r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bbea1550fedd5eb9c265712fab75b137
2c2f981747898a380265f766345f2bb9c8c983fd
c728286e38c31a4d3f7a39702e0a5f69c14bf69e01a88bc4479714953fbda278
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C728286E38C31A4D3F7A39702E0A5F69C14BF69E01A88BC4479714953FBDA278"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5582
Expires: Thu, 22 Dec 2022 22:53:38 GMT
Date: Thu, 22 Dec 2022 21:20:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b8fbcd7ca1a893d05677318a8a198e7a
0851654c21f6e3741887e7deab8098c1dc56f33c
edbade5913ace2fcbb932922e9af69acb2e8759474a2eeaec216307247fea361
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDBADE5913ACE2FCBB932922E9AF69ACB2E8759474A2EEAEC216307247FEA361"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11749
Expires: Fri, 23 Dec 2022 00:36:25 GMT
Date: Thu, 22 Dec 2022 21:20:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 22 Dec 2022 20:34:41 GMT
content-type: application/json
age: 2755
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 32167242c3bbe7e45a2a865279df94a6
d03436f418ff77d50a553daa892c05e0725ba908
d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2165
Expires: Thu, 22 Dec 2022 21:56:41 GMT
Date: Thu, 22 Dec 2022 21:20:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BEHNlmBBMsAVkDo+uOFsVNn6FdgfDuMzhz+JYjrM4ZYaLpx7fVPF8bpe2E1f2VQckBbB2EOm6qc=
x-amz-request-id: 10F5WXKX78ZS7MPM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 22 Dec 2022 20:53:48 GMT
age: 1608
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Dec 2022 21:20:36 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 22 Dec 2022 20:33:24 GMT
age: 2832
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 70a7b165f99b2b8fa0dc98318a7158d7
4d924f7febab9c8fe3fe9199e8879fd6ad892575
c5e0e414c34f2f328b487ae72b21a12a1b50d952aa1a31fb6314b4e700d27e05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1656
Cache-Control: max-age=130429
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 21:20:37 GMT
Etag: "63a41e2a-1d7"
Expires: Sat, 24 Dec 2022 09:34:26 GMT
Last-Modified: Thu, 22 Dec 2022 09:06:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.20.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.20.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: azZWnE3PfWsZ3xWEBUuWkg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 35trATsh+Lj7DQlnz7XeQInlpxU=
www.googletagmanager.com/gtag/js?id=G-4PL9YJWR8Q
142.250.74.168302 Found 253 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=G-4PL9YJWR8Q
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 360093afa273c61a8291a79fe3344040
31d65e8bde58173df16b05de9e722f47fc7266cf
6a21f1b53e72d9c5ae1b447865e1c3295c97ec95ccc5cb51bc8ea2763d530d2d
GET /gtag/js?id=G-4PL9YJWR8Q HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-4PL9YJWR8Q
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 22 Dec 2022 21:20:38 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 253
X-XSS-Protection: 0
fonts.googleapis.com/css?family=Inter%3A400%2C300%2C600%2C800&ver=6.1.1
142.250.74.106200 OK 655 B URL HTTP/1.1 fonts.googleapis.com/css?family=Inter%3A400%2C300%2C600%2C800&ver=6.1.1
IP 142.250.74.106:0
Hash 2473752aba08696a286a8a9067fda5fe
e26588db291275b24f0dff4ea82f363569c8ae30
63b90e3b82f9c8315a1759bc6a7ab4666f15d61eed846663f3f3d9943f0cb6b8
GET /css?family=Inter%3A400%2C300%2C600%2C800&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 22 Dec 2022 21:20:38 GMT
Date: Thu, 22 Dec 2022 21:20:38 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ineedsjobs.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:38 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
vary: User-Agent
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b4064cd37eb4b1ac411189b0a7427ab4
23d775267bf9350ab08b1b28580ee5593b146d61
dc9c41cc8379d77eaba4bccb038ccd4e3b9cde1571cfe0e102c91b01881e239f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 21:20:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-4PL9YJWR8Q
142.250.74.168200 OK 67 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-4PL9YJWR8Q
IP 142.250.74.168:0
File type ASCII text, with very long lines (6356)
Hash ad481f75de18b6443c2827bc485a0b43
a599c5c1b974845d3d230528dbed27644b0f3135
125e263a3dc4f1e95f0abd1a86e6d2df5fbe0c8646b9446d6ec8a369e59fca52
GET /gtag/js?id=G-4PL9YJWR8Q HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Dec 2022 21:20:38 GMT
expires: Thu, 22 Dec 2022 21:20:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66976
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
acacdn.com/script/atg.js
104.21.85.95200 OK 32 kB IP 104.21.85.95:0
File type Unicode text, UTF-8 text, with very long lines (37217), with NEL line terminators
Hash bbe941a2501a7d01667a94d8ba9c432d
fa28f30ecf2f0ebcfe1e8fc28e602fff84836b56
b3c3ff2e9a94f132ab7bf6ef5bfe975d3ef44e0b6b99d123abbeae5b5ab0b06a
GET /script/atg.js HTTP/1.1
Host: acacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Date: Thu, 22 Dec 2022 21:20:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdvXJuPkUH_bVMsuVvMkdPzZb-0N3QMAumiMFtT0q_8Qbphn0yikwVAQngsKBfmWNYCJwMpslcRdZbkHUXfQGXIBkecvXI-k
x-goog-generation: 1670939538081813
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 97045
x-goog-hash: crc32c=zwlEeg==, md5=K8TvAKQxg8M4VQ0fZF2v2g==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Thu, 22 Dec 2022 21:29:19 GMT
Cache-Control: public, max-age=14400
Last-Modified: Tue, 13 Dec 2022 13:52:18 GMT
ETag: W/"2bc4ef00a43183c338550d1f645dafda"
Age: 3079
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcRLh4d8yDDKlm17zw%2BSEFq%2FgtrimCwd3iJyQfUvUUo0NFlUjFsJpYNSPvl6O841NmH8Mb18dmXAEb12yq%2FwI9pZBD1z%2BZ%2BrG7wIA2%2Fy1kCgRJJyKnfu019OUq%2Fw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77dbe711f8671c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5626
Expires: Thu, 22 Dec 2022 22:54:24 GMT
Date: Thu, 22 Dec 2022 21:20:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5626
Expires: Thu, 22 Dec 2022 22:54:24 GMT
Date: Thu, 22 Dec 2022 21:20:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65e2add8-ea05-4111-9858-24c4f0d437a5.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65e2add8-ea05-4111-9858-24c4f0d437a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1aa2fe21cd79bf1faaac0272119678d0
d23357441546e2f09f28f23407c81a52c01b9a22
ea050bbd73c13bcbac664baa5ae51a92277e1b1d1b8e7b0a4e18b46b4d20f3e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65e2add8-ea05-4111-9858-24c4f0d437a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8433
x-amzn-requestid: 4fed41bb-f868-49cd-820a-2dadcd2baace
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabuOHIBIAMF04w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d98e-46ab81065bf0f6d157b16b13;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: guDXekCSbwPS-EwHHTdEyLjAI0KW3nrOMs3X80AE2TBrL1TsICefPg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 22:09:35 GMT
age: 83463
etag: "d23357441546e2f09f28f23407c81a52c01b9a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1aefd95-d51b-4642-ab89-11a7030455cf.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1aefd95-d51b-4642-ab89-11a7030455cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd72f58a8fdce6925df77081a95c951b
625acc5e8257f47f745fd5a1b5d43d10f2df0d81
20f5fcc7bd72d44b0fff58e12b4ab025082e55e2d86e2bd48d740f091b84a86a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1aefd95-d51b-4642-ab89-11a7030455cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8860
x-amzn-requestid: 07acc052-7112-4844-8b9b-07ae6d36bde9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dfBrAGUTIAMFzrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a2afdf-5152438d378586f94911a722;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 07:03:59 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 42te3BPiP1bi8_OjGDaCyB2CmgiKE3K1eRiHM5v0q-LDImFrapUAfA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 07:14:17 GMT
age: 50781
etag: "625acc5e8257f47f745fd5a1b5d43d10f2df0d81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ineedsjobs.com/wp-includes/css/classic-themes.min.css?ver=1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-includes/css/classic-themes.min.css?ver=1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:38 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-includes/css/classic-themes.min.css?ver=1
vary: User-Agent
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9917118c-5972-401b-b285-5393790dd2a9.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9917118c-5972-401b-b285-5393790dd2a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b263902026f824265dafc8635785fc65
684efdc99b2b6243fd8a0e94a5ba9cc2147d7591
4c4198f2c893eddf2340ec6bc103f2b06dd4b5a588b81afb2fc0790a2ba148dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9917118c-5972-401b-b285-5393790dd2a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10082
x-amzn-requestid: af563ab2-2bec-4393-89ed-c39d35dbb8ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ddt_CGMWoAMFw1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a229f9-3f4fba7229f46d9f0356d9fd;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 21:32:41 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 4MOQl4LV3wwxC8YLj25k8SiK2yo2EBjhbA3I1NrAMkMf_C3qL2e1jw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 21:37:54 GMT
age: 85364
etag: "684efdc99b2b6243fd8a0e94a5ba9cc2147d7591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5dd6622433d537fbb91a04bd3b57d873
552f216608b819b4f65f0574e421f4a761f0d721
5e9b03133d928378a775ab52ec6e58cd7753aa2975a4966534353c0d6bc46af5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11471
x-amzn-requestid: 20d9459a-710b-4fcf-bfce-9f0c5f513740
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dbNEqGPnoAMFcDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a12884-4a93ab9047181db109d328e2;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 03:14:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qFwWS-f0U1hSbrFFgBiGNzXRvZyvR90n_MI7jfYfWsyv2W6jH8D-9w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 03:23:59 GMT
age: 64599
etag: "552f216608b819b4f65f0574e421f4a761f0d721"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5626
Expires: Thu, 22 Dec 2022 22:54:24 GMT
Date: Thu, 22 Dec 2022 21:20:38 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b4064cd37eb4b1ac411189b0a7427ab4
23d775267bf9350ab08b1b28580ee5593b146d61
dc9c41cc8379d77eaba4bccb038ccd4e3b9cde1571cfe0e102c91b01881e239f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 21:20:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ineedsjobs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:38 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
vary: User-Agent
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe214af9e-bbea-4c56-8594-6c13fa8e8658.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe214af9e-bbea-4c56-8594-6c13fa8e8658.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f10f083831869d290396d5b9066449fb
9752d6ec06f3e55ae86d60d27911d8c82ff4a9c4
4a0a255f740bce3f6515b37dba1c94dfd7869088e1a2043a8ea5b3790de1fb4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe214af9e-bbea-4c56-8594-6c13fa8e8658.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4081
x-amzn-requestid: b589c193-565b-4069-83f9-47cceac1c56d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhCNkGykoAMF0Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a37d89-74877b0e74988a776c55561f;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bAdhstYbD52w6YX3KsTt8q5nRiBJBkafqewhDw6Yj5GYmEi-ZskoXA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 21:53:54 GMT
etag: "9752d6ec06f3e55ae86d60d27911d8c82ff4a9c4"
content-type: image/jpeg
age: 84404
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5626
Expires: Thu, 22 Dec 2022 22:54:24 GMT
Date: Thu, 22 Dec 2022 21:20:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4d485bb-4ea0-4ca2-8687-87df55c571a9.png
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4d485bb-4ea0-4ca2-8687-87df55c571a9.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f672d451bfcdb5c6c0ce74f4578c268d
25e1714aaa27435cd939ef03a39e9f067503f807
931dbb511204474ba24283df7c65034e35046ab8e94974f697c52f09c0cbf872
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4d485bb-4ea0-4ca2-8687-87df55c571a9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9428
x-amzn-requestid: e8a380ea-1779-47bb-8c26-0651e0333046
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhCrKElsIAMFRhA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a37e47-133bc4ce28ba188d4ccea364;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 21:44:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rHlDJE7Gj06H2AsYLc0PghmslFpBbD9gYIKn-2SiYnDr3h_KvAv87A==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 21:53:44 GMT
