BE8AEB3E84347399220DD6B128B5"
Last-Modified: Sun, 04 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Tue, 06 Dec 2022 17:25:31 GMT
Date: Tue, 06 Dec 2022 11:25:42 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3b9A7-RlOGci0BWPMK4qTNwK_faXF0b0sy478n94GK3wo29spSsKmUArrRnwIpbl_AunrBOxP-nJVTVvhVXz8ZkRzXX1eKHLZyDoOdZuOkKtPyVhi89izBGAkhSmiduGof7dhw8rvfR-HaIJvALn_jNDMX03XT0w0VgmqFkZHOoJEORdrF1JvMoXrYa2_oRJA=w72-h72-p-k-no-nu
200 OK 4.6 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3b9A7-RlOGci0BWPMK4qTNwK_faXF0b0sy478n94GK3wo29spSsKmUArrRnwIpbl_AunrBOxP-nJVTVvhVXz8ZkRzXX1eKHLZyDoOdZuOkKtPyVhi89izBGAkhSmiduGof7dhw8rvfR-HaIJvALn_jNDMX03XT0w0VgmqFkZHOoJEORdrF1JvMoXrYa2_oRJA=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 2a47811019b6217c9820caa1921e9b5c
8f1ba25ef1f813f03258979fd65a3eead2d01287
5cfee93ec63acb74f54c11b5c9f61befa1746a5da528b78d57b8b71e8ba5cfe6
GET /blogger_img_proxy/ANbyha3b9A7-RlOGci0BWPMK4qTNwK_faXF0b0sy478n94GK3wo29spSsKmUArrRnwIpbl_AunrBOxP-nJVTVvhVXz8ZkRzXX1eKHLZyDoOdZuOkKtPyVhi89izBGAkhSmiduGof7dhw8rvfR-HaIJvALn_jNDMX03XT0w0VgmqFkZHOoJEORdrF1JvMoXrYa2_oRJA=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 07 Dec 2022 11:25:42 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 06 Dec 2022 11:25:42 GMT
server: fife
content-length: 4614
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0XiOH3j9np05d5ODaBLLbKw4vC8DcbG0btxYPnDzDzL1i6AhkC538zud27eHdd2j6IAnhdgwU7-nrCn41_njyhHpaathIpjaFu6k0-ZXI9wObBIi2y46aa1gRtueSf4P-jL8MJNHEp3-0JfWThDv9I82LHYGLjwqvWG-dH3fObk1UWyKsQCTG3G7ODUFV5CiR7=w72-h72-p-k-no-nu
200 OK 3.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0XiOH3j9np05d5ODaBLLbKw4vC8DcbG0btxYPnDzDzL1i6AhkC538zud27eHdd2j6IAnhdgwU7-nrCn41_njyhHpaathIpjaFu6k0-ZXI9wObBIi2y46aa1gRtueSf4P-jL8MJNHEp3-0JfWThDv9I82LHYGLjwqvWG-dH3fObk1UWyKsQCTG3G7ODUFV5CiR7=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash e0d73baa8f3f1b9facd7ff85692bf468
7e69e3db608c95c44ae6900194d65047aee74d66
ce9c7c712655c86d6a0fd518b87e1894a1d7d4c223609b0d10fe6baad5885a7e
GET /blogger_img_proxy/ANbyha0XiOH3j9np05d5ODaBLLbKw4vC8DcbG0btxYPnDzDzL1i6AhkC538zud27eHdd2j6IAnhdgwU7-nrCn41_njyhHpaathIpjaFu6k0-ZXI9wObBIi2y46aa1gRtueSf4P-jL8MJNHEp3-0JfWThDv9I82LHYGLjwqvWG-dH3fObk1UWyKsQCTG3G7ODUFV5CiR7=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 07 Dec 2022 11:25:42 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 06 Dec 2022 11:25:42 GMT
server: fife
content-length: 3120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
evoluzionecollettiva.com/wp-content/uploads/2019/04/7-ricette-porridge-light-avena.jpg
200 OK 62 kB URL HTTP/1.1 evoluzionecollettiva.com/wp-content/uploads/2019/04/7-ricette-porridge-light-avena.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x700, components 3\012- data
Hash 807fe79d1c47567c50a51d199b6a5870
dbcbf8bade1d3554f261315085ff95c8043060ce
71075a953a54a4339680a7b51bf0522df0f6bb9e0351a4e885a17bf8b1d11ea4
GET /wp-content/uploads/2019/04/7-ricette-porridge-light-avena.jpg HTTP/1.1
Host: evoluzionecollettiva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 11:25:42 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 28 Oct 2021 11:36:56 GMT
ETag: "f3c9-5cf6820bfd2ce"
Accept-Ranges: bytes
Content-Length: 62409
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 769c4a707d97b10328277648c914c9b8
280502d85be9a5d526428bf7db1d4ff9ecfd3591
f25b701d8dd630960d6bd123673a26d94db9be8aeb3e84347399220dd6b128b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F25B701D8DD630960D6BD123673A26D94DB9BE8AEB3E84347399220DD6B128B5"
Last-Modified: Sun, 04 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 17:25:42 GMT
Date: Tue, 06 Dec 2022 11:25:42 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 007f06d0a9f50d66be88b3ddf28ecd8b
214ecccda1994c59b0b4e19f05435cb482148e7f
14e4152570b9c55d6cb83965c52a4eb6048d7df7db6b892c770ab66f4700fb51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2zsIJDG2Rrm5a6wPEidpUc4d-eTOi2HfywgcUBXXo_uSz_ykerkP3x-gShtLrG2aKQ19IQ1tN1fTUPJMKIcoPGv2Vt4MOJ0pPYcMpGcc7nDhRE4Bg3xVY9CJQXmihzGOR6ac9c0zuGsWwE1lPLWk2sLX4bNMBjcASBsQyng6riN0i1YMSKK6hHk86P6R5wd1HseH-byS3Zsw=w72-h72-p-k-no-nu
200 OK 2.6 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2zsIJDG2Rrm5a6wPEidpUc4d-eTOi2HfywgcUBXXo_uSz_ykerkP3x-gShtLrG2aKQ19IQ1tN1fTUPJMKIcoPGv2Vt4MOJ0pPYcMpGcc7nDhRE4Bg3xVY9CJQXmihzGOR6ac9c0zuGsWwE1lPLWk2sLX4bNMBjcASBsQyng6riN0i1YMSKK6hHk86P6R5wd1HseH-byS3Zsw=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 5ef752950c2a53e5d8f26543623b7491
13c9463c7cefb3aa459d4833adab2010a5b57c0d
c6ae1a166491c926e898d643fc80209b6ad8a7b24b211678fd1b4e8f931e30bf
GET /blogger_img_proxy/ANbyha2zsIJDG2Rrm5a6wPEidpUc4d-eTOi2HfywgcUBXXo_uSz_ykerkP3x-gShtLrG2aKQ19IQ1tN1fTUPJMKIcoPGv2Vt4MOJ0pPYcMpGcc7nDhRE4Bg3xVY9CJQXmihzGOR6ac9c0zuGsWwE1lPLWk2sLX4bNMBjcASBsQyng6riN0i1YMSKK6hHk86P6R5wd1HseH-byS3Zsw=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 07 Dec 2022 11:25:42 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 06 Dec 2022 11:25:42 GMT
server: fife
content-length: 2633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.fattoriegirau.com/wp-content/uploads/2020/10/smoothie-bowl-thumb-thegem-blog-default-large.jpg
200 OK 101 kB URL HTTP/1.1 www.fattoriegirau.com/wp-content/uploads/2020/10/smoothie-bowl-thumb-thegem-blog-default-large.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x540, components 3\012- data
Size 101 kB (100987 bytes)
Hash c9d484bafc22b7dce48820a7df54bb9d
f700b2114f47ac12952019eea204233d27b7d1a3
faeb8e45071d3910016d05998fb0457dc8c5b89b1cffc798f3969e2160387331
GET /wp-content/uploads/2020/10/smoothie-bowl-thumb-thegem-blog-default-large.jpg HTTP/1.1
Host: www.fattoriegirau.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Tue, 06 Dec 2022 11:25:42 GMT
Content-Type: image/jpeg
Content-Length: 100987
Last-Modified: Mon, 05 Oct 2020 13:00:29 GMT
Connection: keep-alive
ETag: "5f7b18ed-18a7b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.fattoriegirau.com/wp-content/uploads/2021/01/smoothie-thumb-thegem-blog-default-large.jpg
200 OK 72 kB URL HTTP/1.1 www.fattoriegirau.com/wp-content/uploads/2021/01/smoothie-thumb-thegem-blog-default-large.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x540, components 3\012- data
Hash 0248a1a36973a77e7763bb52fec885f0
a97b2f47c3d9cce42813bbd4c3cb9563e85340fb
9b25c64056074da21ee60b4294699be94a87aec12fbaccd9a27b297dd9a4ed14
GET /wp-content/uploads/2021/01/smoothie-thumb-thegem-blog-default-large.jpg HTTP/1.1
Host: www.fattoriegirau.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Tue, 06 Dec 2022 11:25:42 GMT
Content-Type: image/jpeg
Content-Length: 71502
Last-Modified: Thu, 04 Feb 2021 16:42:06 GMT
Connection: keep-alive
ETag: "601c23de-1174e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
cdn.greenstyle.it/r6HEZtFau1LGC-OUEo4n9MyJyIg=/582x305/smart/https://www.greenstyle.it/app/uploads/2019/04/porridge2.jpg
200 OK 46 kB URL HTTP/2 cdn.greenstyle.it/r6HEZtFau1LGC-OUEo4n9MyJyIg=/582x305/smart/https://www.greenstyle.it/app/uploads/2019/04/porridge2.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 582x305, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e325598f7a88be6b66fc11b1cd78cc05
e1d74a03f567f7ebff745451a1542b964e5133c5
7e0bc90ec0dac2d2a8852b8f87bb196af5c960fc6e888dd8a426898c44c2fefd
GET /r6HEZtFau1LGC-OUEo4n9MyJyIg=/582x305/smart/https://www.greenstyle.it/app/uploads/2019/04/porridge2.jpg HTTP/1.1
Host: cdn.greenstyle.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:42 GMT
content-type: image/webp
content-length: 45534
cache-control: max-age=31536000,public
expires: Wed, 06 Dec 2023 11:25:42 GMT
vary: Accept, Accept-Encoding
etag: "e1d74a03f567f7ebff745451a1542b964e5133c5"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmoZCNgoty6SgXKwUi8Y7Il%2Bx1TA1VK8BJj4b3mc4R%2FTzPzRfxHl%2FKRASHottpGECapFriRAyUMcRfklRNS%2B0RcFoIPNnNUypjsJRX0Z74ohfeowR%2B1kCVJeWTpY%2FVNGdxTY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7754a991fc9fb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash d961520383e50acab5d057eefe4745b1
c64a409ffa2171025a62c248893ac27cd991df79
cfa8a2a4202b07cf8903ebd254cce8e0cd9fb49166b6ccde2364aa576f939d67
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3464
Cache-Control: max-age=103888
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:42 GMT
Etag: "638e0bfe-117"
Expires: Wed, 07 Dec 2022 16:17:10 GMT
Last-Modified: Mon, 05 Dec 2022 15:19:26 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
cdn.trovaricetta.com/photo/2020/10/29/1846250/t/mille-1-versioni-di-porridge.jpg
200 OK 15 kB URL HTTP/2 cdn.trovaricetta.com/photo/2020/10/29/1846250/t/mille-1-versioni-di-porridge.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x187, components 3\012- data
Hash 02ef76e4e9a1176a6943d77fc33ac5c1
bf0aeadb38b699902f6a878d759dad9c083d284c
e3d85bbe60c6737c87fb16dc06aa3b6a098a39d2c835a44ec5236bf85608c185
GET /photo/2020/10/29/1846250/t/mille-1-versioni-di-porridge.jpg HTTP/1.1
Host: cdn.trovaricetta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:42 GMT
content-type: image/jpeg
content-length: 14870
cache-control: public, max-age=7776000
etag: "3a16-5b2c31f79dc00"
expires: Mon, 06 Mar 2023 11:25:42 GMT
last-modified: Wed, 28 Oct 2020 23:00:00 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQfRnd7BL2OqlXRIRNLb6aOGo9%2Baj5SUJLz4EmHlBq2cStJfGp%2BlWNAKE9BoGFmxmZXX6aIIQZ32sfDAiT2uyAt2UV6qCLoaALXs2tlQxU%2BmZpe2JyqHlxR9dxnNoPhuUaF2ZXFn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a992cb130b45-OSL
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha02WIT5LdwSTJ_8zxFuasturgTQgS1stjd6RMBNh3Cju1HuAGy04qGtPN-FJ-F5DkIw2nLCQq7mH0l0WSLElHSZh3dEo60Y7TdPYZZxYW7m3-o7DU5C2D5NhQkvIVCEhWaP0XqpvuSlmA=w72-h72-p-k-no-nu
200 OK 2.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha02WIT5LdwSTJ_8zxFuasturgTQgS1stjd6RMBNh3Cju1HuAGy04qGtPN-FJ-F5DkIw2nLCQq7mH0l0WSLElHSZh3dEo60Y7TdPYZZxYW7m3-o7DU5C2D5NhQkvIVCEhWaP0XqpvuSlmA=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash be0a827abd001568e5aa41262ceca12b
5f8461bf3b2031868a5a23338188d4aae4b61bb6
7d23093a538835f635d100f12d67a1c4e622061b11228db7da5e1dc1f7dd058d
GET /blogger_img_proxy/ANbyha02WIT5LdwSTJ_8zxFuasturgTQgS1stjd6RMBNh3Cju1HuAGy04qGtPN-FJ-F5DkIw2nLCQq7mH0l0WSLElHSZh3dEo60Y7TdPYZZxYW7m3-o7DU5C2D5NhQkvIVCEhWaP0XqpvuSlmA=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 07 Dec 2022 11:25:42 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 06 Dec 2022 11:25:42 GMT
