wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html
142.250.74.33301 Moved Permanently 211 B URL HTTP/1.1 wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash d4ca2e88c62ab8d4990aa16ac34fa3a2
ad372c249b927578f15b43698e7a41a43ce0ac22
e7f2129b0ac0e6f87f582359ac8536196b070126424281b70c8b68e6399e522c
GET /2022/11/23-mandalorian-clip-art-free.html HTTP/1.1
Host: wahidkrishna.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 10:40:57 GMT
Expires: Mon, 05 Dec 2022 10:40:57 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 211
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12484
Expires: Mon, 05 Dec 2022 14:09:01 GMT
Date: Mon, 05 Dec 2022 10:40:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5939
Cache-Control: max-age=91759
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:57 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 12:10:16 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13827
Expires: Mon, 05 Dec 2022 14:31:24 GMT
Date: Mon, 05 Dec 2022 10:40:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 10:20:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1242
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fr7dEbcOf2NmPeERWI6YjDirsc2UIHY8IFqmklQAxI3Rp0J3QKut186EOpMqxQdbHm3xpQ+sR4Q=
x-amz-request-id: 8PFGDBFVDAWW9QMM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 09:47:55 GMT
age: 3182
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 951899738210b4e73e821fe5c4a4c55f
b0b369c38a8431c1688152bb1fc56d80de1f5a37
43a0bfab009cbba919c151e02143651adc3c81ce1ae7bd3a49a6eced6d456f2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 10:40:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 10:11:19 GMT
cache-control: public,max-age=3600
age: 1778
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 951899738210b4e73e821fe5c4a4c55f
b0b369c38a8431c1688152bb1fc56d80de1f5a37
43a0bfab009cbba919c151e02143651adc3c81ce1ae7bd3a49a6eced6d456f2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5951
Cache-Control: max-age=86704
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:46:02 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 590215c8f95aacc57b517dc2e2c77520
ac4e82b8fe83e30ee19102a8d111dd117b371df4
026588614f61e2b83819d5b9d79b48066d6bd6d0a31ac6c6d15c8b8ae4128289
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=103418
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Etag: "638cbbb4-117"
Expires: Tue, 06 Dec 2022 15:24:36 GMT
Last-Modified: Sun, 04 Dec 2022 15:24:36 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1e5e51fbc58282a2410de240a13bac3d
03e7151c23e4ed5efc5a4415fc5dcb01f0d5e019
ad20d69cf3f84ec6bee56a570acbce60d0ade6bdf201397a1de2417fed11b3fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html
142.250.74.33200 OK 56 kB URL HTTP/2 wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (12306)
Hash f8aad66cd1db8564c22fb73fc6fcc602
90cd600fe93fd79f9ae6c1505a18c36f8ea9918b
3927b02cd29baf2b327181353936b7f82deaca19d318fa515362126cdcac306c
GET /2022/11/23-mandalorian-clip-art-free.html HTTP/1.1
Host: wahidkrishna.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 05 Dec 2022 10:40:57 GMT
date: Mon, 05 Dec 2022 10:40:57 GMT
cache-control: private, max-age=0
last-modified: Mon, 05 Dec 2022 06:35:11 GMT
etag: W/"4306e64ac7081978ade6274c5722192699387f3f00f6d06d2cf6a10fb9062c27"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 56123
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bayupras.com/ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