etag: "25e1714aaa27435cd939ef03a39e9f067503f807"
content-type: image/jpeg
age: 84414
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ineedsjobs.com/wp-includes/css/dashicons.min.css?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:38 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-includes/css/dashicons.min.css?ver=6.1.1
vary: User-Agent
ineedsjobs.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:38 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11
vary: User-Agent
ineedsjobs.com/wp-content/plugins/adfoxly/public/css/adfoxly-public.css?ver=1.7.92
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/adfoxly/public/css/adfoxly-public.css?ver=1.7.92
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/adfoxly/public/css/adfoxly-public.css?ver=1.7.92 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:38 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/adfoxly/public/css/adfoxly-public.css?ver=1.7.92
vary: User-Agent
dexpredict.com/a/display.php?r=6562314
35.201.90.210204 No Content 0 B URL HTTP/1.1 dexpredict.com/a/display.php?r=6562314
IP 35.201.90.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/display.php?r=6562314 HTTP/1.1
Host: dexpredict.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 204 No Content
Server: openresty
Date: Thu, 22 Dec 2022 21:20:38 GMT
Access-Control-Allow-Origin: *
Via: 1.1 google
ineedsjobs.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:38 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
vary: User-Agent
ineedsjobs.com/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.3
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.3
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.3 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:38 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.3
vary: User-Agent
ineedsjobs.com/wp-content/themes/shapebox/style.css?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/themes/shapebox/style.css?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/themes/shapebox/style.css?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:38 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/themes/shapebox/style.css?ver=6.1.1
vary: User-Agent
ineedsjobs.com/wp-content/themes/shapebox/responsive.css?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/themes/shapebox/responsive.css?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/themes/shapebox/responsive.css?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:38 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/themes/shapebox/responsive.css?ver=6.1.1
vary: User-Agent
ineedsjobs.com/wp-content/themes/shapebox/dark.css?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/themes/shapebox/dark.css?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/themes/shapebox/dark.css?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:38 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/themes/shapebox/dark.css?ver=6.1.1
vary: User-Agent
pl18117199.highperformancecpmgate.com/40/ed/f7/40edf7e980ed044721c6a93b0a221eb4.js
192.243.59.12200 OK 21 kB URL HTTP/1.1 pl18117199.highperformancecpmgate.com/40/ed/f7/40edf7e980ed044721c6a93b0a221eb4.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60138), with no line terminators
Hash 7364509403e599f970b747726850d560
c0135b4a2d35501507793957eb1cec0049de1c74
cb726f77721b7b75462f3d4611b689ee8a8c9524ae91860bfffea90a385a720b
Analyzer Verdict Alert quad9 Sinkholed
GET /40/ed/f7/40edf7e980ed044721c6a93b0a221eb4.js HTTP/1.1
Host: pl18117199.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 22 Dec 2022 21:20:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2779c4f0b5b9d38038a893b1f8bd6088
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl18062922.highperformancecpmgate.com/17/08/a9/1708a94aaaa6628b875721ea011f8398.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 pl18062922.highperformancecpmgate.com/17/08/a9/1708a94aaaa6628b875721ea011f8398.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37113), with no line terminators
Hash 56981eb77a2d96533adf0020945510fe
76fac267b1e2d1530592d79b10e668c5c63f5235
609c73ffcdd67dd0bcd7ebd872843b658f4767f0c83c708c408a7cb1df5dcc50
Analyzer Verdict Alert quad9 Sinkholed
GET /17/08/a9/1708a94aaaa6628b875721ea011f8398.js HTTP/1.1
Host: pl18062922.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 22 Dec 2022 21:20:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0b8d3cb972825d71088c2ef295e6a76c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ineedsjobs.com/wp-content/themes/shapebox/fonts/all.min.css?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/themes/shapebox/fonts/all.min.css?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/themes/shapebox/fonts/all.min.css?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:38 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/themes/shapebox/fonts/all.min.css?ver=6.1.1
vary: User-Agent
ineedsjobs.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:38 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
vary: User-Agent
ineedsjobs.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1
vary: User-Agent
ineedsjobs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
vary: User-Agent
ineedsjobs.com/wp-content/plugins/jetpack/css/jetpack.css?ver=6.6.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/jetpack/css/jetpack.css?ver=6.6.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=6.6.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/jetpack/css/jetpack.css?ver=6.6.1
vary: User-Agent
ineedsjobs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
vary: User-Agent
ineedsjobs.com/wp-content/themes/shapebox/responsive.css?ver=6.1.1
172.105.39.127200 OK 1.9 kB URL HTTP/2 ineedsjobs.com/wp-content/themes/shapebox/responsive.css?ver=6.1.1
IP 172.105.39.127:0
File type ASCII text, with CRLF line terminators
Hash f2171c5602315779bde9604acbb519ba
7979c8049ddbc5812815f0ee5130158e49c65a5e
e13531bf5daff52954b6da80e1e385c43db8807f48d71f555895d4c5c5b9d38a
GET /wp-content/themes/shapebox/responsive.css?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 08:12:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1924
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20150408
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20150408
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20150408 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20150408
vary: User-Agent
ineedsjobs.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.0
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.0
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.0 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.0
vary: User-Agent
region1.google-analytics.com/g/collect?v=2&tid=G-4PL9YJWR8Q>m=2oebu0&_p=670943600&gdid=dZGIzZG&cid=1970618918.1671744038&ul=en-us&sr=1280x1024&_s=1&sid=1671744038&sct=1&seg=0&dl=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&dt=Toddler%20With%20Speech%20Delay%20Issue%20Say%20%22I%20Love%20You%2C%20Mommy%22%20For%20The%20First%20Time%20-%20I%20Needs%20Jobs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-4PL9YJWR8Q>m=2oebu0&_p=670943600&gdid=dZGIzZG&cid=1970618918.1671744038&ul=en-us&sr=1280x1024&_s=1&sid=1671744038&sct=1&seg=0&dl=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&dt=Toddler%20With%20Speech%20Delay%20Issue%20Say%20%22I%20Love%20You%2C%20Mommy%22%20For%20The%20First%20Time%20-%20I%20Needs%20Jobs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-4PL9YJWR8Q>m=2oebu0&_p=670943600&gdid=dZGIzZG&cid=1970618918.1671744038&ul=en-us&sr=1280x1024&_s=1&sid=1671744038&sct=1&seg=0&dl=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&dt=Toddler%20With%20Speech%20Delay%20Issue%20Say%20%22I%20Love%20You%2C%20Mommy%22%20For%20The%20First%20Time%20-%20I%20Needs%20Jobs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ineedsjobs.com
Connection: keep-alive
Referer: http://ineedsjobs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://ineedsjobs.com
date: Thu, 22 Dec 2022 21:20:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/plugins/adfoxly/public/js/adfoxly-public.js?ver=1.7.92
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/adfoxly/public/js/adfoxly-public.js?ver=1.7.92
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/adfoxly/public/js/adfoxly-public.js?ver=1.7.92 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/adfoxly/public/js/adfoxly-public.js?ver=1.7.92
vary: User-Agent
ineedsjobs.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1
vary: User-Agent
ineedsjobs.com/wp-content/plugins/adfoxly/public/js/adfoxly-public-ajax.js?ver=1.7.92
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/adfoxly/public/js/adfoxly-public-ajax.js?ver=1.7.92
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/adfoxly/public/js/adfoxly-public-ajax.js?ver=1.7.92 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/adfoxly/public/js/adfoxly-public-ajax.js?ver=1.7.92
vary: User-Agent
ineedsjobs.com/wp-content/plugins/alx-extensions/js/jquery.sharrre.min.js?ver=1.0.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/alx-extensions/js/jquery.sharrre.min.js?ver=1.0.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/alx-extensions/js/jquery.sharrre.min.js?ver=1.0.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/alx-extensions/js/jquery.sharrre.min.js?ver=1.0.1
vary: User-Agent
ineedsjobs.com/wp-content/themes/shapebox/dark.css?ver=6.1.1
172.105.39.127200 OK 2.1 kB URL HTTP/2 ineedsjobs.com/wp-content/themes/shapebox/dark.css?ver=6.1.1
IP 172.105.39.127:0
File type CSV text\012- , ASCII text
Hash c09a5e0fb4dd6ea6f2861a7e6248ee0f
a9afedfb0c42d64cba594f46d9b4d8f4e57960a2
55e0d1e7f158ce4891d593aedaaea50bcb5a8a80f8b8ff58324457b99149c455
GET /wp-content/themes/shapebox/dark.css?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 08:12:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2147
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/themes/shapebox/style.css?ver=6.1.1
172.105.39.127200 OK 15 kB URL HTTP/2 ineedsjobs.com/wp-content/themes/shapebox/style.css?ver=6.1.1
IP 172.105.39.127:0
File type HTML document, ASCII text, with very long lines (411), with CRLF line terminators
Hash d55057990d215a5c78719e7ebd9477ca
7a220a642940b2dec87776b4675141ce47b64828
45ec500030291ecec4dee62826832a8e135cdfe4f4a07ccc2b076c7ee7498444
GET /wp-content/themes/shapebox/style.css?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 08:12:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 15314
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
172.105.39.127200 OK 537 B URL HTTP/2 ineedsjobs.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
IP 172.105.39.127:0
Hash 912417e2f1dc528315cd897c614a4728
b1a691de86c05ef439850bf18cc5747b1c777d0a
ff745eec876a0fe33c5b164e90a1196970ee2c5ce79a269002d6b928b993f469
GET /wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 19:13:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 537
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ineedsjobs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
172.105.39.127200 OK 4.6 kB URL HTTP/2 ineedsjobs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 172.105.39.127:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 11:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4619
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.3
172.105.39.127200 OK 925 B URL HTTP/2 ineedsjobs.com/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.3
IP 172.105.39.127:0
File type ASCII text, with very long lines (3484), with CRLF line terminators
Hash 75b17c343a3dcddd88576ecdb51800bc
7503b291a4bed50fb4895e637b718ad0191ca1ac
7bb681282aaffee6ae29866899f39a51713a69a646d0c10d8c2b5b3c298e8bae
GET /wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.3 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 06:33:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 925
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/themes/shapebox/fonts/all.min.css?ver=6.1.1
172.105.39.127200 OK 12 kB URL HTTP/2 ineedsjobs.com/wp-content/themes/shapebox/fonts/all.min.css?ver=6.1.1
IP 172.105.39.127:0
File type ASCII text, with very long lines (58942), with CRLF line terminators
Hash acd92c8ed83b05b2397567666780e23c
6471c599b5c393bd9368c0d1bf30d5ec3cd9fa32
4ace79afed3a598728fddf06c29e5e32c02441b3924bb94b46e36caae1950f65
GET /wp-content/themes/shapebox/fonts/all.min.css?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 08:12:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12368
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
172.105.39.127200 OK 419 B URL HTTP/2 ineedsjobs.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