server: fife
content-length: 2909
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 51bd80d9cc5a312117cd3fa8578332bb
2e6bd3a308071de5c3ffa26b338a48a21c84d299
cdcc1f1829fdda159c3879159ac0a120f46da2244edb1683fac9c3fffee5fb43
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CDCC1F1829FDDA159C3879159AC0A120F46DA2244EDB1683FAC9C3FFFEE5FB43"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19770
Expires: Tue, 06 Dec 2022 16:55:12 GMT
Date: Tue, 06 Dec 2022 11:25:42 GMT
Connection: keep-alive
vlry5l4j5gbn.com/a2ea5d0f3e862ce4828ea69ba848780c/invoke.js
200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/a2ea5d0f3e862ce4828ea69ba848780c/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 607306a13081f65da9f1c6a44578a9d5
87e38ab9978eb0e67a7b1e419f3c1233ccfd4efb
28a2e5b37362e78937ec99e306a10a46f7c4de31980354544fd20c308bf6eab7
GET /a2ea5d0f3e862ce4828ea69ba848780c/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a5f06a41f9f2e8fd03d89f0079aa6244
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2fcZQ37-9lB5wCggi4kIRYwRsd69WICoB_YozSlOS6fjRWenp12cEmxYd2Uj7sSmgN2LcnoE08GR_-hpfM9IIpS0N4zQ0HzLkvlkgOEwrznl5p0NzxHZrI2Q494mcm3H2MZToY=w72-h72-p-k-no-nu
200 OK 4.4 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2fcZQ37-9lB5wCggi4kIRYwRsd69WICoB_YozSlOS6fjRWenp12cEmxYd2Uj7sSmgN2LcnoE08GR_-hpfM9IIpS0N4zQ0HzLkvlkgOEwrznl5p0NzxHZrI2Q494mcm3H2MZToY=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 4e384df0e8ffdb1231e0230edf4f1a46
7237415d59c8057b1431e1006819fd5aa227cccd
57287bd4254246596fef9c549131c2a02948c24ecea9d9920ca089b71f094f31
GET /blogger_img_proxy/ANbyha2fcZQ37-9lB5wCggi4kIRYwRsd69WICoB_YozSlOS6fjRWenp12cEmxYd2Uj7sSmgN2LcnoE08GR_-hpfM9IIpS0N4zQ0HzLkvlkgOEwrznl5p0NzxHZrI2Q494mcm3H2MZToY=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
date: Tue, 06 Dec 2022 11:25:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 04f06c28b0b7081c349359badbd6a4f5
4bec14b1fb3b6dbbee1b42fade72cff16ae8abd1
dda976b14cf086bda9158b87da4174dcfd98711209865ee54f3ccd9c2c9ca5e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDA976B14CF086BDA9158B87DA4174DCFD98711209865EE54F3CCD9C2C9CA5E8"
Last-Modified: Sun, 04 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Tue, 06 Dec 2022 17:25:09 GMT
Date: Tue, 06 Dec 2022 11:25:42 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/ANbyha36RVtPNvqKoEepkfZt83FhW2w3BwMahvuSE_xd5m0JONYPMqwA0oMeZu78O3IS3bosbkpL_bpGA4Db_gO75kN-h_tiy1idUcrpW85GL1VyEqgUsMDv_hu00kyGXWVyGq2a6jmOCI5kwEJHyP17j8tOBhIE0VLo8w3j7sWaVLiN8w=w72-h72-p-k-no-nu
404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha36RVtPNvqKoEepkfZt83FhW2w3BwMahvuSE_xd5m0JONYPMqwA0oMeZu78O3IS3bosbkpL_bpGA4Db_gO75kN-h_tiy1idUcrpW85GL1VyEqgUsMDv_hu00kyGXWVyGq2a6jmOCI5kwEJHyP17j8tOBhIE0VLo8w3j7sWaVLiN8w=w72-h72-p-k-no-nu
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash a64bd9b2b3cfaca920e72b86ee0b7d3f
e9e6994de887e86e98c636ca096ff315ed2db67f
12ddd8aca6996e9cf6526dcc847d7231b98a5c71c26b7fb11e68aa0800121e0d
GET /blogger_img_proxy/ANbyha36RVtPNvqKoEepkfZt83FhW2w3BwMahvuSE_xd5m0JONYPMqwA0oMeZu78O3IS3bosbkpL_bpGA4Db_gO75kN-h_tiy1idUcrpW85GL1VyEqgUsMDv_hu00kyGXWVyGq2a6jmOCI5kwEJHyP17j8tOBhIE0VLo8w3j7sWaVLiN8w=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 06 Dec 2022 11:25:42 GMT
server: fife
content-length: 1775
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/8546612cc3d574c06b4c0d418470a4d0/invoke.js
200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/8546612cc3d574c06b4c0d418470a4d0/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash 05adb2d263af45d6a3e275c682d769dc
0a361be38b75f094737074e32ac9c55ce63ace6d
367856f6fa69b2b4fffe3be1338b14f253808ad65cbf9f1ae5ecae4359867692
GET /8546612cc3d574c06b4c0d418470a4d0/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b11863026905fe90219cabef95679dd5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.eserciziperdimagrire.org/wp-content/uploads/2018/01/porridge-proteico-prezzo-migliore.jpg
200 OK 11 kB URL HTTP/2 www.eserciziperdimagrire.org/wp-content/uploads/2018/01/porridge-proteico-prezzo-migliore.jpg
IP
ASN #52030 Server Plan S.r.l.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x207, components 3\012- data
Hash f932b45dcf0c88388cf98f74e4d2899e
8f51dccf6571e28f7098cb8131436dac844502bc
a28f7a37de4b893afad2331800e247db4939b6157c8641165346aa521a8ccc30
GET /wp-content/uploads/2018/01/porridge-proteico-prezzo-migliore.jpg HTTP/1.1
Host: www.eserciziperdimagrire.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 08:58:06 GMT
etag: "2c0fb2-2b25-5cd831c804f8e"
accept-ranges: bytes
content-length: 11045
referrer-policy:
content-type: image/jpeg
date: Tue, 06 Dec 2022 11:25:42 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 37e249436efd3904ad23a3bc6a1f22fe
c2a39e8bad784f494516d24094adb710193af8ec
c38a5798ed46d9276a2456e6565c6e162122223005f456c927d843ec6345de8a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 11:25:42 GMT
Last-Modified: Tue, 06 Dec 2022 10:58:57 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _WQ86yoUXMgyGs2BJ51708N3tB-In_Z1J55arCz6Kz0qgzj87lT55A==
Age: 1605
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 299bbebe73f55f256d22ae374dddfa1e
821f7aab559a6e0be8993914db1aee7621498bd7
278197496f8123ea97f7feee20ce2e4c5220a54ec1ff532e975837e4fb1a1f35
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sparshnesiah.blogspot.com
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:42 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sparshnesiah.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=6879de5c-61ec-48e4-8ae8-3b6ce2ee1f99:3:1; expires=Fri, 03 Dec 2032 11:25:42 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 11a550d60598bceea73e48a32a1578de
52cd1f5b3585f11b7dfe2bedc820e19a9c9a551d
5cb941797f9cd2c1f6ec9ac80658fe3590bbc4bbe9d775e77f95e4a0f025977d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sparshnesiah.blogspot.com
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:43 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sparshnesiah.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=716454eb-9e30-4187-b2cb-582635cd394a:2:1; expires=Fri, 03 Dec 2032 11:25:43 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/75a9554123301b51a48e3b22b6473606/invoke.js
200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/75a9554123301b51a48e3b22b6473606/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash 20349d98ca22a84f5aff723756d3a7b1
985d9b07fbc2bed7d0527c6a92886507bb733b12
41fe769c74bed7d4dad0e071cfaad2fd6fd93108c0dabba96d8c45c8fa16d2b0
GET /75a9554123301b51a48e3b22b6473606/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ca35cfe61bc0b0892956f48920a43545
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5900
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 11:25:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5900
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 11:25:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5900
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 11:25:43 GMT
Connection: keep-alive
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 11a550d60598bceea73e48a32a1578de
52cd1f5b3585f11b7dfe2bedc820e19a9c9a551d
5cb941797f9cd2c1f6ec9ac80658fe3590bbc4bbe9d775e77f95e4a0f025977d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sparshnesiah.blogspot.com
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Cookie: uid_id2=716454eb-9e30-4187-b2cb-582635cd394a:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:43 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sparshnesiah.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 557e6b38-7be9-4953-968b-2e5bd3491ef4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUDYEQbIAMFwRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e2-1fcd8fc4719bc0bc7d11abd2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z1_zJTJMuk724WMOmIc660b54AyZK8ffNVF5N7ehZ00W2kaL3Lcd1A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:14 GMT
age: 49109
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f-KQCOuDl461V8MBPsSOj1ILCU91Q0pCSENaldkMHR2oZdrEUnHeaA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:03:16 GMT
age: 48147
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bayupras.com/ars/directpop.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
200 OK 19 kB URL HTTP/2 bayupras.com/ars/directpop.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP
File type ASCII text, with CRLF line terminators
Hash 3057429fa2adebf6f46cce5eeee9428a
04b2a965eeb9d3c0c670fda818155339ef2c2f35
e9695e10bc1db6359b8a10445c2d85aea677b0be515d7b9a4ea0fa2aa980aca2
GET /ars/directpop.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:41 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Dec 2022 18:26:56 GMT
last-modified: Sun, 27 Nov 2022 12:10:02 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 61125
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrALtzzLOMbBtVXOnasKTrZ45%2FxuD3VZYOPq%2FMCVoggNE1tUZeSpRrE7D8WLZ3O1UJu89upLW1nF7J18z0xQDj6zUdKuH%2BhY6jUl0BqldCL7ZV33PpxTwvxGi28G7g0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7754a98fbb17b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73b9f329cd3a39d0756de62dd5f190b7
0f1c7567b89cc3de60196e47e37879296359bc78
e15711efe27a3d302a9869cf01d27fd65bd0beca9d03a19d93bbf11e28f3e1d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4827
x-amzn-requestid: 9091cc45-8fb1-4b07-8ef9-3f42b85fb81e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuYH_KIAMFpMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-6bf3bf8659ef3feb27c1803f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fxdYE-ftBwC_0KcBJBQqvUbVXM54TmsKR8QXIfLIhdLYsqtaxdx9tg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:26 GMT
age: 46997
etag: "0f1c7567b89cc3de60196e47e37879296359bc78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jqWuNfsDgPOsqxlX2HGJdhXm9GnGC-TBafSbSCrztICFgEwcyqc_iA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:22 GMT
age: 47001
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3HXoqgMpL5EOXY8gccZDo97CCmbKE0RZ7-sIWllD5BVBFaVNWZDwKXZ7ti5Oobyq3M5lOElJTBVdf7ywOIKM9hGolaHd7Eu-0RRSx6mxwRDBd3LZr6QBp2c_LR9jry0rrXys0OGgzzcd23tHiigDZk-CrP4GeWUckVgGov3A=w72-h72-p-k-no-nu