104.21.28.72200 OK 0 B URL HTTP/2 bayupras.com/ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP 104.21.28.72:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:40:58 GMT
content-type: application/javascript
content-length: 0
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 14:00:21 GMT
last-modified: Tue, 22 Nov 2022 07:22:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 247237
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhmuvHgwk9Xj3nDjA0ZvS1W86h9a6yJy1XIOFIX3utm3qeAhcYt1uBSOXSzUvHrWMI8STNT4XPYZmcyKT8eH4s6AZ20aA5D4cxEozYmpbw9sRgrybojGb4oIzJ0Jn8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2aac6fa1b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Mon, 05 Dec 2022 10:40:58 GMT
expires: Mon, 05 Dec 2022 10:40:58 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 590215c8f95aacc57b517dc2e2c77520
ac4e82b8fe83e30ee19102a8d111dd117b371df4
026588614f61e2b83819d5b9d79b48066d6bd6d0a31ac6c6d15c8b8ae4128289
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=103418
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Etag: "638cbbb4-117"
Expires: Tue, 06 Dec 2022 15:24:36 GMT
Last-Modified: Sun, 04 Dec 2022 15:24:36 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
34.218.168.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.168.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jghkrjyASVQJUPNmcuwCmw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: m4XX5vLLNkk36t9IDpbsgLGEq78=
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 19:47:40 GMT
expires: Wed, 29 Nov 2023 19:47:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 485598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 67e4709c84acec8eddbeb11d56e7d0fd
32a14eeba023499cda0d49fd785ac7626f4a5582
8953090ad9df36f81c3393cc6c67c87b6ad521b8806c7ea004e0b4354b9e1c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 590215c8f95aacc57b517dc2e2c77520
ac4e82b8fe83e30ee19102a8d111dd117b371df4
026588614f61e2b83819d5b9d79b48066d6bd6d0a31ac6c6d15c8b8ae4128289
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Etag: "638cbbb4-117"
Server: ECS (amb/6B98)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0841189ca7e4b32044e84f9c031237c0
e068ba25286104c68137a3c41e51ad9b070f580c
0a273efd845f65f9002183e794a3c77b9ed5eea6a619d5ae6eea2e3161cd0b7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2338
Cache-Control: max-age=86690
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Etag: "638c713a-118"
Expires: Tue, 06 Dec 2022 10:45:48 GMT
Last-Modified: Sun, 04 Dec 2022 10:06:50 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
bayupras.com/ars/ataspost.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
104.21.28.72200 OK 678 B URL HTTP/2 bayupras.com/ars/ataspost.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP 104.21.28.72:0
File type ASCII text, with CRLF line terminators
Hash 89decfefbb672c0a609b91baee906d79
e3c3894f863c78e28316d9054b47cd6a292acaf4
bbed406432fbc58bd75f98af1b1f1337223911ae0b87208ef3b7b9ae7b1354b1
GET /ars/ataspost.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:40:58 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 14:00:21 GMT
last-modified: Sun, 27 Nov 2022 12:08:50 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 247237
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pjyjIr3k53oT5RpXLamu5CjV7yRdF2Q2FsQf4rTheHPADonKzLazyaI%2FNwH1wiAMeHBv4%2F9WMG4L3xWtybkJvDYT%2FakGSvk%2BXhl6RLKU%2FXfLrH%2FpEO78Z5VoEuRGkY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774c2aacc826b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6250