IP 172.105.39.127:0
File type ASCII text, with very long lines (404)
Hash 5866de4bf195861d3cc11eb3a0e26321
9533c5723d4a639f01d3fbb2aaec8c3ad3b5e34e
e0341ec3e1c468a4d763658867394e85cdaac804de6f11bdbdfca2c3f20f9662
GET /wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 07:25:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 419
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/themes/shapebox/js/slick.min.js?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/themes/shapebox/js/slick.min.js?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/themes/shapebox/js/slick.min.js?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/themes/shapebox/js/slick.min.js?ver=6.1.1
vary: User-Agent
ineedsjobs.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1
172.105.39.127200 OK 19 kB URL HTTP/2 ineedsjobs.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1
IP 172.105.39.127:0
File type ASCII text, with very long lines (26725)
Hash e689fe62ca9827d67cd2760a1e6bf3a7
e9b173b787fbfc35b83ed4389f27beedbc36f06b
fe2b95ae5dfe5a85d31483a26718812b581c4f9dcc3a2304921b82de59f8f479
GET /wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: text/css
last-modified: Fri, 16 Dec 2022 14:44:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 18785
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
172.105.39.127200 OK 12 kB URL HTTP/2 ineedsjobs.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 172.105.39.127:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 06:16:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11616
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/plugins/adfoxly/public/css/adfoxly-public.css?ver=1.7.92
172.105.39.127200 OK 1.8 kB URL HTTP/2 ineedsjobs.com/wp-content/plugins/adfoxly/public/css/adfoxly-public.css?ver=1.7.92
IP 172.105.39.127:0
Hash d772afb9c49f78d7d2c32c0568bc1ebf
26357cfd334c2b5c35df693cc30f7dd3b98b0024
f5252c7dfab3d3d11e9b7eeff0a096f7e46713379dac571a291b8d9b7b8fde2e
GET /wp-content/plugins/adfoxly/public/css/adfoxly-public.css?ver=1.7.92 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: text/css
last-modified: Thu, 22 Dec 2022 15:46:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1818
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-includes/css/dashicons.min.css?ver=6.1.1
172.105.39.127200 OK 35 kB URL HTTP/2 ineedsjobs.com/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 172.105.39.127:0
File type ASCII text, with very long lines (58981)
Hash 54c5bfb8a890d87139d9abfe01662c83
f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: text/css
last-modified: Thu, 04 Mar 2021 02:46:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 35110
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
172.105.39.127200 OK 4.0 kB URL HTTP/2 ineedsjobs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 172.105.39.127:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 14:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3995
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/plugins/jetpack/css/jetpack.css?ver=6.6.1
172.105.39.127200 OK 12 kB URL HTTP/2 ineedsjobs.com/wp-content/plugins/jetpack/css/jetpack.css?ver=6.6.1
IP 172.105.39.127:0
File type ASCII text, with very long lines (20360)
Hash ecfea953823e9f179d27658365913b18
c0b60c06a2cad8f11a6f3ccb3f2ee96fa984d175
561932cbb0444e327880f655c0824282dcd57240bb2e0ab496bd34f42c88f5ac
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=6.6.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: text/css
last-modified: Fri, 16 Dec 2022 14:44:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11889
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11
172.105.39.127200 OK 150 B URL HTTP/2 ineedsjobs.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11
IP 172.105.39.127:0
File type ASCII text, with CR line terminators
Hash f5d39500994a676c5a9cbbeabd484b25
2ce98c5e09fcf1e68721be33f31675c2669dafb8
6d4657477d2c7741300700642d6e0785beb142c27aba9c9f3dc6d84d549a04e0
GET /wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: text/css
last-modified: Fri, 23 Sep 2022 13:04:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 150
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-includes/css/classic-themes.min.css?ver=1
172.105.39.127200 OK 144 B URL HTTP/2 ineedsjobs.com/wp-includes/css/classic-themes.min.css?ver=1
IP 172.105.39.127:0
Hash fcbd239f30d9a6dd1f3637f291143d37
2871bf7d98af3f43e42f7fa32808048e7134fabf
c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 05:57:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 144
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
172.105.39.127200 OK 30 kB URL HTTP/2 ineedsjobs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 172.105.39.127:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 05:57:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30324
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20150408
172.105.39.127200 OK 1.5 kB URL HTTP/2 ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20150408
IP 172.105.39.127:0
File type ASCII text, with very long lines (4573)
Hash 5a024c03160cb81489a1cb0a7a1032ba
24bbd7c338c42f991af0168a48ffa58e481ea2ba
846b3bf5e9a11f3b890af3c6d109d1051c1f4919673d0dc32a45c0e924ee7f52
GET /wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20150408 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: application/javascript
last-modified: Fri, 16 Dec 2022 14:44:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1511
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.0
172.105.39.127200 OK 3.0 kB URL HTTP/2 ineedsjobs.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.0
IP 172.105.39.127:0
File type ASCII text, with very long lines (1577)
Hash f9bd58ff6ff8b6d519f6bedfd8466af2
058a2339d68391def5388ec52f38ab89ee06d877
7b854fbfa48aecfb3cbc79b884fb79385f08fbc994bf60269a68424c18e9958a
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.0 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 05:34:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3016
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/plugins/adfoxly/public/js/adfoxly-public.js?ver=1.7.92
172.105.39.127200 OK 2.0 kB URL HTTP/2 ineedsjobs.com/wp-content/plugins/adfoxly/public/js/adfoxly-public.js?ver=1.7.92
IP 172.105.39.127:0
Hash 1a1fda7f43ab4806ecb940442545bec4
53a644bc1f8194c24633c8d741fd66ec23eedefb
460c1e06d0927681a540c0519a64ad78ea18d3e42ff54e195e1d9ed382ced4e9
GET /wp-content/plugins/adfoxly/public/js/adfoxly-public.js?ver=1.7.92 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: application/javascript
last-modified: Thu, 22 Dec 2022 15:46:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1989
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1
172.105.39.127200 OK 316 B URL HTTP/2 ineedsjobs.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1
IP 172.105.39.127:0
Hash 98562a00d396f4e497bd060365515379
b6e09dd87b22b6a7293551423b3e318d4a504ada
da6c3b5ec1baea8dfefe9a30abfa3ee6ba64464cb5ff44856d0704fb45323d40
GET /wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 19:13:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 316
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/plugins/adfoxly/public/js/adfoxly-public-ajax.js?ver=1.7.92
172.105.39.127200 OK 18 B URL HTTP/2 ineedsjobs.com/wp-content/plugins/adfoxly/public/js/adfoxly-public-ajax.js?ver=1.7.92
IP 172.105.39.127:0
File type ASCII text, with no line terminators
Hash caaa6ada9f5a21e5c1db106a6750b2b7
872ef9837f6565a4f0d0043ee15e8c6e7fdc7dea
eb270553c93880a7296ab5dda85fc3d0e8734751fc33cbc1522978505d95b790
GET /wp-content/plugins/adfoxly/public/js/adfoxly-public-ajax.js?ver=1.7.92 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: application/javascript
last-modified: Thu, 22 Dec 2022 15:46:47 GMT
accept-ranges: bytes
content-length: 18
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/plugins/alx-extensions/js/jquery.sharrre.min.js?ver=1.0.1
172.105.39.127200 OK 3.1 kB URL HTTP/2 ineedsjobs.com/wp-content/plugins/alx-extensions/js/jquery.sharrre.min.js?ver=1.0.1
IP 172.105.39.127:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (13060), with no line terminators
Hash 2ca19ec07e3ca7f978e762afa50e0843
99c7a3080d5cb2061f1b2171c9bf35ebf6a7fd3c
373e70495cf57eb8576e29509e5761c593202bcc4b482209d205f97c90b8b3b1
GET /wp-content/plugins/alx-extensions/js/jquery.sharrre.min.js?ver=1.0.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 08:20:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3101
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ineedsjobs.com/wp-content/themes/shapebox/js/slick.min.js?ver=6.1.1
172.105.39.127200 OK 11 kB URL HTTP/2 ineedsjobs.com/wp-content/themes/shapebox/js/slick.min.js?ver=6.1.1
IP 172.105.39.127:0
File type ASCII text, with very long lines (32026), with CRLF line terminators
Hash fbfc9bfbd4a54fee619f9f620908e135
1eb0b25bb24e8b2465018d5b25e0d84b214b025b
d810d41700efbce6035bf213f30bce338f5f3a8bb56b84ae342da34cc2f5fd60
GET /wp-content/themes/shapebox/js/slick.min.js?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ineedsjobs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 21:20:39 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 08:12:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10662
date: Thu, 22 Dec 2022 21:20:39 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.profitabledisplayformat.com/4de5c08d5310a247295d65fe1a6e3394/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/4de5c08d5310a247295d65fe1a6e3394/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26943), with no line terminators
Hash 333413b6bc0697b63aef4524333800f4
77c225ccaab17757164d89c6499f0239959673aa
8b6a8fbdbaccea81ebfef98fe0dc4f0a0c4325ac5a84e924861d76fb4e8051ca
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /4de5c08d5310a247295d65fe1a6e3394/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 22 Dec 2022 21:20:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3f4a03cf4d3c0b206ec00ed2bb63c07d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ineedsjobs.com/wp-content/themes/shapebox/img/thumb-small.png
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/themes/shapebox/img/thumb-small.png
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/themes/shapebox/img/thumb-small.png HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:40 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/themes/shapebox/img/thumb-small.png
vary: User-Agent
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
142.250.74.35200 OK 38 kB URL HTTP/1.1 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ineedsjobs.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 37924
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 20 Dec 2022 20:53:14 GMT
Expires: Wed, 20 Dec 2023 20:53:14 GMT
Cache-Control: public, max-age=31536000
Age: 174446
Last-Modified: Mon, 11 Jul 2022 20:54:46 GMT
Content-Type: font/woff2
ineedsjobs.com/wp-content/themes/shapebox/img/thumb-medium.png
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/themes/shapebox/img/thumb-medium.png
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/themes/shapebox/img/thumb-medium.png HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:40 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/themes/shapebox/img/thumb-medium.png
vary: User-Agent
i0.wp.com/ineedsjobs.com/wp-content/uploads/2022/12/4osffs3_the-video-which-has-amassed-over-2-million-views-on-instagram_625x300_18_December_22.jpg?resize=650%2C400&ssl=1
192.0.77.2200 OK 15 kB URL HTTP/2 i0.wp.com/ineedsjobs.com/wp-content/uploads/2022/12/4osffs3_the-video-which-has-amassed-over-2-million-views-on-instagram_625x300_18_December_22.jpg?resize=650%2C400&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 650x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b64cd4bdfbd08e0ef4ea2f54426295f6
0deef21efa43921d70b7ec9aba977de835e93097
e870d1b0b3d22e9b1a6a7883fcad0724be11e46ce6f45d4f9b026e8b71b44ab8
GET /ineedsjobs.com/wp-content/uploads/2022/12/4osffs3_the-video-which-has-amassed-over-2-million-views-on-instagram_625x300_18_December_22.jpg?resize=650%2C400&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ineedsjobs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Dec 2022 21:20:40 GMT
content-type: image/webp
content-length: 15214
last-modified: Thu, 22 Dec 2022 21:20:40 GMT
expires: Sun, 22 Dec 2024 09:20:40 GMT
cache-control: public, max-age=63115200
link: <https://ineedsjobs.com/wp-content/uploads/2022/12/4osffs3_the-video-which-has-amassed-over-2-million-views-on-instagram_625x300_18_December_22.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "b984e1b2b700e5e0"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash d2b2bfef42aed4ab28eef64f22404b6f