200 OK 3.5 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3HXoqgMpL5EOXY8gccZDo97CCmbKE0RZ7-sIWllD5BVBFaVNWZDwKXZ7ti5Oobyq3M5lOElJTBVdf7ywOIKM9hGolaHd7Eu-0RRSx6mxwRDBd3LZr6QBp2c_LR9jry0rrXys0OGgzzcd23tHiigDZk-CrP4GeWUckVgGov3A=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash f57a20f3a42e6d65eb3882298c307947
3137fb678edc33148f4477fc13b629a08fb3508d
3700508c8c9da5b8495aca6994439e9379b171b3683163777b02bb802bb33588
GET /blogger_img_proxy/ANbyha3HXoqgMpL5EOXY8gccZDo97CCmbKE0RZ7-sIWllD5BVBFaVNWZDwKXZ7ti5Oobyq3M5lOElJTBVdf7ywOIKM9hGolaHd7Eu-0RRSx6mxwRDBd3LZr6QBp2c_LR9jry0rrXys0OGgzzcd23tHiigDZk-CrP4GeWUckVgGov3A=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 07 Dec 2022 11:25:43 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 06 Dec 2022 11:25:43 GMT
server: fife
content-length: 3498
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 46954
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/475f67a0392a4024f64fe9d2b911a42e/invoke.js
200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/475f67a0392a4024f64fe9d2b911a42e/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash 20349d98ca22a84f5aff723756d3a7b1
985d9b07fbc2bed7d0527c6a92886507bb733b12
41fe769c74bed7d4dad0e071cfaad2fd6fd93108c0dabba96d8c45c8fa16d2b0
GET /475f67a0392a4024f64fe9d2b911a42e/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cac93cf1323261ea8a3a3c89cf22d65b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lh3.googleusercontent.com/blogger_img_proxy/ANbyha21CA3932CIGjWLz7ocZySTTnYrzPYFMuaqWyAX3m5jvTDbjHvkjRA9e8mrDSOK9eNdPRuS8mUby6osFYJ9m5x4qlbuT81CsLJQ3PYc2Dh7ysCUZNdCU3fBAd9pvsotuaVWev0TVVnofhZ03y0kjjDxaR8F=w72-h72-p-k-no-nu
200 OK 5.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha21CA3932CIGjWLz7ocZySTTnYrzPYFMuaqWyAX3m5jvTDbjHvkjRA9e8mrDSOK9eNdPRuS8mUby6osFYJ9m5x4qlbuT81CsLJQ3PYc2Dh7ysCUZNdCU3fBAd9pvsotuaVWev0TVVnofhZ03y0kjjDxaR8F=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 63830ccbd8f51cfa076ca7e4450de75a
23e37870b51b6fb183b2b9f096d6747365dee039
bc070fcccf1e2ae4d0e622ea709ab6711a44eebd9005bf65b1dc5f5147e4fa25
GET /blogger_img_proxy/ANbyha21CA3932CIGjWLz7ocZySTTnYrzPYFMuaqWyAX3m5jvTDbjHvkjRA9e8mrDSOK9eNdPRuS8mUby6osFYJ9m5x4qlbuT81CsLJQ3PYc2Dh7ysCUZNdCU3fBAd9pvsotuaVWev0TVVnofhZ03y0kjjDxaR8F=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
date: Tue, 06 Dec 2022 11:25:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c845ab707b375170df060e8db33cf4a7
3dab467606cebfa110c675a17b97a74a424c591f
9a769e242bab0e2551de18d0b91babade179fa5e4dfac61a5ff7e37ed5f3153d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A769E242BAB0E2551DE18D0B91BABADE179FA5E4DFAC61A5FF7E37ED5F3153D"
Last-Modified: Mon, 05 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4214
Expires: Tue, 06 Dec 2022 12:35:57 GMT
Date: Tue, 06 Dec 2022 11:25:43 GMT
Connection: keep-alive
vlry5l4j5gbn.com/e69352f690a12fcbce1c792a36513e94/invoke.js
200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/e69352f690a12fcbce1c792a36513e94/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26955), with no line terminators
Hash 8630e3701512fa001e70bc42369f90ed
3ba78410b0b3663cc62f5623078aec41c832f037
4130ca2a81467a84009d09c58bfd82e75ba822f1ac21cb851584d696a3137ba7
GET /e69352f690a12fcbce1c792a36513e94/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6fff07d22470c8dc95c5594c8593eaa5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sparshnesiah.blogspot.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:43 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1703428
expires: Sun, 26 Nov 2023 11:25:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j082yjKwiQafRpJTVU7Fpk93g5SrmjrXZB2yU8k88ILxVvubgvgKj%2BUSQ5aPm8gQrNI7gA7qqpszAg7Oqbkj35i43%2BnFd3Al4mSh3euChUXcCGZY5bjZqCVSAHZUmB0kFb789EZD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7754a99a2cd01c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sparshnesiah.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:08:51 GMT
expires: Tue, 05 Dec 2023 21:08:51 GMT
cache-control: public, max-age=31536000
age: 51412
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sparshnesiah.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:21 GMT
expires: Fri, 01 Dec 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 428182
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
populationrind.com/watch.1669694665530.js?key=a2ea5d0f3e862ce4828ea69ba848780c&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=6879de5c-61ec-48e4-8ae8-3b6ce2ee1f99%3A3%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 populationrind.com/watch.1669694665530.js?key=a2ea5d0f3e862ce4828ea69ba848780c&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=6879de5c-61ec-48e4-8ae8-3b6ce2ee1f99%3A3%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1669694665530.js?key=a2ea5d0f3e862ce4828ea69ba848780c&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=6879de5c-61ec-48e4-8ae8-3b6ce2ee1f99%3A3%3A1 HTTP/1.1
Host: populationrind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sparshnesiah.blogspot.com
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Tue, 06 Dec 2022 11:25:43 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sparshnesiah.blogspot.com
Access-Control-Allow-Origin: https://sparshnesiah.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://populationrind.com/watch.1669694665530.js?key=a2ea5d0f3e862ce4828ea69ba848780c&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=6879de5c-61ec-48e4-8ae8-3b6ce2ee1f99%3A3%3A1&shu=9028f7753a870ac22cb0da16654ac4a3de40085cea787ba54c9902409c0874c51fb209051f42057db2917b6cb82df37a87cc74d507e3cf0fe96c3ac3c09bd568f407e48df47996605836e2bcceb8acfdbd4599&pst=1670326003&rmtc=t
Set-Cookie: u_pl=17037309; expires=Wed, 07 Dec 2022 11:25:43 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzNzMwOSwiayI6ImEyZWE1ZDBmM2U4NjJjZTQ4MjhlYTY5YmE4NDg3ODBjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJlbTNhd21ocmciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zcGFyc2huZXNpYWguYmxvZ3Nwb3QuY29tLzIwMjIvMTIvMjMtcmljZXR0YS1wb3JyaWRnZS1saWdodC1wcm90ZWljby5odG1sIn19.b7XFvl63UIsuhDQyPxS8n4r5fpdGdh8AMrVZG5cGWXU; expires=Tue, 06 Dec 2022 11:26:43 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b7fd8122adb251dd3ab185af8103f4d6
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 79a5c63008ba30f2f8c3c301e21b8faa
6cdad289f443b3942a352ce20f945f9eccd7bd8e
c16a8e95033597a29456af2af3a9f7b8582d31cfee7414a435df0e9948387cae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C16A8E95033597A29456AF2AF3A9F7B8582D31CFEE7414A435DF0E9948387CAE"
Last-Modified: Tue, 06 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4234
Expires: Tue, 06 Dec 2022 12:36:17 GMT
Date: Tue, 06 Dec 2022 11:25:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 006fff0268683cd32a94b914f2b81f55
f446c4793fbcdc5fe03d1461191808c3c0b4c021
0d1d41be77651f7ab8814f122be499599bf4503b9f21ff54cbbd985ffbf02026
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D1D41BE77651F7AB8814F122BE499599BF4503B9F21FF54CBBD985FFBF02026"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14764
Expires: Tue, 06 Dec 2022 15:31:47 GMT
Date: Tue, 06 Dec 2022 11:25:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 61c071d75f06c0ff7197891e742017ac
da9c0355122151eed7ecab9c851da70bdd48933b
3a077fee8160980f7464b72287fc9336a0921209ae8b00a73d4565fba0b56fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A077FEE8160980F7464B72287FC9336A0921209AE8B00A73D4565FBA0B56FE2"
Last-Modified: Mon, 05 Dec 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4292
Expires: Tue, 06 Dec 2022 12:37:15 GMT
Date: Tue, 06 Dec 2022 11:25:43 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0k0sTExELzYxyeN7xTYAgohbPV11xr6S_3ult0r2bdvl12k3TdnHK0445sUe2uLUC8Q3_6aJNPg53gX7wCV0u552I7pM_R3ho2xtZ-PsoN1zpf9I49RD0vtSrh6hiAmg34_UV4CyS6ZRw3E5IJrkqT5yv3BNUpVLDGZG4kU93h5w=w72-h72-p-k-no-nu
200 OK 3.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0k0sTExELzYxyeN7xTYAgohbPV11xr6S_3ult0r2bdvl12k3TdnHK0445sUe2uLUC8Q3_6aJNPg53gX7wCV0u552I7pM_R3ho2xtZ-PsoN1zpf9I49RD0vtSrh6hiAmg34_UV4CyS6ZRw3E5IJrkqT5yv3BNUpVLDGZG4kU93h5w=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 2e674397fd1cfa136b731bb195cd1d20
5e736d4c94a7c81c3546bc74114bfdad8560eb87
3d69382018dbcf772b30b3bc001a3b43348aca4d5f9f25ebfd98f70964c8d986
GET /blogger_img_proxy/ANbyha0k0sTExELzYxyeN7xTYAgohbPV11xr6S_3ult0r2bdvl12k3TdnHK0445sUe2uLUC8Q3_6aJNPg53gX7wCV0u552I7pM_R3ho2xtZ-PsoN1zpf9I49RD0vtSrh6hiAmg34_UV4CyS6ZRw3E5IJrkqT5yv3BNUpVLDGZG4kU93h5w=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 07 Dec 2022 11:25:43 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 06 Dec 2022 11:25:43 GMT
server: fife
content-length: 3875
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
populationrind.com/watch.1669694665530.js?key=a2ea5d0f3e862ce4828ea69ba848780c&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=6879de5c-61ec-48e4-8ae8-3b6ce2ee1f99%3A3%3A1&shu=9028f7753a870ac22cb0da16654ac4a3de40085cea787ba54c9902409c0874c51fb209051f42057db2917b6cb82df37a87cc74d507e3cf0fe96c3ac3c09bd568f407e48df47996605836e2bcceb8acfdbd4599&pst=1670326003&rmtc=t
200 OK 641 B URL HTTP/1.1 populationrind.com/watch.1669694665530.js?key=a2ea5d0f3e862ce4828ea69ba848780c&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=6879de5c-61ec-48e4-8ae8-3b6ce2ee1f99%3A3%3A1&shu=9028f7753a870ac22cb0da16654ac4a3de40085cea787ba54c9902409c0874c51fb209051f42057db2917b6cb82df37a87cc74d507e3cf0fe96c3ac3c09bd568f407e48df47996605836e2bcceb8acfdbd4599&pst=1670326003&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (601)
Hash b253797420b9aa242d7e9569a110ac32
5ec9b9e636d8ef28d0fe71303cb0819b933e3161
98ad6f61cde1a6de8e2cdd473dee75e3e3477221a0ab9068bbdeb723123af539
GET /watch.1669694665530.js?key=a2ea5d0f3e862ce4828ea69ba848780c&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=6879de5c-61ec-48e4-8ae8-3b6ce2ee1f99%3A3%3A1&shu=9028f7753a870ac22cb0da16654ac4a3de40085cea787ba54c9902409c0874c51fb209051f42057db2917b6cb82df37a87cc74d507e3cf0fe96c3ac3c09bd568f407e48df47996605836e2bcceb8acfdbd4599&pst=1670326003&rmtc=t HTTP/1.1
Host: populationrind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sparshnesiah.blogspot.com