Cache-Control: max-age=127695
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 22:09:13 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:40:58 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 478046
expires: Sat, 25 Nov 2023 10:40:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpdrFX9dcHBa0%2BkEET%2FGpON0c%2FgSWd%2BxK%2FcYb6f7eg6LRfLVH5cW1Z0Dy90plsp4ILlLUx%2Fpnx34gr8ozwUxVH8C6kf4HnvSsehwqRzPiY5%2B35nhVpmER1xV8oc9qzywoVj%2FPBkz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774c2aadfb320afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bayupras.com/ars/tengah.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
104.21.28.72200 OK 678 B URL HTTP/2 bayupras.com/ars/tengah.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP 104.21.28.72:0
File type ASCII text, with CRLF line terminators
Hash 6e3826210e6fdd0d48313674d0d49d7f
dca993d4579cf6b3ccf7d67249735ea656418b42
90b03b8115d73c06298f5d408a644d741ba6c7d026b6424eeb75c80434340de0
GET /ars/tengah.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:40:58 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 14:00:21 GMT
last-modified: Sun, 27 Nov 2022 12:11:03 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 247237
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Y35El%2BHtGWcjU15wus0fZZu%2BIOmAjWgO6udh2naiL1M1t%2Fu9ey58HJUdoeU5y47ROGn2TJ47XGaVgwCLdWns%2FAtCqb25FXp4a96URxLQqHbIlrbMHzPD2u5ekwSIGA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774c2aacd82bb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha34gYnxjtUKcNoFyFGb3vDRobEjcEBxre2VAuLckGkAtVF95Q_T-inAxfQjYrMayzvmDXvWIuKc8zHN6ePj7LfVrrrwGTWoI6o_8bH1wX2X-hXUvSKezIQmc3R6HUBy0bGrUPeT4hWb__OHtYF_2Pg=w72-h72-p-k-no-nu
216.58.207.225200 OK 4.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha34gYnxjtUKcNoFyFGb3vDRobEjcEBxre2VAuLckGkAtVF95Q_T-inAxfQjYrMayzvmDXvWIuKc8zHN6ePj7LfVrrrwGTWoI6o_8bH1wX2X-hXUvSKezIQmc3R6HUBy0bGrUPeT4hWb__OHtYF_2Pg=w72-h72-p-k-no-nu
IP 216.58.207.225:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 9d2d10e5bf5d4643d92bba021edadc23
7f4b6957c269132003b76346214d5e98f29d44d3
2b567d4db64eb0f2149613964f1eec9dd9f1c42e8c9e9c2d7aad32d8db29b386
GET /blogger_img_proxy/ANbyha34gYnxjtUKcNoFyFGb3vDRobEjcEBxre2VAuLckGkAtVF95Q_T-inAxfQjYrMayzvmDXvWIuKc8zHN6ePj7LfVrrrwGTWoI6o_8bH1wX2X-hXUvSKezIQmc3R6HUBy0bGrUPeT4hWb__OHtYF_2Pg=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 06 Dec 2022 10:40:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 10:40:58 GMT
server: fife
content-length: 4131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bayupras.com/ars/directpop.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
104.21.28.72200 OK 677 B URL HTTP/2 bayupras.com/ars/directpop.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP 104.21.28.72:0
File type ASCII text, with CRLF line terminators
Hash 02625ad840dbcabc625a230e655b1a5f
2ba791cf39fb31ac18f8115e540c13580c2c4b79
fb49f0c30ac7f3e9ca5dcab03a7a557fba6f345681b6df0bc869b0acb381ce9b
GET /ars/directpop.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:40:58 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 14:00:21 GMT
last-modified: Sun, 27 Nov 2022 12:10:02 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 247237
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VI6RRD7CarB7wVINolDb89PDh3Ulq0nJwQW0GvYINhLCSIAb%2FLT3otXUgFAVf5MV0WEKgq1byymEfPePgQNiJ30GQbRaKjg%2FBGyE%2BjXx4q8DBd5sO6gDwMUzPuHqy0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774c2aacd82cb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8cc9769a9528daa7439773d2ca88245