081b3c894e7ee473f4794eba356681b240dd6970
b0cf62bc4400987dad8feb440bc18a784d84fda20da04863c3c789fc83d6eb4d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149116
Date: Thu, 22 Dec 2022 21:20:40 GMT
Etag: "63a45c14-1d7"
Expires: Sat, 24 Dec 2022 14:45:56 GMT
Last-Modified: Thu, 22 Dec 2022 13:31:00 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7aN4VFQylN6rxgSLa_3beUjsV9TFYM7700_OhEiLPtUavzx1S-uLXA==
Age: 4496
c.ndtvimg.com/2022-12/beg6sads_raghavchaddha_640x480_17_December_22.jpg
23.38.201.26200 OK 31 kB URL HTTP/2 c.ndtvimg.com/2022-12/beg6sads_raghavchaddha_640x480_17_December_22.jpg
IP 23.38.201.26:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a02f7df7ea60d64178e7518cb077732c
0fb3b961787bce9cc435fb9444c690a1095d93d1
b9d0fa77e1e88cbe11cd4b54c237aee1a0537adaf7016510b01fa02effcd5ed6
GET /2022-12/beg6sads_raghavchaddha_640x480_17_December_22.jpg HTTP/1.1
Host: c.ndtvimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ineedsjobs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "34f4adb5d3c34fae69f86523d50d6842-1"
last-modified: Sat, 17 Dec 2022 13:17:35 GMT
server: Akamai Image Manager
x-serial: 819
x-check-cacheable: YES
content-length: 30832
content-type: image/webp
cache-control: private, no-transform, max-age=2131047
expires: Mon, 16 Jan 2023 13:18:07 GMT
date: Thu, 22 Dec 2022 21:20:40 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash d2b2bfef42aed4ab28eef64f22404b6f
081b3c894e7ee473f4794eba356681b240dd6970
b0cf62bc4400987dad8feb440bc18a784d84fda20da04863c3c789fc83d6eb4d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149043
Date: Thu, 22 Dec 2022 21:20:40 GMT
Etag: "63a45c14-1d7"
Expires: Sat, 24 Dec 2022 14:44:43 GMT
Last-Modified: Thu, 22 Dec 2022 13:31:00 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KcTGu05WCdrlj2TMbj_Njv5MEo3BPXOPpLdoKqg7t-PQmbr8ZH_E2A==
Age: 4423
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash d2b2bfef42aed4ab28eef64f22404b6f
081b3c894e7ee473f4794eba356681b240dd6970
b0cf62bc4400987dad8feb440bc18a784d84fda20da04863c3c789fc83d6eb4d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149083
Date: Thu, 22 Dec 2022 21:20:40 GMT
Etag: "63a45c14-1d7"
Expires: Sat, 24 Dec 2022 14:45:23 GMT
Last-Modified: Thu, 22 Dec 2022 13:31:00 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OmoV2d9V4tqGAokFPCpNW8puTsHK8Pd1rJfA4Awhx3fIWprvQ-ov3g==
Age: 4463
simplewebanalysis.com/stats
3.71.139.39200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.71.139.39:0
File type ASCII text, with no line terminators
Hash ab290a30f160e569073b7f667adfdb8b
10df46c756cb99db724eb27cd3802c2921c623ed
526f28a8942f88d3bcc3310c1efab3970a18f95d7cd15c39d50ee545c50c3271
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ineedsjobs.com
Connection: keep-alive
Referer: http://ineedsjobs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ineedsjobs.com
access-control-allow-credentials: true
set-cookie: uid_id2=60364668-0b0b-490e-912c-96fbcfa01091:1:1; expires=Sun, 19 Dec 2032 21:20:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.71.139.39200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.71.139.39:0
File type ASCII text, with no line terminators
Hash f05333c5eef4e23c6b318c1fe2cfb284
48af694b30f3535aaed87c2ef7b8fd226ef6ab8e
9c01a467d56d116e4dff3adb6c48f9c669627aa1757aa9a9eef35f537d824ae0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ineedsjobs.com
Connection: keep-alive
Referer: http://ineedsjobs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ineedsjobs.com
access-control-allow-credentials: true
set-cookie: uid_id2=6885a21d-2c05-4ce2-a0df-bfb169b1a973:3:1; expires=Sun, 19 Dec 2032 21:20:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.71.139.39200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.71.139.39:0
File type ASCII text, with no line terminators
Hash e5412efe4b71277db575c3682dec4676
67c649ffd83892508d80df8abad60685de89e354
8f6d5cf9f09c227d70af3f804290600a644553615928722123f86d96529394ba
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ineedsjobs.com
Connection: keep-alive
Referer: http://ineedsjobs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ineedsjobs.com
access-control-allow-credentials: true
set-cookie: uid_id2=77133462-8a6e-4381-b6ff-69261a12be1c:3:1; expires=Sun, 19 Dec 2032 21:20:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
172.105.39.127200 OK 27 kB URL HTTP/1.1 ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Hash 01c644589b6ed2fda6e65f9aec848147
31664be1bda49fe34ac90dcda15b6630459302fa
e5819d64dc7a6bce939c1568b7989616ac73bafcc9d88ac4f13b87898f72ceb6
GET /toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/ HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
x-pingback: http://ineedsjobs.com/xmlrpc.php
set-cookie: pvc_visits[0]=1671830437b6793; expires=Fri, 23-Dec-2022 21:20:37 GMT; Max-Age=86400; path=/; HttpOnly
link: <https://ineedsjobs.com/wp-json/>; rel="https://api.w.org/", <https://ineedsjobs.com/wp-json/wp/v2/posts/6793>; rel="alternate"; type="application/json", <https://wp.me/peq1yY-1Lz>; rel=shortlink
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding,User-Agent
date: Thu, 22 Dec 2022 21:20:38 GMT
server: LiteSpeed
chapelcertain.com/pixel/purst?dl=0&th=0&sc=0&rs=2994&rd=2994&fd=717&bv=22.10.v.9&tmpl=70
192.243.61.225200 OK 0 B URL HTTP/1.1 chapelcertain.com/pixel/purst?dl=0&th=0&sc=0&rs=2994&rd=2994&fd=717&bv=22.10.v.9&tmpl=70
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2994&rd=2994&fd=717&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: chapelcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Dec 2022 21:20:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
friendshipmale.com/sfp.js
172.64.202.23200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 172.64.202.23:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Date: Thu, 22 Dec 2022 21:20:40 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 3c532a4a34fbe9716e08ad1a7e8918f8
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Thu, 22 Dec 2022 21:20:40 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fpiv3Ea1IPCffdGYt%2F%2FHgX2Og9qoXGAHSw7UE2eymC2w17KqorA3tAH88uJyqmxas5vpMz3CizE4hJ%2BC1gBlYJ%2F7RFZt4e8mYPvVP1bG%2BWFc00IGbzkZ8%2FSKhnmRN83xu%2BgMheE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77dbe71d9efa23ed-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.profitabledisplayformat.com/7745593883a949ce836cd234bdfb08dd/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/7745593883a949ce836cd234bdfb08dd/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26955), with no line terminators
Hash b7b9b00736f4406dd6bd4764ab93d50f
853573aad85974f89332cddfa58a58f0ac99e0ea
082a704d70b209b27fdd3eb7ad4791fca70adebbf908b568b217711bb13602c7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /7745593883a949ce836cd234bdfb08dd/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 22 Dec 2022 21:20:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4aa3bb53b722201092efafb54169ca03
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 870d108bf3dea2424e4a3287a092aa4d
257ad0f844115b8540865e9592c0be05cf02b019
f61e4245d59f4af881053b074ad9c0672d83412042a5ac734f7a4ef3feb9a78f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F61E4245D59F4AF881053B074AD9C0672D83412042A5AC734F7A4EF3FEB9A78F"
Last-Modified: Tue, 20 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7025
Expires: Thu, 22 Dec 2022 23:17:46 GMT
Date: Thu, 22 Dec 2022 21:20:41 GMT
Connection: keep-alive
ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20130122
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20130122
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20130122 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038; dom3ic8zudi28v8lr6fgphwffqoz0j6c=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:40 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20130122
vary: User-Agent
ineedsjobs.com/wp-content/themes/shapebox/js/jq-sticky-anything.min.js?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/themes/shapebox/js/jq-sticky-anything.min.js?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/themes/shapebox/js/jq-sticky-anything.min.js?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038; dom3ic8zudi28v8lr6fgphwffqoz0j6c=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:40 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/themes/shapebox/js/jq-sticky-anything.min.js?ver=6.1.1
vary: User-Agent
ineedsjobs.com/wp-content/themes/shapebox/js/theme-toggle.js?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/themes/shapebox/js/theme-toggle.js?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/themes/shapebox/js/theme-toggle.js?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038; dom3ic8zudi28v8lr6fgphwffqoz0j6c=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:40 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/themes/shapebox/js/theme-toggle.js?ver=6.1.1
vary: User-Agent
ineedsjobs.com/wp-content/themes/shapebox/js/jquery.fitvids.js?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/themes/shapebox/js/jquery.fitvids.js?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/themes/shapebox/js/jquery.fitvids.js?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038; dom3ic8zudi28v8lr6fgphwffqoz0j6c=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:40 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/themes/shapebox/js/jquery.fitvids.js?ver=6.1.1
vary: User-Agent
ineedsjobs.com/wp-content/themes/shapebox/js/scripts.js?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/themes/shapebox/js/scripts.js?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/themes/shapebox/js/scripts.js?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038; dom3ic8zudi28v8lr6fgphwffqoz0j6c=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:40 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/themes/shapebox/js/scripts.js?ver=6.1.1
vary: User-Agent
ineedsjobs.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/jetpack/modules/wpgroho.js?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038; dom3ic8zudi28v8lr6fgphwffqoz0j6c=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:40 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=6.1.1
vary: User-Agent
ad.a-ads.com/2134074?size=320x50
136.243.14.10200 OK 4.6 kB URL HTTP/1.1 ad.a-ads.com/2134074?size=320x50
IP 136.243.14.10:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11122)
Hash b963937eb33d83e2d96e3b75e8e8070c
4c61eb532ee65663102b34176c122c520e90ddc0
d4b05a2d73ce8d0f4dc75b36fb83ce1912dbfdd433901694a5666d235a5fff45
GET /2134074?size=320x50 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: http://ineedsjobs.com/
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Content-Encoding: gzip
www.profitabledisplayformat.com/610099cfbb27f78400f9008d435d2e3f/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/610099cfbb27f78400f9008d435d2e3f/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26937), with no line terminators
Hash 77a3ba221a4a15e100d60e7fadcad500
13773a494a5f5b1be8671fb2fde4db5225830d48
edc2eb2711a16282882df6275adaa5c37ded48fade1104c2a61bd5bad8120bd4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /610099cfbb27f78400f9008d435d2e3f/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 978ce5d4fde281a2516f5fb7dde1fb59
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/lazy-images/js/lazy-images.min.js?ver=6.6.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/lazy-images/js/lazy-images.min.js?ver=6.6.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/jetpack/_inc/build/lazy-images/js/lazy-images.min.js?ver=6.6.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038; dom3ic8zudi28v8lr6fgphwffqoz0j6c=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:41 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/lazy-images/js/lazy-images.min.js?ver=6.6.1
vary: User-Agent
ineedsjobs.com/wp-content/themes/shapebox/js/nav.js?ver=1670055129
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/themes/shapebox/js/nav.js?ver=1670055129
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/themes/shapebox/js/nav.js?ver=1670055129 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038; dom3ic8zudi28v8lr6fgphwffqoz0j6c=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:41 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/themes/shapebox/js/nav.js?ver=1670055129
vary: User-Agent