Referer: https://sparshnesiah.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17037309; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzNzMwOSwiayI6ImEyZWE1ZDBmM2U4NjJjZTQ4MjhlYTY5YmE4NDg3ODBjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJlbTNhd21ocmciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zcGFyc2huZXNpYWguYmxvZ3Nwb3QuY29tLzIwMjIvMTIvMjMtcmljZXR0YS1wb3JyaWRnZS1saWdodC1wcm90ZWljby5odG1sIn19.b7XFvl63UIsuhDQyPxS8n4r5fpdGdh8AMrVZG5cGWXU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Dec 2022 11:25:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sparshnesiah.blogspot.com
Access-Control-Allow-Origin: https://sparshnesiah.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=6879de5c-61ec-48e4-8ae8-3b6ce2ee1f99:3:1; expires=Tue, 13 Dec 2022 11:25:43 GMT; secure; SameSite=None
iprc9ac0243756a0d11e966df84e0e91186d=2717343; expires=Wed, 07 Dec 2022 13:25:43 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 07 Dec 2022 11:25:43 GMT; secure; SameSite=None
uncs=1; expires=Wed, 07 Dec 2022 11:25:43 GMT; secure; SameSite=None
pdhtkv23=true; expires=Wed, 07 Dec 2022 11:25:43 GMT; secure; SameSite=None
uncs23=1; expires=Wed, 07 Dec 2022 11:25:43 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dd2cdeac571b062cdab48f5dc58e9921
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
soldierreproduceadmiration.com/watch.76267807203.js?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 soldierreproduceadmiration.com/watch.76267807203.js?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.76267807203.js?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sparshnesiah.blogspot.com
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:43 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sparshnesiah.blogspot.com
Access-Control-Allow-Origin: https://sparshnesiah.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://soldierreproduceadmiration.com/watch.76267807203.js?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1&shu=b68bcf30ffeaf6017563017d46d6cccdd3ec8ed0f7bced95d4fbbe7707db827854ee2cae8d7418fe61288dcf208b774aed829ce534b32b23cb53db1f81e62d8c0516e2c7866a4c4749ae4057be4feed2ea9832cdf4aa2b560c7b8841a8eddf&pst=1670326003&rmtc=t
Set-Cookie: u_pl=17569139; expires=Wed, 07 Dec 2022 11:25:43 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2OTEzOSwiayI6IjQ3NWY2N2EwMzkyYTQwMjRmNjRmZTlkMmI5MTFhNDJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJza2Q2NG45NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NwYXJzaG5lc2lhaC5ibG9nc3BvdC5jb20vMjAyMi8xMi8yMy1yaWNldHRhLXBvcnJpZGdlLWxpZ2h0LXByb3RlaWNvLmh0bWwifX0.9SrsSHQnQV9uy58Zxwq0SZlvhRuE94RK71aTF_WM5iI; expires=Tue, 06 Dec 2022 11:26:43 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 806bc63425c02d4646938ac6f3a1adf3
Strict-Transport-Security: max-age=0; includeSubdomains
soldierreproduceadmiration.com/watch.277841516113.js?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 soldierreproduceadmiration.com/watch.277841516113.js?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.277841516113.js?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sparshnesiah.blogspot.com
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:43 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sparshnesiah.blogspot.com
Access-Control-Allow-Origin: https://sparshnesiah.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://soldierreproduceadmiration.com/watch.277841516113.js?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1&shu=e12fc76aeab772ab357728f9a40753b6499a088570f53a8c006997e03ffa16a83b50939f2671d35f9b69bfbddc4e38520cbba126b164b51e26726ae706e1854a9a293992af3428f678e85e1df50b61f6abf3f46fd6579650142b8bdf46e8c64be86265&pst=1670326003&rmtc=t
Set-Cookie: u_pl=17037282; expires=Wed, 07 Dec 2022 11:25:43 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzNzI4MiwiayI6Ijc1YTk1NTQxMjMzMDFiNTFhNDhlM2IyMmI2NDczNjA2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6ImZnZ2t0Nzc3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3BhcnNobmVzaWFoLmJsb2dzcG90LmNvbS8yMDIyLzEyLzIzLXJpY2V0dGEtcG9ycmlkZ2UtbGlnaHQtcHJvdGVpY28uaHRtbCJ9fQ.oYSWEfmeXFkoySM2ctIIMPtNhS2IqUNa-UKNmaOnXGo; expires=Tue, 06 Dec 2022 11:26:43 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2e6dcc0d49858ebd3f93d7eb25f857a6
Strict-Transport-Security: max-age=0; includeSubdomains
fairfaxgeorgianayourself.com/watch.1556318643871.js?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 fairfaxgeorgianayourself.com/watch.1556318643871.js?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1556318643871.js?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sparshnesiah.blogspot.com
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:43 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sparshnesiah.blogspot.com
Access-Control-Allow-Origin: https://sparshnesiah.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://fairfaxgeorgianayourself.com/watch.1556318643871.js?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1&shu=bed2650f4df19a0cf53db7df8cc6912bcf08e117f6de5c9844b223ec9d81835fbc57c0f0f3c5afe80bbe49243fd122578f483f7cd2c427f01d0c9d4daa5e59c3f5abb4bd7188aa6b337fa82e99692ae610803d0a&pst=1670326003&rmtc=t
Set-Cookie: u_pl=17902416; expires=Wed, 07 Dec 2022 11:25:43 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzkwMjQxNiwiayI6Ijg1NDY2MTJjYzNkNTc0YzA2YjRjMGQ0MTg0NzBhNGQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI2LCJwdCI6NCwicGsiOiJ4dDI4a3o2NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NwYXJzaG5lc2lhaC5ibG9nc3BvdC5jb20vMjAyMi8xMi8yMy1yaWNldHRhLXBvcnJpZGdlLWxpZ2h0LXByb3RlaWNvLmh0bWwifX0.EAm45bp1O5b03IDqAt1rvWefKH1vrsE0VvmhSYZSZtc; expires=Tue, 06 Dec 2022 11:26:43 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 826ded28f84cea9820abfcc0235fd4c9
Strict-Transport-Security: max-age=0; includeSubdomains
soldierreproduceadmiration.com/watch.277841516113?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
200 OK 1.2 kB URL HTTP/1.1 soldierreproduceadmiration.com/watch.277841516113?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (570)
Hash 0ddcfe841dc430a7f49a89fcd237b2ab
676d9aa6fab6ef061436d447ee5177944137a884
5b806c1ed1bdef89298255d3a31e5d6b82ae5516e78cd84d2a7483eb3b0506c3
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.277841516113?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Cookie: u_pl=17037282; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzNzI4MiwiayI6Ijc1YTk1NTQxMjMzMDFiNTFhNDhlM2IyMmI2NDczNjA2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6ImZnZ2t0Nzc3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3BhcnNobmVzaWFoLmJsb2dzcG90LmNvbS8yMDIyLzEyLzIzLXJpY2V0dGEtcG9ycmlkZ2UtbGlnaHQtcHJvdGVpY28uaHRtbCJ9fQ.oYSWEfmeXFkoySM2ctIIMPtNhS2IqUNa-UKNmaOnXGo
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzNzI4MiwiayI6Ijc1YTk1NTQxMjMzMDFiNTFhNDhlM2IyMmI2NDczNjA2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6ImZnZ2t0Nzc3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3NwYXJzaG5lc2lhaC5ibG9nc3BvdC5jb20vMjAyMi8xMi8yMy1yaWNldHRhLXBvcnJpZGdlLWxpZ2h0LXByb3RlaWNvLmh0bWwifX0.ZGXBwGsLW5d89pVJjIhJIA9SbDxP-XYpZ5l3FPD0Q5o; expires=Tue, 06 Dec 2022 11:26:44 GMT; secure; SameSite=None
uid_id2=716454eb-9e30-4187-b2cb-582635cd394a:2:1; expires=Tue, 13 Dec 2022 11:25:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0ab8c682b90ded9431493b320f1ba3e4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
soldierreproduceadmiration.com/watch.76267807203?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
200 OK 1.2 kB URL HTTP/1.1 soldierreproduceadmiration.com/watch.76267807203?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (570)
Hash 3a39b482fe70f648e7ac0a670c243d1d
d16ad3700f31efd780a6c556c056bdd2076bb092
77dc9e58959adec587c9e056440dc8d7f2492c0eecce9513438847d9caa275a2
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.76267807203?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Cookie: u_pl=17037282; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzNzI4MiwiayI6Ijc1YTk1NTQxMjMzMDFiNTFhNDhlM2IyMmI2NDczNjA2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6ImZnZ2t0Nzc3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3BhcnNobmVzaWFoLmJsb2dzcG90LmNvbS8yMDIyLzEyLzIzLXJpY2V0dGEtcG9ycmlkZ2UtbGlnaHQtcHJvdGVpY28uaHRtbCJ9fQ.oYSWEfmeXFkoySM2ctIIMPtNhS2IqUNa-UKNmaOnXGo
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17037282,17569139; expires=Wed, 07 Dec 2022 11:25:44 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2OTEzOSwiayI6IjQ3NWY2N2EwMzkyYTQwMjRmNjRmZTlkMmI5MTFhNDJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJza2Q2NG45NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NwYXJzaG5lc2lhaC5ibG9nc3BvdC5jb20vMjAyMi8xMi8yMy1yaWNldHRhLXBvcnJpZGdlLWxpZ2h0LXByb3RlaWNvLmh0bWwifX0.9SrsSHQnQV9uy58Zxwq0SZlvhRuE94RK71aTF_WM5iI; expires=Tue, 06 Dec 2022 11:26:44 GMT; secure; SameSite=None
uid_id2=716454eb-9e30-4187-b2cb-582635cd394a:2:1; expires=Tue, 13 Dec 2022 11:25:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a9ee8ed7d5cf554dfce084fbf5b9c69
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fairfaxgeorgianayourself.com/watch.1556318643871?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
200 OK 1.3 kB URL HTTP/1.1 fairfaxgeorgianayourself.com/watch.1556318643871?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (570)
Hash da90ea39dc128eea269c5f8c8aa16a1c
d32dcd25d3cff98966b9f52beba75e12637d9be5
8e7d249346cba03b85a1b947f387e4c34a3add1118c23033b5996cc237f5fa03
GET /watch.1556318643871?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Cookie: u_pl=17902416; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzkwMjQxNiwiayI6Ijg1NDY2MTJjYzNkNTc0YzA2YjRjMGQ0MTg0NzBhNGQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI2LCJwdCI6NCwicGsiOiJ4dDI4a3o2NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NwYXJzaG5lc2lhaC5ibG9nc3BvdC5jb20vMjAyMi8xMi8yMy1yaWNldHRhLXBvcnJpZGdlLWxpZ2h0LXByb3RlaWNvLmh0bWwifX0.EAm45bp1O5b03IDqAt1rvWefKH1vrsE0VvmhSYZSZtc
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzkwMjQxNiwiayI6Ijg1NDY2MTJjYzNkNTc0YzA2YjRjMGQ0MTg0NzBhNGQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI2LCJwdCI6NCwicGsiOiJ4dDI4a3o2NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly9zcGFyc2huZXNpYWguYmxvZ3Nwb3QuY29tLzIwMjIvMTIvMjMtcmljZXR0YS1wb3JyaWRnZS1saWdodC1wcm90ZWljby5odG1sIn19.j3Ys5UuqUZKRSGnKphIJ5L-60pV6D4uUeJru6o-qqqU; expires=Tue, 06 Dec 2022 11:26:44 GMT; secure; SameSite=None