itineraryborn.com/watch.865321958263.js?key=4de5c08d5310a247295d65fe1a6e3394&kw=%5B%22toddler%22%2C%22with%22%2C%22speech%22%2C%22delay%22%2C%22issue%22%2C%22say%22%2C%22i%22%2C%22love%22%2C%22you%22%2C%22mommy%22%2C%22for%22%2C%22the%22%2C%22first%22%2C%22time%22%2C%22-%22%2C%22i%22%2C%22needs%22%2C%22jobs%22%5D&refer=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&tz=0&dev=e&res=12.1053&uuid=6885a21d-2c05-4ce2-a0df-bfb169b1a973%3A3%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 itineraryborn.com/watch.865321958263.js?key=4de5c08d5310a247295d65fe1a6e3394&kw=%5B%22toddler%22%2C%22with%22%2C%22speech%22%2C%22delay%22%2C%22issue%22%2C%22say%22%2C%22i%22%2C%22love%22%2C%22you%22%2C%22mommy%22%2C%22for%22%2C%22the%22%2C%22first%22%2C%22time%22%2C%22-%22%2C%22i%22%2C%22needs%22%2C%22jobs%22%5D&refer=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&tz=0&dev=e&res=12.1053&uuid=6885a21d-2c05-4ce2-a0df-bfb169b1a973%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.865321958263.js?key=4de5c08d5310a247295d65fe1a6e3394&kw=%5B%22toddler%22%2C%22with%22%2C%22speech%22%2C%22delay%22%2C%22issue%22%2C%22say%22%2C%22i%22%2C%22love%22%2C%22you%22%2C%22mommy%22%2C%22for%22%2C%22the%22%2C%22first%22%2C%22time%22%2C%22-%22%2C%22i%22%2C%22needs%22%2C%22jobs%22%5D&refer=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&tz=0&dev=e&res=12.1053&uuid=6885a21d-2c05-4ce2-a0df-bfb169b1a973%3A3%3A1 HTTP/1.1
Host: itineraryborn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ineedsjobs.com
Connection: keep-alive
Referer: http://ineedsjobs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://ineedsjobs.com
Access-Control-Allow-Origin: http://ineedsjobs.com
Access-Control-Allow-Credentials: true
Location: https://itineraryborn.com/watch.865321958263.js?key=4de5c08d5310a247295d65fe1a6e3394&kw=%5B%22toddler%22%2C%22with%22%2C%22speech%22%2C%22delay%22%2C%22issue%22%2C%22say%22%2C%22i%22%2C%22love%22%2C%22you%22%2C%22mommy%22%2C%22for%22%2C%22the%22%2C%22first%22%2C%22time%22%2C%22-%22%2C%22i%22%2C%22needs%22%2C%22jobs%22%5D&refer=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&tz=0&dev=e&res=12.1053&uuid=6885a21d-2c05-4ce2-a0df-bfb169b1a973%3A3%3A1&shu=06738756b2886037be5d8bd0abcbd41dbb785941d3c5cb164b16e5ef3c3de466839ca53482cac6f6a9fcf515748e7896372b8e929de3b38e7896c88b46071d4a87a0d8a23b5c9c8c191b4a61d6c372a75be83e32cd6b3258ed9d1c6ab45d85701470d90d84&pst=1671744101&rmtc=t
Set-Cookie: u_pl=17934573; expires=Fri, 23 Dec 2022 21:20:41 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzkzNDU3MywiayI6IjRkZTVjMDhkNTMxMGEyNDcyOTVkNjVmZTFhNmUzMzk0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDE3MjQwLCJwaWQiOjU3MTUxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJobmpmbnl2YiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vaW5lZWRzam9icy5jb20vdG9kZGxlci13aXRoLXNwZWVjaC1kZWxheS1pc3N1ZS1zYXktaS1sb3ZlLXlvdS1tb21teS1mb3ItdGhlLWZpcnN0LXRpbWUvIn19.Cac6ZojqSzfmwB_BSba68grd2BcFh2Y2-UpP6-c0cUQ; expires=Thu, 22 Dec 2022 21:21:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bbad2117341139367a42b2ff09e6208f
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 6.2 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b4fa7ee80824f592c31153cb48df31
7ecd28f933cd5684822b9b2aee03be6b65a664aa
97a353f3dc2539b2c5a7a947dfdc4793cb4b121e6cb66e359f20d126520379b8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E6296B9361E4E0A290F2E9D30F4239B868761815C2EDD9A4C0652A755D50804"
Last-Modified: Thu, 22 Dec 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9622
Expires: Fri, 23 Dec 2022 00:01:03 GMT
Date: Thu, 22 Dec 2022 21:20:41 GMT
Connection: keep-alive
ineedsjobs.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038; dom3ic8zudi28v8lr6fgphwffqoz0j6c=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:41 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
vary: User-Agent
ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/jquery.jetpack-resize.min.js?ver=6.6.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/jquery.jetpack-resize.min.js?ver=6.6.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/jetpack/_inc/build/jquery.jetpack-resize.min.js?ver=6.6.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038; dom3ic8zudi28v8lr6fgphwffqoz0j6c=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:41 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/jquery.jetpack-resize.min.js?ver=6.6.1
vary: User-Agent
ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/postmessage.min.js?ver=6.6.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/postmessage.min.js?ver=6.6.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/jetpack/_inc/build/postmessage.min.js?ver=6.6.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038; dom3ic8zudi28v8lr6fgphwffqoz0j6c=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:41 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/postmessage.min.js?ver=6.6.1
vary: User-Agent
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7290550935732ce5dcb7d8095865100a
a850cfa883f5873bde3a49bf1a707abf76bbda56
5f5ea8316b8f0d406438a393ee48306636df0dccadcab16942ae1b4de920db80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F5EA8316B8F0D406438A393EE48306636DF0DCCADCAB16942AE1B4DE920DB80"
Last-Modified: Tue, 20 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7592
Expires: Thu, 22 Dec 2022 23:27:13 GMT
Date: Thu, 22 Dec 2022 21:20:41 GMT
Connection: keep-alive
ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/likes/queuehandler.min.js?ver=6.6.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/likes/queuehandler.min.js?ver=6.6.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/jetpack/_inc/build/likes/queuehandler.min.js?ver=6.6.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038; dom3ic8zudi28v8lr6fgphwffqoz0j6c=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:41 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/likes/queuehandler.min.js?ver=6.6.1
vary: User-Agent
ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=6.6.1
172.105.39.127301 Moved Permanently 707 B URL HTTP/1.1 ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=6.6.1
IP 172.105.39.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=6.6.1 HTTP/1.1
Host: ineedsjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/toddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time/
Cookie: pvc_visits[0]=1671830437b6793; _ga_4PL9YJWR8Q=GS1.1.1671744038.1.0.1671744038.0.0.0; _ga=GA1.1.1970618918.1671744038; dom3ic8zudi28v8lr6fgphwffqoz0j6c=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 21:20:41 GMT
server: LiteSpeed
location: https://ineedsjobs.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=6.6.1
vary: User-Agent
itineraryborn.com/watch.865321958263.js?key=4de5c08d5310a247295d65fe1a6e3394&kw=%5B%22toddler%22%2C%22with%22%2C%22speech%22%2C%22delay%22%2C%22issue%22%2C%22say%22%2C%22i%22%2C%22love%22%2C%22you%22%2C%22mommy%22%2C%22for%22%2C%22the%22%2C%22first%22%2C%22time%22%2C%22-%22%2C%22i%22%2C%22needs%22%2C%22jobs%22%5D&refer=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&tz=0&dev=e&res=12.1053&uuid=6885a21d-2c05-4ce2-a0df-bfb169b1a973%3A3%3A1&shu=06738756b2886037be5d8bd0abcbd41dbb785941d3c5cb164b16e5ef3c3de466839ca53482cac6f6a9fcf515748e7896372b8e929de3b38e7896c88b46071d4a87a0d8a23b5c9c8c191b4a61d6c372a75be83e32cd6b3258ed9d1c6ab45d85701470d90d84&pst=1671744101&rmtc=t
192.243.59.13200 OK 642 B URL HTTP/1.1 itineraryborn.com/watch.865321958263.js?key=4de5c08d5310a247295d65fe1a6e3394&kw=%5B%22toddler%22%2C%22with%22%2C%22speech%22%2C%22delay%22%2C%22issue%22%2C%22say%22%2C%22i%22%2C%22love%22%2C%22you%22%2C%22mommy%22%2C%22for%22%2C%22the%22%2C%22first%22%2C%22time%22%2C%22-%22%2C%22i%22%2C%22needs%22%2C%22jobs%22%5D&refer=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&tz=0&dev=e&res=12.1053&uuid=6885a21d-2c05-4ce2-a0df-bfb169b1a973%3A3%3A1&shu=06738756b2886037be5d8bd0abcbd41dbb785941d3c5cb164b16e5ef3c3de466839ca53482cac6f6a9fcf515748e7896372b8e929de3b38e7896c88b46071d4a87a0d8a23b5c9c8c191b4a61d6c372a75be83e32cd6b3258ed9d1c6ab45d85701470d90d84&pst=1671744101&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash 08e1abd1a8f2649dbdfdf55680091f90
25e6d9ed8bc70b1cc736d9c05da535ac8a6179ff
922106cb8cdbc127a09359e41b98307feb4de0dd4e0e1604fd07f3ab5f4a2684
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.865321958263.js?key=4de5c08d5310a247295d65fe1a6e3394&kw=%5B%22toddler%22%2C%22with%22%2C%22speech%22%2C%22delay%22%2C%22issue%22%2C%22say%22%2C%22i%22%2C%22love%22%2C%22you%22%2C%22mommy%22%2C%22for%22%2C%22the%22%2C%22first%22%2C%22time%22%2C%22-%22%2C%22i%22%2C%22needs%22%2C%22jobs%22%5D&refer=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&tz=0&dev=e&res=12.1053&uuid=6885a21d-2c05-4ce2-a0df-bfb169b1a973%3A3%3A1&shu=06738756b2886037be5d8bd0abcbd41dbb785941d3c5cb164b16e5ef3c3de466839ca53482cac6f6a9fcf515748e7896372b8e929de3b38e7896c88b46071d4a87a0d8a23b5c9c8c191b4a61d6c372a75be83e32cd6b3258ed9d1c6ab45d85701470d90d84&pst=1671744101&rmtc=t HTTP/1.1
Host: itineraryborn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ineedsjobs.com
Referer: http://ineedsjobs.com/
Connection: keep-alive
Cookie: u_pl=17934573; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzkzNDU3MywiayI6IjRkZTVjMDhkNTMxMGEyNDcyOTVkNjVmZTFhNmUzMzk0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDE3MjQwLCJwaWQiOjU3MTUxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJobmpmbnl2YiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vaW5lZWRzam9icy5jb20vdG9kZGxlci13aXRoLXNwZWVjaC1kZWxheS1pc3N1ZS1zYXktaS1sb3ZlLXlvdS1tb21teS1mb3ItdGhlLWZpcnN0LXRpbWUvIn19.Cac6ZojqSzfmwB_BSba68grd2BcFh2Y2-UpP6-c0cUQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://ineedsjobs.com
Access-Control-Allow-Origin: http://ineedsjobs.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=6885a21d-2c05-4ce2-a0df-bfb169b1a973:3:1; expires=Thu, 29 Dec 2022 21:20:41 GMT; secure; SameSite=None
iprcb81cade8d923709279ae0e216c9c9bd1=2717340; expires=Fri, 23 Dec 2022 23:20:41 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 23 Dec 2022 21:20:41 GMT; secure; SameSite=None
uncs=1; expires=Fri, 23 Dec 2022 21:20:41 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 23 Dec 2022 21:20:41 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 23 Dec 2022 21:20:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a45fbff22c8b11a11364c3489db31d1a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
secure.gravatar.com/dist/css/hovercard.min.css?ver=2022Decaa
192.0.73.2200 OK 1.9 kB URL HTTP/1.1 secure.gravatar.com/dist/css/hovercard.min.css?ver=2022Decaa
IP 192.0.73.2:0
File type ASCII text, with very long lines (8114)
Hash 42e2725610e8627849515af295e2de7a
5387aa18a1809c748b2fe290e847763155e55699
2eaabe006d42368ff6b4364a2eb426b35333f78ceb272459462a53f21429c8fb
GET /dist/css/hovercard.min.css?ver=2022Decaa HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Dec 2022 09:45:35 GMT
ETag: W/"639849bf-1fb4"
Content-Encoding: gzip
Expires: Thu, 29 Dec 2022 21:20:41 GMT
Cache-Control: max-age=604800
secure.gravatar.com/dist/css/services.min.css?ver=2022Decaa
192.0.73.2200 OK 629 B URL HTTP/1.1 secure.gravatar.com/dist/css/services.min.css?ver=2022Decaa
IP 192.0.73.2:0
File type ASCII text, with very long lines (3091)
Hash 0c503636dfa016e564922b80ab3d061a
77f060fe96c2e9c97a84f82d71b82029ab61ce9f
4f58db461df6ce107089693434f40b29c84f969a7b6f3e680a411cf9d6ccf59e
GET /dist/css/services.min.css?ver=2022Decaa HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Dec 2022 18:01:03 GMT
ETag: W/"639a0f5f-c15"
Content-Encoding: gzip
Expires: Thu, 29 Dec 2022 21:20:41 GMT
Cache-Control: max-age=604800
acacdn.com/script/ut.js?cb=1671744039770
104.21.85.95200 OK 24 kB URL HTTP/1.1 acacdn.com/script/ut.js?cb=1671744039770
IP 104.21.85.95:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 4b583c9f97bff486ea195ff04918205b
58a2ba18e06eadab8b18561f85671fa6659d0984
a28f0acc634c773a9468e4a5d603a4b997374eda1b44241944a1aea63662c662
GET /script/ut.js?cb=1671744039770 HTTP/1.1
Host: acacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdsD_cw6k5iUAcX97ILksILdhpiQa_MQP6ipG9Yy0UcJswQB4VIQpEC4jYw3KLs9R4XmHMUeX0bNKuQi3dJVrZrW_-8_acr4
x-goog-generation: 1670939749168345
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 71395
x-goog-hash: crc32c=aFnw8A==, md5=1ZA8yu2VHCgNZ/QYhUjh6Q==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Thu, 22 Dec 2022 20:37:49 GMT
Cache-Control: public, max-age=14400
Age: 2578
Last-Modified: Tue, 13 Dec 2022 13:55:49 GMT
ETag: W/"d5903ccaed951c280d67f4188548e1e9"
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2brkwTKssZDwC%2F3ZSvTHwHJRbWtXP2P7aqUcTw5FMnjFp1KGWKZ8PXuRbdnsIgvXGAreNl1bWswIpJJ42NFYoIpX3cKx7YIw4Z%2BTjpss34CGHJmhUdHu6z3GRk9l"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77dbe7242fae1c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 06ab9ad46c08885ee1fe874df9655a7e
fc90ac5fce5358b98ecc13d07de62e35281f78b2
1dc4b708c1a0b4646cdf4b028a1a14f6f751abecb4837881c01706204908571f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC4B708C1A0B4646CDF4B028A1A14F6F751ABECB4837881C01706204908571F"
Last-Modified: Tue, 20 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10352
Expires: Fri, 23 Dec 2022 00:13:13 GMT
Date: Thu, 22 Dec 2022 21:20:41 GMT
Connection: keep-alive
youradexchange.com/ad/czcf.php?cz=7ppmqytgim
35.190.41.116200 OK 146 B URL HTTP/1.1 youradexchange.com/ad/czcf.php?cz=7ppmqytgim
IP 35.190.41.116:0
File type JSON data\012- , ASCII text
Hash 2052315b2892bf85f0d555bcaf177db6
ca656a79c0a3908d3216675d38953d5a5fe022e8
7150b92bda267e612ede7f6e0f8a338f4df1b5befc83536ed2b0e2baea96a4e5
GET /ad/czcf.php?cz=7ppmqytgim HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ineedsjobs.com/
Origin: http://ineedsjobs.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
acacdn.com/script/ippg.js
104.21.85.95200 OK 36 kB URL HTTP/1.1 acacdn.com/script/ippg.js
IP 104.21.85.95:0
File type Unicode text, UTF-8 text, with very long lines (42932), with NEL line terminators
Hash f5da11c231ea7b26b29937ce24d0c494
6526017f6ce9f8197e1d39c3f6ce9bbb9d8396b9
97138fa8c3b4cd133442faeb20aa92f5af2f27f4afacb6c61c86374162238502
GET /script/ippg.js HTTP/1.1
Host: acacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdv5gkY9-TQ4CRquzWPC56PZSfHv9FGZEHk-yFWNFBc729BaIU0ix8pDbM2vsfKmbTKRqbLXA-_eyowtfAcbIliv8brQpvzy
x-goog-generation: 1670939622773403
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 113749
x-goog-hash: crc32c=lTM39g==, md5=Nytmy6xxkOFrzvUlBMQ78g==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Thu, 22 Dec 2022 21:43:43 GMT
Cache-Control: public, max-age=14400
Last-Modified: Tue, 13 Dec 2022 13:53:42 GMT
ETag: W/"372b66cbac7190e16bcef52504c43bf2"
Age: 947
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6Ou7iceJwTDrHlrzM0hXTFsXuvz70DCEWkbfnHXGXnU1JRJRl6Ds5m5hpXgaCzIU4raXSehArvgrAYybdWxZdXGBP2fLpFR4dW3qY1ZSZ%2F%2F%2F4R0FBz6GLalmxTq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77dbe72558921c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
acacdn.com/script/suv4.js
104.21.85.95200 OK 33 kB URL HTTP/1.1 acacdn.com/script/suv4.js
IP 104.21.85.95:0
File type Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators
Hash e733a9e20e3388e4069c69c23506f68d
c9314ba6cd41036cc77b8bfb497923845540dab4
86b3879193832a6ad687e60cf7974ed0d7db2026f86a9fbd921b23ad6588289b
GET /script/suv4.js HTTP/1.1
Host: acacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdsjH8PPvwm-tf-iK_Znhs_fmX7Kw988nEXIGQ5cKEK7A-3QLzp7Qn39U-MRkBnpeMFR7t01j27LWPQdLdXuxImHvyFx6ezc
x-goog-generation: 1670939725427322
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100623
x-goog-hash: crc32c=AsVyBQ==, md5=QW9pKNjz2NZmVavAl7rKAw==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Thu, 22 Dec 2022 20:48:49 GMT
Cache-Control: public, max-age=14400
Age: 2791
Last-Modified: Tue, 13 Dec 2022 13:55:25 GMT
ETag: W/"416f6928d8f3d8d66655abc097baca03"
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTDAJkX6IScVL7mNzps0EbhBd7FBoxoiNcTb5VEzHvh32lbQ8Fao%2BDTaTHfk1bYsSmscC4JzkJ6ceJeL0%2FSH2z%2F1qSZA3A83Ex%2FQkjjFCDk8R6CArgvMvIGyJgbb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77dbe7255af7b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
repentbits.com/watch.855591028958?key=610099cfbb27f78400f9008d435d2e3f&kw=%5B%22toddler%22%2C%22with%22%2C%22speech%22%2C%22delay%22%2C%22issue%22%2C%22say%22%2C%22i%22%2C%22love%22%2C%22you%22%2C%22mommy%22%2C%22for%22%2C%22the%22%2C%22first%22%2C%22time%22%2C%22-%22%2C%22i%22%2C%22needs%22%2C%22jobs%22%5D&refer=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&tz=0&dev=e&res=12.1053&uuid=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
173.233.137.36200 OK 1.3 kB URL HTTP/1.1 repentbits.com/watch.855591028958?key=610099cfbb27f78400f9008d435d2e3f&kw=%5B%22toddler%22%2C%22with%22%2C%22speech%22%2C%22delay%22%2C%22issue%22%2C%22say%22%2C%22i%22%2C%22love%22%2C%22you%22%2C%22mommy%22%2C%22for%22%2C%22the%22%2C%22first%22%2C%22time%22%2C%22-%22%2C%22i%22%2C%22needs%22%2C%22jobs%22%5D&refer=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&tz=0&dev=e&res=12.1053&uuid=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (751)
Hash 946745bc8fa8b989e14eaa4378057540
a4f594ef38cba41ea523157817251aba8d481f9d
52f0fcd5f12c091bb0503f8f8dfeebeeff07ccb6d6e69bab733321f414c5c15c
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.855591028958?key=610099cfbb27f78400f9008d435d2e3f&kw=%5B%22toddler%22%2C%22with%22%2C%22speech%22%2C%22delay%22%2C%22issue%22%2C%22say%22%2C%22i%22%2C%22love%22%2C%22you%22%2C%22mommy%22%2C%22for%22%2C%22the%22%2C%22first%22%2C%22time%22%2C%22-%22%2C%22i%22%2C%22needs%22%2C%22jobs%22%5D&refer=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&tz=0&dev=e&res=12.1053&uuid=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1 HTTP/1.1
Host: repentbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ineedsjobs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17934531; expires=Fri, 23 Dec 2022 21:20:41 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzkzNDUzMSwiayI6IjYxMDA5OWNmYmIyN2Y3ODQwMGY5MDA4ZDQzNWQyZTNmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDE3MjQwLCJwaWQiOjU3MTUxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoicjIzNG5wZHVjIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9pbmVlZHNqb2JzLmNvbS90b2RkbGVyLXdpdGgtc3BlZWNoLWRlbGF5LWlzc3VlLXNheS1pLWxvdmUteW91LW1vbW15LWZvci10aGUtZmlyc3QtdGltZS8ifX0.xCsxbNxoumCwyJMFQPKLrjC2_eyiBmcUE5bd870gUMQ; expires=Thu, 22 Dec 2022 21:21:41 GMT; secure; SameSite=None
uid_id2=77133462-8a6e-4381-b6ff-69261a12be1c:3:1; expires=Thu, 29 Dec 2022 21:20:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 39030e5d43b3bcc491d93dc99a12d947
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
shortssibilantcrept.com/watch.821720279957?key=7745593883a949ce836cd234bdfb08dd&kw=%5B%22toddler%22%2C%22with%22%2C%22speech%22%2C%22delay%22%2C%22issue%22%2C%22say%22%2C%22i%22%2C%22love%22%2C%22you%22%2C%22mommy%22%2C%22for%22%2C%22the%22%2C%22first%22%2C%22time%22%2C%22-%22%2C%22i%22%2C%22needs%22%2C%22jobs%22%5D&refer=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&tz=0&dev=e&res=12.1053&uuid=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
173.233.137.52200 OK 1.3 kB URL HTTP/1.1 shortssibilantcrept.com/watch.821720279957?key=7745593883a949ce836cd234bdfb08dd&kw=%5B%22toddler%22%2C%22with%22%2C%22speech%22%2C%22delay%22%2C%22issue%22%2C%22say%22%2C%22i%22%2C%22love%22%2C%22you%22%2C%22mommy%22%2C%22for%22%2C%22the%22%2C%22first%22%2C%22time%22%2C%22-%22%2C%22i%22%2C%22needs%22%2C%22jobs%22%5D&refer=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&tz=0&dev=e&res=12.1053&uuid=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (751)
Hash c0c84e7722159a266aa516ee496e0d8b
c8ee422470899ac6bf96f2c4b7671dd123e87ea3
c18f3567f63de46d68299fc25b543024c3df27bc339319851549d8fc2115c47f
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.821720279957?key=7745593883a949ce836cd234bdfb08dd&kw=%5B%22toddler%22%2C%22with%22%2C%22speech%22%2C%22delay%22%2C%22issue%22%2C%22say%22%2C%22i%22%2C%22love%22%2C%22you%22%2C%22mommy%22%2C%22for%22%2C%22the%22%2C%22first%22%2C%22time%22%2C%22-%22%2C%22i%22%2C%22needs%22%2C%22jobs%22%5D&refer=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&tz=0&dev=e&res=12.1053&uuid=77133462-8a6e-4381-b6ff-69261a12be1c%3A3%3A1 HTTP/1.1
Host: shortssibilantcrept.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ineedsjobs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=18021464; expires=Fri, 23 Dec 2022 21:20:41 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAyMTQ2NCwiayI6Ijc3NDU1OTM4ODNhOTQ5Y2U4MzZjZDIzNGJkZmIwOGRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDk1OTI5LCJwaWQiOjU3MTUxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJ5MTFtNmR5aTkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2luZWVkc2pvYnMuY29tL3RvZGRsZXItd2l0aC1zcGVlY2gtZGVsYXktaXNzdWUtc2F5LWktbG92ZS15b3UtbW9tbXktZm9yLXRoZS1maXJzdC10aW1lLyJ9fQ.9lNqSE9Hm9XrbUG_W3vFqinNQU7pC-NfJdCH6xfrNt4; expires=Thu, 22 Dec 2022 21:21:41 GMT; secure; SameSite=None
uid_id2=77133462-8a6e-4381-b6ff-69261a12be1c:3:1; expires=Thu, 29 Dec 2022 21:20:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e5f75b888c1febec0e104ef8150d16e3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
repentbits.com/pixel/sbe?t=1&error=timeout
173.233.137.36200 OK 0 B URL HTTP/1.1 repentbits.com/pixel/sbe?t=1&error=timeout
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: repentbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ineedsjobs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17934573
173.233.137.52200 OK 15 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17934573
IP 173.233.137.52:0
Hash fb4d335c2b42411878adaa65aad1485a
1a8f2f633e786debaa5ce904c76668c5f904774c
56ec5b4a8b4d209b87906f0769a8f69fac887eb1252ff380d4b3e91035386180
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17934573 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ineedsjobs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Fri, 23 Dec 2022 21:20:41 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc5MzQ1NzMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2luZWVkc2pvYnMuY29tLyJ9fQ.cS5MxNY2rkvu9RRQNoWUVczWsEYaEPyrF6L_t1xFbVE; expires=Thu, 22 Dec 2022 21:21:41 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0d24ef7d2e53957a0d082756cb07a75a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
banquetunarmedgrater.com/advertisers.js
173.233.137.52200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba27748a09fc72ba52cfdd4a7570402d
Strict-Transport-Security: max-age=0; includeSubdomains
youradexchange.com/n/display.php?r=6562282&atag=1&czid=7ppmqytgim&aggr=2&ppv=1
35.190.41.116204 No Content 0 B URL HTTP/1.1 youradexchange.com/n/display.php?r=6562282&atag=1&czid=7ppmqytgim&aggr=2&ppv=1
IP 35.190.41.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /n/display.php?r=6562282&atag=1&czid=7ppmqytgim&aggr=2&ppv=1 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 204 No Content
Server: openresty
Date: Thu, 22 Dec 2022 21:20:41 GMT
Access-Control-Allow-Origin: *
Via: 1.1 google
acacdn.com/script/ut.js?cb=1671744041176
104.21.85.95200 OK 24 kB URL HTTP/1.1 acacdn.com/script/ut.js?cb=1671744041176
IP 104.21.85.95:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 4b583c9f97bff486ea195ff04918205b
58a2ba18e06eadab8b18561f85671fa6659d0984
a28f0acc634c773a9468e4a5d603a4b997374eda1b44241944a1aea63662c662
GET /script/ut.js?cb=1671744041176 HTTP/1.1
Host: acacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ineedsjobs.com/
HTTP/1.1 200 OK
Date: Thu, 22 Dec 2022 21:20:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdsD_cw6k5iUAcX97ILksILdhpiQa_MQP6ipG9Yy0UcJswQB4VIQpEC4jYw3KLs9R4XmHMUeX0bNKuQi3dJVrZrW_-8_acr4
x-goog-generation: 1670939749168345
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 71395
x-goog-hash: crc32c=aFnw8A==, md5=1ZA8yu2VHCgNZ/QYhUjh6Q==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Thu, 22 Dec 2022 20:37:49 GMT
Cache-Control: public, max-age=14400
Age: 2578
Last-Modified: Tue, 13 Dec 2022 13:55:49 GMT
ETag: W/"d5903ccaed951c280d67f4188548e1e9"
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVIwY4U6a6EQBJzNYeKGIeTan6Y7X6dZZXGOq3El97NOEP%2FFgwUVWpXTHax%2Bt1Zzu8npeZwFBL5zau48yYOXXTMShdsYR7qut18A0T1Z%2FKFWeDAE8WZWLstAUlQi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77dbe72639381c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
youradexchange.com/script/push.php?r=6562286&ipp=1&mads=1&position=top&czid=7ppmqytgim&aggr=2&atag=1&cbpage=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&cbref=
35.190.41.116204 No Content 0 B URL HTTP/1.1 youradexchange.com/script/push.php?r=6562286&ipp=1&mads=1&position=top&czid=7ppmqytgim&aggr=2&atag=1&cbpage=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&cbref=
IP 35.190.41.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/push.php?r=6562286&ipp=1&mads=1&position=top&czid=7ppmqytgim&aggr=2&atag=1&cbpage=http%3A%2F%2Fineedsjobs.com%2Ftoddler-with-speech-delay-issue-say-i-love-you-mommy-for-the-first-time%2F&cbref= HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ineedsjobs.com/
Origin: http://ineedsjobs.com
Connection: keep-alive
HTTP/1.1 204 No Content
Server: openresty
Date: Thu, 22 Dec 2022 21:20:41 GMT
Access-Control-Allow-Origin: *
Via: 1.1 google
www.spikereekvelocity.com/dyfc1k09?shu=42f93fa7bfd52c58be2f776505c665ac37e8a90b6140fc3ba198f91f61173b212d93ba8fefb8ba584bfc4c2dab0a4345035801f8e707e4639dd442317cf695e8231f6a993efe0806ee28c227839b952f882a613598346580136ca5b9cff66475&pst=1671744101&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Fineedsjobs.com%2F&psid=17934573