uid_id2=716454eb-9e30-4187-b2cb-582635cd394a:2:1; expires=Tue, 13 Dec 2022 11:25:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 52ea9b60c20d3dd631d722700e0717f6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
snappedanticipation.com/watch.1504327448312?key=e69352f690a12fcbce1c792a36513e94&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
200 OK 1.2 kB URL HTTP/1.1 snappedanticipation.com/watch.1504327448312?key=e69352f690a12fcbce1c792a36513e94&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (570)
Hash 8d5019deccdb511291f0786764089c5d
53788d56f7c731a240ae542a07daa75126847255
61d8c0689edfbb1e3883077f274d46d6c6a9b45f1f6574bf444cfc8c3909e859
GET /watch.1504327448312?key=e69352f690a12fcbce1c792a36513e94&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1 HTTP/1.1
Host: snappedanticipation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Dec 2022 11:25:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17569137; expires=Wed, 07 Dec 2022 11:25:44 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2OTEzNywiayI6ImU2OTM1MmY2OTBhMTJmY2JjZTFjNzkyYTM2NTEzZTk0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJyaW14aDZybjZ0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3BhcnNobmVzaWFoLmJsb2dzcG90LmNvbS8yMDIyLzEyLzIzLXJpY2V0dGEtcG9ycmlkZ2UtbGlnaHQtcHJvdGVpY28uaHRtbCJ9fQ.A4vsRgxHqdK_3e_u8egmOOkYRmgcDInJKmjnwKlSG1Y; expires=Tue, 06 Dec 2022 11:26:44 GMT; secure; SameSite=None
uid_id2=716454eb-9e30-4187-b2cb-582635cd394a:2:1; expires=Tue, 13 Dec 2022 11:25:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 749e6c750f7163d8ac1a75386d2322d1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5575d12e87dd96f370a6ef6332c460bf
4fc5e8837b5c0fcfeba488c58afe7915ae94434f
67016264f28c5cfaf12fa4aa15e69af8f2fc249c2c6eb3428f4723abb5541ec6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67016264F28C5CFAF12FA4AA15E69AF8F2FC249C2C6EB3428F4723ABB5541EC6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5598
Expires: Tue, 06 Dec 2022 12:59:02 GMT
Date: Tue, 06 Dec 2022 11:25:44 GMT
Connection: keep-alive
soldierreproduceadmiration.com/watch.277841516113?shu=973a6efbcc35fa05cad644bb25c76bf8725abe0c5ead7acacd144c8cd1b5c2c44b11b058df6ea9392446eeb4c82f42000d7c9028dccdf3cacc8cfcb6828626fb113eec6f68972ee3f7b0da5193ca22aab4621d943a35c5d093416cf8ced3705d1f&pst=1670326004&rmtc=t&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1&pii=&in=false&key=75a9554123301b51a48e3b22b6473606&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D
200 OK 1.8 kB URL HTTP/1.1 soldierreproduceadmiration.com/watch.277841516113?shu=973a6efbcc35fa05cad644bb25c76bf8725abe0c5ead7acacd144c8cd1b5c2c44b11b058df6ea9392446eeb4c82f42000d7c9028dccdf3cacc8cfcb6828626fb113eec6f68972ee3f7b0da5193ca22aab4621d943a35c5d093416cf8ced3705d1f&pst=1670326004&rmtc=t&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1&pii=&in=false&key=75a9554123301b51a48e3b22b6473606&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2512)
Hash 41eb215b2a4dd4ef42d4840d6d14191a
449a2b0a422beb1e1c313e4361c7db38adc60b10
421d2dbbbf45747add26bd20ca4ef6b668718fb2121f96847993f1e1bcab5b28
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.277841516113?shu=973a6efbcc35fa05cad644bb25c76bf8725abe0c5ead7acacd144c8cd1b5c2c44b11b058df6ea9392446eeb4c82f42000d7c9028dccdf3cacc8cfcb6828626fb113eec6f68972ee3f7b0da5193ca22aab4621d943a35c5d093416cf8ced3705d1f&pst=1670326004&rmtc=t&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1&pii=&in=false&key=75a9554123301b51a48e3b22b6473606&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soldierreproduceadmiration.com/watch.277841516113?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
Cookie: u_pl=17037282,17569139; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2OTEzOSwiayI6IjQ3NWY2N2EwMzkyYTQwMjRmNjRmZTlkMmI5MTFhNDJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJza2Q2NG45NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NwYXJzaG5lc2lhaC5ibG9nc3BvdC5jb20vMjAyMi8xMi8yMy1yaWNldHRhLXBvcnJpZGdlLWxpZ2h0LXByb3RlaWNvLmh0bWwifX0.9SrsSHQnQV9uy58Zxwq0SZlvhRuE94RK71aTF_WM5iI; uid_id2=716454eb-9e30-4187-b2cb-582635cd394a:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sparshnesiah.blogspot.com/2022/12/23-ricetta-porridge-light-proteico.html
Access-Control-Allow-Origin: https://sparshnesiah.blogspot.com/2022/12/23-ricetta-porridge-light-proteico.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=716454eb-9e30-4187-b2cb-582635cd394a:2:1; expires=Tue, 13 Dec 2022 11:25:44 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 07 Dec 2022 11:25:44 GMT; secure; SameSite=None
uncs=1; expires=Wed, 07 Dec 2022 11:25:44 GMT; secure; SameSite=None
pdhtkv5=true; expires=Wed, 07 Dec 2022 11:25:44 GMT; secure; SameSite=None
uncs5=1; expires=Wed, 07 Dec 2022 11:25:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f882ca9ac0e8f2ee8af8797c7376e7f8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
soldierreproduceadmiration.com/watch.76267807203?shu=b41787671f1bc9e5b9794d028607092621b59315f2f897201dc645c5fe29585e3864a060e27c3f01a1061af727675a128337512c3629a04b4807e708beb2d9951f6d0cabad9c0d7590917b820a7ec5e5ad78bc6bd5c5b207818acdf7e2c0&pst=1670326004&rmtc=t&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1&pii=&in=false&key=475f67a0392a4024f64fe9d2b911a42e&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&dev=e&res=12.1055&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&tz=0
200 OK 1.8 kB URL HTTP/1.1 soldierreproduceadmiration.com/watch.76267807203?shu=b41787671f1bc9e5b9794d028607092621b59315f2f897201dc645c5fe29585e3864a060e27c3f01a1061af727675a128337512c3629a04b4807e708beb2d9951f6d0cabad9c0d7590917b820a7ec5e5ad78bc6bd5c5b207818acdf7e2c0&pst=1670326004&rmtc=t&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1&pii=&in=false&key=475f67a0392a4024f64fe9d2b911a42e&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&dev=e&res=12.1055&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&tz=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2442)
Hash 7d0c2d4610d1b1092b210449b5838ff2
214df61fc3f9c4e49037eaae0b4d32f0d9598407
3afc16b327562fcaa605ba024b9c90e0e56249974b29ec7237238207c0dc5e63
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.76267807203?shu=b41787671f1bc9e5b9794d028607092621b59315f2f897201dc645c5fe29585e3864a060e27c3f01a1061af727675a128337512c3629a04b4807e708beb2d9951f6d0cabad9c0d7590917b820a7ec5e5ad78bc6bd5c5b207818acdf7e2c0&pst=1670326004&rmtc=t&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1&pii=&in=false&key=475f67a0392a4024f64fe9d2b911a42e&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&dev=e&res=12.1055&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&tz=0 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soldierreproduceadmiration.com/watch.76267807203?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
Cookie: u_pl=17037282,17569139; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2OTEzOSwiayI6IjQ3NWY2N2EwMzkyYTQwMjRmNjRmZTlkMmI5MTFhNDJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJza2Q2NG45NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NwYXJzaG5lc2lhaC5ibG9nc3BvdC5jb20vMjAyMi8xMi8yMy1yaWNldHRhLXBvcnJpZGdlLWxpZ2h0LXByb3RlaWNvLmh0bWwifX0.9SrsSHQnQV9uy58Zxwq0SZlvhRuE94RK71aTF_WM5iI; uid_id2=716454eb-9e30-4187-b2cb-582635cd394a:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sparshnesiah.blogspot.com/2022/12/23-ricetta-porridge-light-proteico.html
Access-Control-Allow-Origin: https://sparshnesiah.blogspot.com/2022/12/23-ricetta-porridge-light-proteico.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=716454eb-9e30-4187-b2cb-582635cd394a:2:1; expires=Tue, 13 Dec 2022 11:25:44 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 07 Dec 2022 11:25:44 GMT; secure; SameSite=None
uncs=1; expires=Wed, 07 Dec 2022 11:25:44 GMT; secure; SameSite=None
pdhtkv27=true; expires=Wed, 07 Dec 2022 11:25:44 GMT; secure; SameSite=None
uncs27=1; expires=Wed, 07 Dec 2022 11:25:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 609babe92eda833fd21d5dfb98f4dc4a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
snappedanticipation.com/watch.1504327448312?shu=fea880ceb4a0c1ae9942a0a0efb311a73e1876b491cf43e633fc4eb2eabeb455308dc6657b24d9d35af900a4a2a33ed8be78dcaa5e9414a6459a66217bd085acee896e9596411c4e3052d3f3c22499736e49c27b&pst=1670326004&rmtc=t&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1&pii=&in=false&key=e69352f690a12fcbce1c792a36513e94&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&dev=e&res=12.1055&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&tz=0
200 OK 1.8 kB URL HTTP/1.1 snappedanticipation.com/watch.1504327448312?shu=fea880ceb4a0c1ae9942a0a0efb311a73e1876b491cf43e633fc4eb2eabeb455308dc6657b24d9d35af900a4a2a33ed8be78dcaa5e9414a6459a66217bd085acee896e9596411c4e3052d3f3c22499736e49c27b&pst=1670326004&rmtc=t&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1&pii=&in=false&key=e69352f690a12fcbce1c792a36513e94&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&dev=e&res=12.1055&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&tz=0
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2502)
Hash 17ca7e741247469b498651cd728f8298
d23aaf2ecb51df67ed4b9d0aa36db6dcb4500afb
d3b3932b818383d37b2e497014b48f30beefc3a14167d6a09ed5ed5c0f5bd37b
GET /watch.1504327448312?shu=fea880ceb4a0c1ae9942a0a0efb311a73e1876b491cf43e633fc4eb2eabeb455308dc6657b24d9d35af900a4a2a33ed8be78dcaa5e9414a6459a66217bd085acee896e9596411c4e3052d3f3c22499736e49c27b&pst=1670326004&rmtc=t&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1&pii=&in=false&key=e69352f690a12fcbce1c792a36513e94&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&dev=e&res=12.1055&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&tz=0 HTTP/1.1
Host: snappedanticipation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snappedanticipation.com/watch.1504327448312?key=e69352f690a12fcbce1c792a36513e94&kw=%5B%2223%2B%22%2C%22ricetta%22%2C%22porridge%22%2C%22light%22%2C%22proteico%22%2C%22-%22%2C%22sparshnesiah%22%5D&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F2022%2F12%2F23-ricetta-porridge-light-proteico.html&tz=0&dev=e&res=12.1055&uuid=716454eb-9e30-4187-b2cb-582635cd394a%3A2%3A1
Cookie: u_pl=17569137; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2OTEzNywiayI6ImU2OTM1MmY2OTBhMTJmY2JjZTFjNzkyYTM2NTEzZTk0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJyaW14aDZybjZ0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3BhcnNobmVzaWFoLmJsb2dzcG90LmNvbS8yMDIyLzEyLzIzLXJpY2V0dGEtcG9ycmlkZ2UtbGlnaHQtcHJvdGVpY28uaHRtbCJ9fQ.A4vsRgxHqdK_3e_u8egmOOkYRmgcDInJKmjnwKlSG1Y; uid_id2=716454eb-9e30-4187-b2cb-582635cd394a:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Dec 2022 11:25:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sparshnesiah.blogspot.com/2022/12/23-ricetta-porridge-light-proteico.html
Access-Control-Allow-Origin: https://sparshnesiah.blogspot.com/2022/12/23-ricetta-porridge-light-proteico.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=716454eb-9e30-4187-b2cb-582635cd394a:2:1; expires=Tue, 13 Dec 2022 11:25:44 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 07 Dec 2022 11:25:44 GMT; secure; SameSite=None
uncs=1; expires=Wed, 07 Dec 2022 11:25:44 GMT; secure; SameSite=None
pdhtkv32=true; expires=Wed, 07 Dec 2022 11:25:44 GMT; secure; SameSite=None
uncs32=1; expires=Wed, 07 Dec 2022 11:25:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c4383ff9535cea2bb8c58273f094ee37
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 69f94ae2562b6912a1f8e721bb94c028
efd05133a22b539ed568b3c75e6e8aabb281799c
b0c82753f01003c61fa71cf5542ead1fe90f11a9863592b374a8d3c13da4b306
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C82753F01003C61FA71CF5542EAD1FE90F11A9863592B374A8D3C13DA4B306"
Last-Modified: Tue, 06 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14288
Expires: Tue, 06 Dec 2022 15:23:52 GMT
Date: Tue, 06 Dec 2022 11:25:44 GMT
Connection: keep-alive
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17037309
200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17037309
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a0cac376c3defe8ed32b7afdb2e56393
847e9bbf4338c0580dc1bddad1ca14e454bd94ce
a4025803add261dc640f52e191569d43142d2aa890c37910d32487defe1d7259
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17037309 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Wed, 07 Dec 2022 11:25:44 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTcwMzczMDkiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zcGFyc2huZXNpYWguYmxvZ3Nwb3QuY29tLyJ9fQ.ETdogKqOz-pI5Mb3ABrpKP8zitm-Yi3-pN6naQODRFU; expires=Tue, 06 Dec 2022 11:26:44 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 23f3eabd0481bc5209f589e8d2a6fc3c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/2e/61/76/2e61760671c5c309f97670807995a862/1647610014.jpg
200 OK 100 kB URL HTTP/2 cdn.cloudimagesb.com/bi/2e/61/76/2e61760671c5c309f97670807995a862/1647610014.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2022:03:14 15:37:28], baseline, precision 8, 300x250, components 3\012- data
Size 100 kB (100085 bytes)
Hash f4e6c6b8ef7474ecb576cf1fe5251373
00183c407b2f64d4d65554e097ab973f0bf410b0
5d93eee612b572d1a555cb232c3fecf99cf54b423d00ba4cafa9c3f9bc48721f
GET /bi/2e/61/76/2e61760671c5c309f97670807995a862/1647610014.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soldierreproduceadmiration.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:44 GMT
content-type: image/jpeg
content-length: 100085
server: nginx/1.17.6
last-modified: Fri, 18 Mar 2022 13:27:00 GMT
etag: "623488a4-186f5"
expires: Thu, 08 Dec 2022 11:25:44 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/39/11/fc/3911fc2bc5686d19aba937b2ee4a8d74/1632786309.jpg
200 OK 36 kB URL HTTP/2 cdn.cloudimagesb.com/bi/39/11/fc/3911fc2bc5686d19aba937b2ee4a8d74/1632786309.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:09:23 18:26:47], progressive, precision 8, 320x50, components 3\012- data
Hash 1589cbe926dd90002498e981b0ba014c
b1529257efe5c6548b5d7dbf805ef37a7f327edb
34b53c080b4ed6153263eb3dc6ec474d5e527456f7f78d4b23e5992011ca7f31
GET /bi/39/11/fc/3911fc2bc5686d19aba937b2ee4a8d74/1632786309.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snappedanticipation.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:44 GMT
content-type: image/jpeg
content-length: 36125
server: nginx/1.17.6
last-modified: Mon, 27 Sep 2021 23:45:20 GMT
etag: "61525790-8d1d"
expires: Thu, 08 Dec 2022 11:25:44 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/4b/96/68/4b96685c0a3091928ea888570b86bf0e/1627917142.png
200 OK 30 kB URL HTTP/2 cdn.cloudimagesb.com/cti/4b/96/68/4b96685c0a3091928ea888570b86bf0e/1627917142.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 468 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 84492852893bb0a3be45fee0a0068ab6
99f7af18f0b8e6bef900db182ae34cde9d5ff93d
d01b52546146a16b27bc3178ea4155e47dc0cb8c0fdd558fc0c82e695e1f4f20
GET /cti/4b/96/68/4b96685c0a3091928ea888570b86bf0e/1627917142.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soldierreproduceadmiration.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:44 GMT
content-type: image/png
content-length: 30010
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 15:12:29 GMT
etag: "61080b5d-753a"
expires: Thu, 08 Dec 2022 11:25:44 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?shu=9db1ed24836cf3a7d702965381336592c4a48d4240978f838de6699266ccb4e9556f97429107c9ff5e741419876047d49b35025b7f1cf5ed4fff5cd8c1882af203520409c5d3cf44fd0a22b0b4a47b601a6cd9&pst=1670326004&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F&psid=17037309
302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=9db1ed24836cf3a7d702965381336592c4a48d4240978f838de6699266ccb4e9556f97429107c9ff5e741419876047d49b35025b7f1cf5ed4fff5cd8c1882af203520409c5d3cf44fd0a22b0b4a47b601a6cd9&pst=1670326004&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F&psid=17037309
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=9db1ed24836cf3a7d702965381336592c4a48d4240978f838de6699266ccb4e9556f97429107c9ff5e741419876047d49b35025b7f1cf5ed4fff5cd8c1882af203520409c5d3cf44fd0a22b0b4a47b601a6cd9&pst=1670326004&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fsparshnesiah.blogspot.com%2F&psid=17037309 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTcwMzczMDkiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zcGFyc2huZXNpYWguYmxvZ3Nwb3QuY29tLyJ9fQ.ETdogKqOz-pI5Mb3ABrpKP8zitm-Yi3-pN6naQODRFU; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Tue, 06 Dec 2022 11:25:44 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: pdhtkv=true; expires=Wed, 07 Dec 2022 11:25:44 GMT
uncs=1; expires=Wed, 07 Dec 2022 11:25:44 GMT
pdhtkv28=true; expires=Wed, 07 Dec 2022 11:25:44 GMT
uncs28=1; expires=Wed, 07 Dec 2022 11:25:44 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 180c04b689d947d13ec733d22f9133bf
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Tue, 06 Dec 2022 11:25:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 06 Dec 2022 11:25:45 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d; domain=.unibet.com; expires=Thu, 06-Dec-3021 11:25:45 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=140
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 06 Dec 2022 11:25:45 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node0ghm5ze8qirxna29zjztmanb3595007.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node0ghm5ze8qirxna29zjztmanb35; Path=/; Domain=.unibet.nu; Expires=Thu, 05-Dec-2024 11:25:45 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Thu, 05-Dec-2024 11:25:45 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.spikereekvelocity.com/"; Path=/; Domain=.unibet.nu; Expires=Thu, 05-Dec-2024 11:25:45 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E34F78B8B9AD47ED8C99AD4962E13DAA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://www.spikereekvelocity.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Tue, 06 Dec 2022 11:25:45 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node0ghm5ze8qirxna29zjztmanb35; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; affiliateId=1; B-TAG=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E34F78B8B9AD47ED8C99AD4962E13DAA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 06 Dec 2022 11:25:45 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Tue, 06 Dec 2022 11:25:45 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4bc24a752482e96aa7f4699c713888b4
78d5d6d0a195ccc1650ce7a174d375f3ea8d188b
6a17636802702728bce1a7ffb368008aab911ff3d4f2a5b54b0253066c3d4881
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A17636802702728BCE1A7FFB368008AAB911FF3D4F2A5B54B0253066C3D4881"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11039
Expires: Tue, 06 Dec 2022 14:29:44 GMT
Date: Tue, 06 Dec 2022 11:25:45 GMT
Connection: keep-alive
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
200 OK 2.5 kB URL HTTP/2 welcome.unibet.com/custom.js
IP
Hash aa267687f26341663d4087e086300ea6
c773d4599e0fddfb8dbef3030d02403e43160a5e
f639aebb34102dff02ca219082ab1b4e62c40636cde74c30d75bab230c8ca3fd
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 97062
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a94c070b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 83508e2764c69782f1bae91e8b4f62f6
a00ea71e0f3d3be36c287f904ae306e5cb7d32cf
058fcc238e1df7cd76946926f203e4c5cea3f743a259c812199af346c1cbbf43
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2148
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:45 GMT
Last-Modified: Tue, 06 Dec 2022 10:49:58 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
a1s.unibet.com/orval/tracking/lastclick.min.js
304 Not Modified 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 304 Not Modified
date: Tue, 06 Dec 2022 11:25:45 GMT
etag: "705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 11:09:22 GMT
expires: Wed, 06 Dec 2023 11:09:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 983
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 83508e2764c69782f1bae91e8b4f62f6
a00ea71e0f3d3be36c287f904ae306e5cb7d32cf
058fcc238e1df7cd76946926f203e4c5cea3f743a259c812199af346c1cbbf43
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2148
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:45 GMT
Last-Modified: Tue, 06 Dec 2022 10:49:58 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
a1s.unibet.com/orval/tracking/lastclick.min.js