173.233.137.52302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=42f93fa7bfd52c58be2f776505c665ac37e8a90b6140fc3ba198f91f61173b212d93ba8fefb8ba584bfc4c2dab0a4345035801f8e707e4639dd442317cf695e8231f6a993efe0806ee28c227839b952f882a613598346580136ca5b9cff66475&pst=1671744101&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Fineedsjobs.com%2F&psid=17934573
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=42f93fa7bfd52c58be2f776505c665ac37e8a90b6140fc3ba198f91f61173b212d93ba8fefb8ba584bfc4c2dab0a4345035801f8e707e4639dd442317cf695e8231f6a993efe0806ee28c227839b952f882a613598346580136ca5b9cff66475&pst=1671744101&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Fineedsjobs.com%2F&psid=17934573 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc5MzQ1NzMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2luZWVkc2pvYnMuY29tLyJ9fQ.cS5MxNY2rkvu9RRQNoWUVczWsEYaEPyrF6L_t1xFbVE; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Thu, 22 Dec 2022 21:20:42 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: pdhtkv=true; expires=Fri, 23 Dec 2022 21:20:42 GMT
uncs=1; expires=Fri, 23 Dec 2022 21:20:42 GMT
pdhtkv28=true; expires=Fri, 23 Dec 2022 21:20:42 GMT
uncs28=1; expires=Fri, 23 Dec 2022 21:20:42 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab9d7111cf035fa6d200e92c99d47b0e
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
23.36.79.43307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Thu, 22 Dec 2022 21:20:42 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 22 Dec 2022 21:20:42 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d; domain=.unibet.com; expires=Sat, 22-Dec-3021 21:20:42 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=38
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 22 Dec 2022 21:20:42 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node02gqmmgn5dtvf104oz4icrq0qx579791.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node02gqmmgn5dtvf104oz4icrq0qx; Path=/; Domain=.unibet.nu; Expires=Sat, 21-Dec-2024 21:20:42 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sat, 21-Dec-2024 21:20:42 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.spikereekvelocity.com/"; Path=/; Domain=.unibet.nu; Expires=Sat, 21-Dec-2024 21:20:42 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A1ACDBA09C6442C4A6297B10A8E30AEE%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://www.spikereekvelocity.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 22 Dec 2022 21:20:42 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node02gqmmgn5dtvf104oz4icrq0qx; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; affiliateId=1; B-TAG=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A1ACDBA09C6442C4A6297B10A8E30AEE%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 22 Dec 2022 21:20:42 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 22 Dec 2022 21:20:42 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3a5b8f5724c4656b88a6d17d8e0039d0
312adf72cd75f5129a489147dfb7bca67d9f6589
205ce68a788779ed548a3b3414ccfbdbb65f1ff24ae647b785e142116fd98dc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "205CE68A788779ED548A3B3414CCFBDBB65F1FF24AE647B785E142116FD98DC5"
Last-Modified: Tue, 20 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18490
Expires: Fri, 23 Dec 2022 02:28:52 GMT
Date: Thu, 22 Dec 2022 21:20:42 GMT
Connection: keep-alive
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 21:20:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ee50f699dd823e853e1f42712296b6e7
87344390d2a04c38343db8fb5a1fd7aaf329d4f7
4ebceabee669f5cfb6473171a1f1852da115b373df98d4342758995995c2ce9e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6093
Cache-Control: max-age=145660
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 21:20:43 GMT
Etag: "63a4485a-117"
Expires: Sat, 24 Dec 2022 13:48:23 GMT
Last-Modified: Thu, 22 Dec 2022 12:06:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5304 Not Modified 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 304 Not Modified
date: Thu, 22 Dec 2022 21:20:43 GMT
etag: "705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 21:20:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Dec 2022 17:25:38 GMT
expires: Wed, 20 Dec 2023 17:25:38 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 186905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ee50f699dd823e853e1f42712296b6e7
87344390d2a04c38343db8fb5a1fd7aaf329d4f7
4ebceabee669f5cfb6473171a1f1852da115b373df98d4342758995995c2ce9e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6093
Cache-Control: max-age=145660
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 21:20:43 GMT
Etag: "63a4485a-117"
Expires: Sat, 24 Dec 2022 13:48:23 GMT
Last-Modified: Thu, 22 Dec 2022 12:06:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 21:20:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5304 Not Modified 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d; clientId=polopoly_desktop
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 22 Dec 2022 21:20:43 GMT
etag: "705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
104.18.24.188200 OK 11 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
IP 104.18.24.188:0
File type Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Hash 0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: font/woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: "0x8DACBBCB4A3B989"
x-ms-request-id: b6f7cb18-201e-0029-1a03-032c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305304
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72e59d50b69-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
104.18.24.188200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP 104.18.24.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DACBBCB1BBD29B"
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0b1c71c4-b01e-0049-7003-0350e9000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 305297
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72e49d00b69-OSL
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Hash 3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: font/woff2
content-length: 74320
x-amz-id-2: 4ZsRjMmDPjRMooDgmchiwENcteCKgPXvccY2NlrGASEiKfJ5RYrzpfCSdJ8K6Y1YDdi5bDsfnGk=
x-amz-request-id: QEVRCHNESH8P615C
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1526320
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAQpTn7vDTi%2FehcqTuCDFKyC4uzc4ddzQeUnwch94dJfzGzUgE169F2K9cyxgXR8dL0EayGWiMDVwNPJ74ZXlIYU9pDYYdWd29DkwCdyZMcKdBXpj3cWv8KNxXUXJyE8nALFEyrR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dbe72e6fc123b2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 21:20:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 21:20:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:33:56 GMT
expires: Thu, 21 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 92807
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:33:54 GMT
expires: Thu, 21 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 92809
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b4064cd37eb4b1ac411189b0a7427ab4
23d775267bf9350ab08b1b28580ee5593b146d61
dc9c41cc8379d77eaba4bccb038ccd4e3b9cde1571cfe0e102c91b01881e239f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 21:20:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:34:15 GMT
expires: Thu, 21 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 92788
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
142.250.74.168200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP 142.250.74.168:0
File type ASCII text, with very long lines (62112)
Hash 4f10780418b36b6915cbfddacc3aab77
82f24b3233dab7e6a9a99b0892f77e9f9a99e8f0
5e2a27fb734fff76c7e64e0b291be67225f31f5075e9656107a3bfacea3726a8
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Dec 2022 21:20:43 GMT
expires: Thu, 22 Dec 2022 21:20:43 GMT
cache-control: private, max-age=900
last-modified: Thu, 22 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80771
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 21:20:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b675c06e5264c2ad34d6405ad49f2ab3
531cdcface7f821d01c37d10a6210c0a52fb6e46
ed3167d73262ac51a54c186856ec2b52e7e3e994911e5e3bc91ee15beebc9a32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5125
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 21:20:43 GMT
Last-Modified: Thu, 22 Dec 2022 19:55:18 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
secure.adnxs.com/seg?add=9755599
37.252.171.21307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 22 Dec 2022 21:20:43 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 3c32ebb4-1f9a-44b0-a60a-e7b346f7c37d
Set-Cookie: uuid2=3718307856285717692; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 22-Mar-2023 21:20:43 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6d62c072e2ebe58d97df88a0c6be6156
643a63cdcc8d7ed7c26d0e2777e8a4651e1b81a8
95c2fe4aa0290a37376a7fce3fbeecd4701290ac1e5fbd28ddaec17e74618d89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5221
Cache-Control: max-age=123196
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 21:20:43 GMT
Etag: "63a3f402-1d7"
Expires: Sat, 24 Dec 2022 07:33:59 GMT
Last-Modified: Thu, 22 Dec 2022 06:06:58 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
104.19.147.8200 OK 1.6 kB URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP 104.19.147.8:0
File type JSON data\012- , ASCII text, with very long lines (4098), with no line terminators
Hash 7e7bc762ec6bc70fd82910acddd05c69
f59b93a4b0e8bc17e91392db6ea0e957bafac27a
681643d5020d65aba1959bbc64f015e93374e1d1e3ffcad7d275e021c8beed79
GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: application/json
content-length: 1592
access-control-expose-headers: CE-Version
ce-version: 11.5.16
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 22 Dec 2022 11:56:04 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 33879
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe730dd100b65-OSL
X-Firefox-Spdy: h2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
104.40.147.180200 OK 1.6 kB URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP 104.40.147.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 4c6767f30274187c2a9dc6c20a98ee38
b1fc44313efeb853e00a00928e2857f2c9f3daf6
398d4fd6892b0fe31c2e41bf03e9f92f6cedd33e6f496b05d5912d07100c8341
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Thu, 22 Dec 2022 21:20:42 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=15ba40cd1caa1bec2184ac4d6bc54f4c82e5289caaa419bdac02883b5bb07792;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=15ba40cd1caa1bec2184ac4d6bc54f4c82e5289caaa419bdac02883b5bb07792;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1671744042734
34.247.240.197200 OK 923 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1671744042734
IP 34.247.240.197:0
Hash 2ea7a12ff329cfee22eaabdb553e4190
fc4eb9944661720c517c1d3cfce214c83251b431
be991739d8918a4a9e572951fa8ebbd537b995207d87e7f31a58231885b07e95
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1671744042734 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0314701ba.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=13923736008561980963468077294084183431; Max-Age=15552000; Expires=Tue, 20 Jun 2023 21:20:43 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: ZvdnJXIbTcE=
Content-Length: 497
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.24.188200 OK 6.3 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.24.188:0
Hash 97c00271daf319a8e7b6df3e5ba6f584
be7b58e70acf83bb04a911fb92506aa9495c1d31
a344387dab8acb16cd1478e2ffa5664356f007cf50b063cd76244d84c2b3c49c
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB117460B"
x-ms-request-id: dbafa778-701e-0034-4703-0321ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305304
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72ce8a80b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/versioned/common-scripts/91184d02a87923a014c1209f71972a90.js
104.19.147.8200 OK 27 kB URL HTTP/2 script.crazyegg.com/pages/versioned/common-scripts/91184d02a87923a014c1209f71972a90.js
IP 104.19.147.8:0
File type ASCII text, with very long lines (63889)
Hash 11878d289c10ebc964291941e629da81
64a6acf46f0d22a9d1dbd49e504948c7f4ba6f4d
e93037c1a50484a39322a09c9b0e4aca3e6c8c44ba8f968fb3c3bcf57c573fe7
GET /pages/versioned/common-scripts/91184d02a87923a014c1209f71972a90.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: text/javascript
content-length: 26887
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Wed, 21 Dec 2022 12:59:21 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 98119
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe7323e680b65-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.24.188200 OK 4.4 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Hash 4cb82eaf2176ef4247fb7ddb94d82fb7