304 Not Modified 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 304 Not Modified
date: Tue, 06 Dec 2022 11:25:45 GMT
etag: "705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
200 OK 99 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Hash 1d0cf08e411716db5cafe97b82e42205
e7baa65ed47e6ef6d3698d51fa0dec67d393de6b
259353440e384040719dfe2edd6fab083b8b881f8d79070b9436595afe449800
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3A5CF50"
x-ms-request-id: cd88faad-301e-0047-5503-037959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 97109
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a95c1d0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
200 OK 21 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8eeca769d6285ba52f385dd4a6cd6e07
5c8c98b39c664cf8eacd13dd08bf2076b42897f0
1b3bd12177af11c5f240f08b4a18119b2c009d50a60c8338d50f9ed87e7bc70f
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 21 Nov 2022 12:34:13 GMT
etag: W/"0x8DACBBCB22FE05F"
x-ms-request-id: bf5a1d34-901e-003c-5a03-033bc5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 97109
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a96c2e0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Hash 3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:46 GMT
content-type: font/woff2
content-length: 74320
x-amz-id-2: M4A/F0JmvDZ1O1xRg2EBakOzxZF3bSCcwS7PM2TzdgHMYzotAgHsHpRFaX6ety8BGzuScpc+CmY=
x-amz-request-id: KZBF2W9RM5AR88GJ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 30877303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FegblIcBwQU4TYfSlkfgxBWfjOP6%2B59xRG%2FlQeQAbPfB%2B%2FN1%2FLZuLjxvnSTdiJNLUg5IdZ%2F%2BWWGg0cOMIZWqnjJ1l%2FshIkUWo4TxcKLp4ZXc1xwKXNvOqs18PQ3X5wIIqcSPsEf%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7754a9aa785a88b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 489091
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
200 OK 16 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1066), with no line terminators
Hash 707ecd1dcc5b6a857891e10ef15f1859
6cb622c75b721419b468dfdd093ce82eece842aa
33ab09bca14f6f1ba0f163f50c25003289477365ed0b75a26469fe440ced800d
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB39EA46F"
x-ms-request-id: a11628c9-801e-0042-7503-03ab82000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 97109
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a95c1c0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 489112
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP
File type ASCII text, with very long lines (62112)
Hash 0bad7aa369cd8db28462e7dad33ef61c
e28552c06e65149a5b0cad9eaeb8edef0b16da8e
0390f2a3075131ab308a4d5995f7dc7f644c8b441d0af45cdc62fc6f95ceb699
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 11:25:46 GMT
expires: Tue, 06 Dec 2022 11:25:46 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80802
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 58648f3fe9d412b626d6888693fe73f2
f7db4e9032415fd203fc299650a5dd306a93288d
aaff40aeb38e4d01d5fd5a336c678da89452daab9e924bb3c92201afd5fe4cd6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5238
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:46 GMT
Last-Modified: Tue, 06 Dec 2022 09:58:28 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/seg?add=9755599
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 06 Dec 2022 11:25:46 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 2a29e4fa-2bca-4d1b-9f43-2cd969b8c658
Set-Cookie: uuid2=4897495196580792516; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 06-Mar-2023 11:25:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
200 OK 1.8 kB URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP
File type JSON data\012- , ASCII text, with very long lines (5061), with no line terminators
Hash 0dd090b6aa5e5b5766c6a1a8762f3cd6
6ff31f6a7939102266f87bdca8fca61c581ba151
bfad09df40843077eebbeddf9b2d2ef7567b54cd62eed2225d193806525ea17d
GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:46 GMT
content-type: application/json
content-length: 1770
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Tue, 06 Dec 2022 11:11:49 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 837
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9abc8bd1bfe-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
200 OK 2.0 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP
File type HTML document, Unicode text, UTF-8 text
Hash eaad3e86c8c9c0dab0238cedcee28058
ae84a870070efcfd8fed9325f8ed11753bc3a76e
3074448f2ee2ae2c1d6f1ef34aad8ae21b6991e8c7fa4b6decaada295b259cb7
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB50B45F5"
x-ms-request-id: 10dfb792-f01e-0077-0703-03c796000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 97109
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a93c040b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1670325946176
200 OK 498 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1670325946176
IP
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash cf67595f5dad4cffba6cf8c73ad79acb
792e085aaa0af45870ec0260ad0fc5520bd2de0e
9bae05b98bc18ef6134a01e2d7d7dbbd4ea9ed19dad684360eccb8080263921d
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1670325946176 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-00c503e2b.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=73931188447254458732775109520789234286; Max-Age=15552000; Expires=Sun, 04 Jun 2023 11:25:46 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: APzuHrGcRVg=
Content-Length: 498
Connection: keep-alive
script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
200 OK 27 kB URL HTTP/2 script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
IP
File type ASCII text, with very long lines (63889)
Hash 40a61971f3342753b240df82579098d2
75a44689092cd59612c3c77f4c3f353f5898c4b9
c53652de8d763aa53a2226f899e6c57434675b324a4e22b91bea1f217e99504a
GET /pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:46 GMT
content-type: text/javascript
content-length: 26836
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Fri, 18 Nov 2022 16:53:01 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 928851
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9acec66b51e-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 06 Dec 2022 11:25:46 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 18617c36-54d4-4d32-b079-dcf717aa3d59
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Ilbk%BD!!]tbP6j2F-XstGt!@DxX$yAru; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 06-Mar-2023 11:25:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
200 OK 984 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1053), with no line terminators
Hash 658683c8eb81b3ec89a61bd1d7fd665f
8fcc1831ba876dea6f48e8ab7f7f50ba1c81556d
f57f1b246817d3898987cdcbfd36bcce50782900d76a916bd1eaf28aa7739d52
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:46 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 440
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9ad9d52b527-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463979
200 OK 145 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463979
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f6830e75e6743c6292c765956e2cce2
7456ca9adc3db574003802e1d9ab10b60ca6b11f
6d3401e2d3800318f9f85f4ac24f93b6fac6c26fb826e8323f3c949d6c94cbeb
GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463979 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:46 GMT
content-type: application/json
content-length: 145
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Tue, 06 Dec 2022 11:11:50 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 836
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9ae4ad41bfe-OSL
X-Firefox-Spdy: h2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
200 OK 1.6 kB URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 95749b8947bafab3252e3f8d6673eeeb
53956ebab24234e35519d21e11889d9973b086b0
05c717c191b06542c7b90ee8421c61707f06b0e28836ff33c852dcc27b89113b
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Tue, 06 Dec 2022 11:25:46 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=15ba40cd1caa1bec2184ac4d6bc54f4c82e5289caaa419bdac02883b5bb07792;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=15ba40cd1caa1bec2184ac4d6bc54f4c82e5289caaa419bdac02883b5bb07792;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 6 Dec 2022 11:25:46 GMT
DCS: dcs-prod-irl1-1-v045-0327f6936.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 3ieBqSdOQnA=
transfer-encoding: chunked
Connection: keep-alive
pagestates-tracking.crazyegg.com/healthcheck
200 OK 19 B URL HTTP/2 pagestates-tracking.crazyegg.com/healthcheck
IP
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: pagestates-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Fri, 30 Sep 2022 16:18:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8mC39My98YuHv9celxJrmiVmiroC3SM4XlrYd-qOxi3yGdtWgYgyOQ==
age: 5771213
X-Firefox-Spdy: h2
assets-tracking.crazyegg.com/healthcheck
200 OK 19 B URL HTTP/2 assets-tracking.crazyegg.com/healthcheck
IP
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Sat, 05 Nov 2022 03:10:02 GMT
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JVn-OSjPQo9vyDNMaGEQ9tG6xPoliYIhZ18jspVHxgFr0B8INrLTWg==
age: 2708145
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s99085595238567?AQB=1&ndh=1&pf=1&t=6%2F11%2F2022%2011%3A25%3A46%202%200&mid=73925000348895952422778130057762250741&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_E34F78B8B9AD47ED8C99AD4962E13DAA%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_E34F78B8B9AD47ED8C99AD4962E13DAA%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A25%20AM%7CTuesday&v6=11%3A25%20AM%7CTuesday&v11=GBP&c14=New&v14=New&c16=1670325946&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&v126=68246908&v127=37950&v134=1670325946&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s99085595238567?AQB=1&ndh=1&pf=1&t=6%2F11%2F2022%2011%3A25%3A46%202%200&mid=73925000348895952422778130057762250741&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_E34F78B8B9AD47ED8C99AD4962E13DAA%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_E34F78B8B9AD47ED8C99AD4962E13DAA%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A25%20AM%7CTuesday&v6=11%3A25%20AM%7CTuesday&v11=GBP&c14=New&v14=New&c16=1670325946&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&v126=68246908&v127=37950&v134=1670325946&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s99085595238567?AQB=1&ndh=1&pf=1&t=6%2F11%2F2022%2011%3A25%3A46%202%200&mid=73925000348895952422778130057762250741&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_E34F78B8B9AD47ED8C99AD4962E13DAA%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_E34F78B8B9AD47ED8C99AD4962E13DAA%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A25%20AM%7CTuesday&v6=11%3A25%20AM%7CTuesday&v11=GBP&c14=New&v14=New&c16=1670325946&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&v126=68246908&v127=37950&v134=1670325946&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Tue, 06 Dec 2022 11:25:46 GMT