664dd898c14333cd81578dc8eb770426b9a167cf
000724a0a95d77debf62118450fdbd8c19b71b5179a866582f4288cb2711ab14
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4C5466A"
x-ms-request-id: 0b580569-d01e-0060-1f03-036e9d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305304
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72cf8ca0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=464373
104.19.147.8200 OK 145 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=464373
IP 104.19.147.8:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8ac767f73802a7ee8299a8803aa6c50a
e2bc8acfa05bd66bb2431cfeac358d6aea10e6ec
f47bea510fc13af9c9163aba0985fa113016b386c140de7e009808f6d5893a61
GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=464373 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: application/json
content-length: 145
access-control-expose-headers: CE-Version
ce-version: 11.5.16
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 22 Dec 2022 14:01:26 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 26357
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe732aec80b65-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.24.188200 OK 9.9 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (15888), with no line terminators
Hash 0583c3e48d501f0a8c5a036b15de5195
b47c7fe3e01a8f63644b71b024de7f7241f0ebce
639a6689b743906df9d81981129b83760b3297f378081ab8b865dd566abc49f4
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4BDF480"
x-ms-request-id: 88d0ed69-201e-0074-2803-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305304
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72cf8c90b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
34.247.240.197200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 34.247.240.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 22 Dec 2022 21:20:43 GMT
DCS: dcs-prod-irl1-2-v045-05ee5fd88.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:23 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: ISE4H/KCSCM=
Content-Length: 2791
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 3673f23c13ff1b676f89e6bf0c43753a
7dc3b79940206d9913e82738f83db8ab0a9fe584
12babf1ad487e16374d369ef1d683eaa19437787957ac516efbdcda40172b033
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Dec 2022 21:20:44 GMT
Last-Modified: Thu, 22 Dec 2022 19:33:41 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: J069xvfkra-r8XnVCg0cSFsMwDFHtZfAxcjKYdo0C9ENoaLGkEvY1g==
Age: 6423
pagestates-tracking.crazyegg.com/healthcheck
54.230.111.46200 OK 19 B URL HTTP/2 pagestates-tracking.crazyegg.com/healthcheck
IP 54.230.111.46:0
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: pagestates-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Mon, 14 Nov 2022 03:38:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fJjMA-iEcUv5SJ5PkjskJFq_QMm4xpre-1wLuxEL3BHgL_74lZ_aoA==
age: 3346939
X-Firefox-Spdy: h2
assets-tracking.crazyegg.com/healthcheck
54.230.111.105200 OK 19 B URL HTTP/2 assets-tracking.crazyegg.com/healthcheck
IP 54.230.111.105:0
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Tue, 06 Dec 2022 01:51:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kCk1ULe2-N5AyFvkK1547muKWewKNkqUQo1abaye16wzWP1X9h0YHA==
age: 1452570
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.24.188200 OK 3.4 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.24.188:0
Hash eae720eb0cc6361b3633e0f454e7b6e0
d11d2bb8dba4ade7d04caddfd7e3c9b0c2dae170
abecb111a30eb18663e44fe201643f21b1814678f561790377ffb91265cb571e
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB2079DB0"
x-ms-request-id: 24a2aae3-d01e-004f-0203-036356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305304
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72cf8c50b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Y6TKLAAAABuMXQNn
34.247.240.197302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y6TKLAAAABuMXQNn
IP 34.247.240.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y6TKLAAAABuMXQNn HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0e1f48b6d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y6TKLAAAABuMXQNn
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=17643101640423700590554118081753430646; Max-Age=15552000; Expires=Tue, 20 Jun 2023 21:20:44 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: xzOWYnTISNc=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y6TKLAAAABuMXQNn
34.247.240.197200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y6TKLAAAABuMXQNn
IP 34.247.240.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y6TKLAAAABuMXQNn HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-093807daf.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Gm+HoChcTIU=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash e93bc6302d6132761fceb09c17edac98
d6aa2cc1d20132fae2428974e4caef337acf8810
ad3057d4eec81289a8b4e18f899217ee754679690e1c28446e68b9435a4248bd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155823
Date: Thu, 22 Dec 2022 21:20:44 GMT
Etag: "63a4728c-1d7"
Expires: Sat, 24 Dec 2022 16:37:47 GMT
Last-Modified: Thu, 22 Dec 2022 15:06:52 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QMRqibMfSYMlgrf5W4OsxrqQi1ksD2p-RmZNTgaCJiKYKijC8-xOBQ==
Age: 5455
tracking.crazyegg.com/clock?t=1671744043335&tk=49f5480a39da8ce7e59e73633af4ed5a
52.51.158.68200 OK 26 B URL HTTP/2 tracking.crazyegg.com/clock?t=1671744043335&tk=49f5480a39da8ce7e59e73633af4ed5a
IP 52.51.158.68:0
File type ASCII text, with no line terminators
Hash 20b923884670bb86581053eea7ce6336
ba1774d3c5cb8f6d1e3da447c18a90c871178cbf
84fe8d3726a6eef8ddf78a03f09e09679c706f4b3277dab0ebb4408a943646da
GET /clock?t=1671744043335&tk=49f5480a39da8ce7e59e73633af4ed5a HTTP/1.1
Host: tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Thu, 22 Dec 2022 21:20:44 GMT
content-type: text/plain
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2
s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202251
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202251
IP 192.0.77.32:0
GET /wp-content/js/devicepx-jetpack.js?ver=202251 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ineedsjobs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Dec 2022 21:20:40 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"5c066eb1-52b6"
content-encoding: br
expires: Mon, 18 Dec 2023 23:38:48 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB50B45F5"
x-ms-request-id: 10dfb792-f01e-0077-0703-03c796000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305304
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72cf8ba0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB39EA46F"
x-ms-request-id: a11628c9-801e-0042-7503-03ab82000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305303
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72cf8cf0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 21 Nov 2022 12:34:13 GMT
etag: W/"0x8DACBBCB22FE05F"
x-ms-request-id: bf5a1d34-901e-003c-5a03-033bc5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305304
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72d08d30b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Dec 2022 21:20:43 GMT
date: Thu, 22 Dec 2022 21:20:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
104.16.170.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP 104.16.170.188:0
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 207
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe7317ad1b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.gravatar.com/js/gprofiles.js?ver=2022Decaa
192.0.73.2200 OK 0 B URL HTTP/2 secure.gravatar.com/js/gprofiles.js?ver=2022Decaa
IP 192.0.73.2:0
GET /js/gprofiles.js?ver=2022Decaa HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ineedsjobs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Dec 2022 21:20:40 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:48:47 GMT
etag: W/"6323111f-5deb"
content-encoding: br
expires: Thu, 29 Dec 2022 21:20:40 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB5157DAD"
x-ms-request-id: 88d0ed66-201e-0074-2503-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305304
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72cf8bd0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3E60357"
x-ms-request-id: 16b99321-701e-000b-6a03-03e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305303
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72cf8d10b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4CC7156"
x-ms-request-id: 4fc06b4d-901e-004e-1803-033c8a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305304
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72cf8cb0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/widget/betslip/betslip.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP 104.18.24.188:0
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305304
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72e19930b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
stats.wp.com/e-202251.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202251.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ineedsjobs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Dec 2022 21:20:40 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 10 Dec 2023 23:28:49 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:42 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: 3j1KK5ReHy/6ckOVwt+Uag==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
x-ms-request-id: e61dae88-d01e-005f-1d4b-16a63e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72b0f020b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.24.188:0
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305304
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72cf8c40b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.24.188404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: application/xml
x-ms-request-id: 0355011b-501e-001c-584a-164062000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 288
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72cf8d20b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
104.16.170.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP 104.16.170.188:0
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 208
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe7317ad8b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB1D5BF7A"
x-ms-request-id: 5d879bd0-f01e-002a-0703-03cd12000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305304
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72cf8c70b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_A1ACDBA09C6442C4A6297B10A8E30AEE&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671744042448)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202212222120%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228595554807%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3A5CF50"
x-ms-request-id: cd88faad-301e-0047-5503-037959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 305303
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72cf8d00b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.133.15:0
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: text/css
x-amz-id-2: kBpjnAujkCQOW3Zr0P8Ew6IrWjg48N7+8LpZ64VVWljlBbzpY3QoGqj3PKT7OmPBh8WXfTwfBYk=
x-amz-request-id: F3FX4D4WZDEMXQ23
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1526321
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20R4WNWaIhPkJxvks55mOG%2FA8et1SiTkzvI58I9jTS%2B5WKKSwkRBOYaPLOTRwzWq%2BFyUX8Wro5ouuP99pL%2BhYP8dwSDp22BmW%2F8M0eUm0RAoGxC7IYRJrvEewubDZukPW%2BXVFjMx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dbe72d7e5f23b2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
104.19.147.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP 104.19.147.8:0
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.16
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Thu, 22 Dec 2022 11:56:03 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 33879
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72fabd60b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js?464373
104.19.147.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?464373
IP 104.19.147.8:0
GET /pages/scripts/0012/9242.js?464373 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 21:20:43 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.16
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Thu, 22 Dec 2022 11:56:03 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 33879
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dbe72fbbdb0b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2