expires: Mon, 05 Dec 2022 11:25:46 GMT
last-modified: Wed, 07 Dec 2022 11:25:46 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3586997656199397376-4619608093280912353
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 6bcf99cf6268833f1c595219acabc038
2b788a764087812085698d77dd9a0ce711d2270d
449780d702152ef7029115f1bffaf39d850f34288d51743fda24ad65ce5334db
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 11:25:46 GMT
Last-Modified: Tue, 06 Dec 2022 10:49:52 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IIMAg78psfiBGUP6JcivhNz56sTTvfTrsE5NkEg9th9HAPCP5PI04g==
Age: 2154
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
200 OK 1.9 kB URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0d3b25d24a9f39a3b7b2a4b8f815ee20
e37c0026de1ea9a4d5a9931d9a4260b91c310201
71fcfaaef0187e7ee4a219f0cacddcbeedcc3f1f6a03d1e970e0a3711513dbf6
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:46 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 440
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9ad9d45b527-OSL
content-encoding: br
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Y48mugAAAI0IrANn
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y48mugAAAI0IrANn
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y48mugAAAI0IrANn HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-09f6df340.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y48mugAAAI0IrANn
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=22038988727426263293651606999458889263; Max-Age=15552000; Expires=Sun, 04 Jun 2023 11:25:46 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: L+/bL4sUTRQ=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y48mugAAAI0IrANn
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y48mugAAAI0IrANn
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y48mugAAAI0IrANn HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0687cfe76.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: w47mnYRjTQE=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7f7c16032f0af15e6aecce85dc4668da
41ad1aedd14f159412ff1e364b1dd6d8867ec52c
24db8b77e0993be81c5b219827c31707daa507478451e21c9db620a80677ac7d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100975
Date: Tue, 06 Dec 2022 11:25:46 GMT
Etag: "638e090d-1d7"
Expires: Wed, 07 Dec 2022 15:28:41 GMT
Last-Modified: Mon, 05 Dec 2022 15:06:53 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: y8apODDrk59IpIAUc9EahqVrxFshOQj2dhNEMjC64epjwJyWZifqDQ==
Age: 1308
tracking.crazyegg.com/clock?t=1670325946818&tk=49f5480a39da8ce7e59e73633af4ed5a
200 OK 26 B URL HTTP/2 tracking.crazyegg.com/clock?t=1670325946818&tk=49f5480a39da8ce7e59e73633af4ed5a
IP
File type ASCII text, with no line terminators
Hash c183c8f7356efbbea4c10e2922da9b25
8e91ce51d3afa2bf18acbcec477d36f959d8efc0
dc9a256a7535f311128db3869fb0f3d0d4a0f67e45320de4149f4c4906e39a10
GET /clock?t=1670325946818&tk=49f5480a39da8ce7e59e73633af4ed5a HTTP/1.1
Host: tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Tue, 06 Dec 2022 11:25:47 GMT
content-type: text/plain
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: text/css
x-amz-id-2: kIWUcp4/gRprxrhG4Bo7YL49QfCfoJzgcb+lBni7kDeALpU6YcOHbXZK3Ce3+VKgInDBPr7yuoA=
x-amz-request-id: GQJ6HHGYZ6JW9X6Q
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 828836
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUEPn%2B7e7vK0Fn2TfD%2FUmwqUYcH9VT4gamPKaO8QObiRqyTr4v9W4FNbUquwZpIN4V1v0J76E%2BJmJyVEwTTimylEuYyEdwKUQJiSgxw7dCoDx2h%2F7Fi7SB8EquPg3KWi8aegLg8R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7754a9a9df3e88b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js?463979
200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?463979
IP
GET /pages/scripts/0012/9242.js?463979 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:46 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Tue, 06 Dec 2022 11:11:50 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 836
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9abcb0db51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:46 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 369
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9ad9d56b527-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB117460B"
x-ms-request-id: dbafa778-701e-0034-4703-0321ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 97109
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a93c020b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB5157DAD"
x-ms-request-id: 88d0ed66-201e-0074-2503-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 97109
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a94c050b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB1D5BF7A"
x-ms-request-id: 5d879bd0-f01e-002a-0703-03cd12000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 97109
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a94c090b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:46 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Tue, 06 Dec 2022 11:11:50 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 836
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9ab7aaab51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
IP
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: 3j1KK5ReHy/6ckOVwt+Uag==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
x-ms-request-id: 2c434e5d-001e-004c-2f65-098232000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a72a2e0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
bayupras.com/ars/view.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
200 OK 0 B URL HTTP/2 bayupras.com/ars/view.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP
GET /ars/view.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:41 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Dec 2022 18:26:56 GMT
last-modified: Mon, 05 Dec 2022 16:30:50 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 61125
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fsb6mrrQVti5i8GtQ3dqr0O3KEv0vZLVqCLjvHtm%2BAfA6SIeIVxzCDNBxgOZZ%2FOm7uJqPytZHmJbfrxESfkxts%2BQTkqyjfbmePccltDNWDlYWv6yDF19IYgwZ7YisTI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7754a98fcb28b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4C5466A"
x-ms-request-id: 0b580569-d01e-0060-1f03-036e9d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 97109
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a94c140b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3E60357"
x-ms-request-id: 16b99321-701e-000b-6a03-03e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 97109
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a95c1e0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4CC7156"
x-ms-request-id: 4fc06b4d-901e-004e-1803-033c8a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 97109
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a95c1b0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:46 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB155306D"
x-ms-request-id: ef96856b-501e-0041-3303-034ae6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 97062
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9ab3dc70b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: application/xml
x-ms-request-id: 66816d97-b01e-002b-5265-0992ce000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 85
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a96c2d0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3
IP
GET /css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 11:25:41 GMT
date: Tue, 06 Dec 2022 11:25:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB2079DB0"
x-ms-request-id: 24a2aae3-d01e-004f-0203-036356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 97108
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a94c080b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 11:25:45 GMT
date: Tue, 06 Dec 2022 11:25:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E34F78B8B9AD47ED8C99AD4962E13DAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670325945204)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221261125%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228527465413%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:45 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4BDF480"
x-ms-request-id: 88d0ed69-201e-0074-2803-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 97109
vary: Accept-Encoding
server: cloudflare
cf-ray: 7754a9a94c130b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
bayupras.com/ars/header.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
200 OK 0 B URL HTTP/2 bayupras.com/ars/header.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP
GET /ars/header.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sparshnesiah.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 11:25:41 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 12 Dec 2022 18:26:55 GMT
last-modified: Sun, 27 Nov 2022 12:10:34 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 61126
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwCMMKp9vT6uPOl0DHZxlnB%2BiUmpPOkQaD26dC0%2FzLGVXzfjKnk%2BUX16%2FdsmbnhxQHlSaMjo5p7dF9EJyqUeeTQUOJfCvOV7RlpHteBOVuxswZ7Vd%2Bsp2Uiq1lKHpRo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7754a990bc61b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
172.217.21.161
23.36.76.226
54.171.208.22
185.89.210.244
46.254.38.67
93.184.220.29
15.188.95.229
185.114.108.113
85.184.96.5
104.18.25.188
104.40.147.180