c7b31fe0330033886a4cbfbeff4a39653f33d43d
096ead6bacc9fb5a696142db04a7642c9ff050e801ae50c460a00ee9986bc120
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "096EAD6BACC9FB5A696142DB04A7642C9FF050E801AE50C460A00EE9986BC120"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9494
Expires: Mon, 05 Dec 2022 13:19:12 GMT
Date: Mon, 05 Dec 2022 10:40:58 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
qph.cf2.quoracdn.net/main-qimg-c7ad13979234659e09884fe8b772e508-lq
162.159.153.247200 OK 55 kB URL HTTP/2 qph.cf2.quoracdn.net/main-qimg-c7ad13979234659e09884fe8b772e508-lq
IP 162.159.153.247:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 570x881, components 3\012- data
Hash aec788e8ce165ed972a58fb43b075b21
185a69896bd3443ba0b487e4a23d6c52afe90271
501dea1759440a8c6e91d21e43148c14f38fbe2ccc9cef1e8dda60f1aeef6677
GET /main-qimg-c7ad13979234659e09884fe8b772e508-lq HTTP/1.1
Host: qph.cf2.quoracdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:40:58 GMT
content-type: image/jpeg
content-length: 54612
cache-control: public, max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "aec788e8ce165ed972a58fb43b075b21"
expires: Thu, 02 Dec 2032 10:40:58 GMT
last-modified: Wed, 11 May 2022 13:30:45 GMT
x-amz-id-2: KluBsXiae2pjMmr0TUrwB9FubxiUvSLKju61KQTi8FzLrfcqWMoLVA5p8YMgue+Snk+erYZlxTk=
x-amz-replication-status: COMPLETED
x-amz-request-id: VB7MX66YEKWHQ8P6
x-amz-version-id: LbY3jQrSVDS7cNBC6yJvniQiPhAC.ZSX
cf-cache-status: HIT
age: 65391
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
server: cloudflare
cf-ray: 774c2aae59750b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3GL1iEEJ7Qrh8TRzaIhQqQmM-Dm6o1A9IfYtbb7Yo9ORNdx7VCyEHIyZKHSUHjlOmXo1XPuXKQl-R_D6RtA4IDR5p4qMMBB8WcdIsy-Fg=s0-d
216.58.207.225200 OK 56 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3GL1iEEJ7Qrh8TRzaIhQqQmM-Dm6o1A9IfYtbb7Yo9ORNdx7VCyEHIyZKHSUHjlOmXo1XPuXKQl-R_D6RtA4IDR5p4qMMBB8WcdIsy-Fg=s0-d
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 564x869, components 3\012- data
Hash 38c92071356fa8abdc6426cc78841d2c
341e9629537881c2d2b4cfcb8199eeec14c9a61c
22f55f6780d21486c54dc283deacae43e44ec6dc233978fd158b822c00ec6035
GET /blogger_img_proxy/ANbyha3GL1iEEJ7Qrh8TRzaIhQqQmM-Dm6o1A9IfYtbb7Yo9ORNdx7VCyEHIyZKHSUHjlOmXo1XPuXKQl-R_D6RtA4IDR5p4qMMBB8WcdIsy-Fg=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 06 Dec 2022 10:40:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 10:40:58 GMT
server: fife
content-length: 55452
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 29335a536fd47c44f11a984665f501f6
46dbfa43c5a94c6baec55a9e89cb1cb0cee7eb69
39d8bc234639a4fceeee88f10319692733e37388c06ae5567971f9dbb7c0aab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 67e4709c84acec8eddbeb11d56e7d0fd
32a14eeba023499cda0d49fd785ac7626f4a5582
8953090ad9df36f81c3393cc6c67c87b6ad521b8806c7ea004e0b4354b9e1c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3Psow9JzfNo1cN6umYKiow3hIfuu--mnbLb_WmciY_rZkV2yjKvZHkNAybs-UIa-vVjGsG0O0YVyYesYKRN40Sz1AxOP5qMFWa4u2K1KSq_qtyKjKBAIMSer-COmxBb34u7lUblsvgWAcgwBBesLct6xBdF_klXO7n1Agt5n1OVpLsdHrq78TS_oGh2dcniigcZwBJXFkagYdAJQgVLPjRwxE2uOh3LIfdKBS7=w72-h72-p-k-no-nu
216.58.207.225404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3Psow9JzfNo1cN6umYKiow3hIfuu--mnbLb_WmciY_rZkV2yjKvZHkNAybs-UIa-vVjGsG0O0YVyYesYKRN40Sz1AxOP5qMFWa4u2K1KSq_qtyKjKBAIMSer-COmxBb34u7lUblsvgWAcgwBBesLct6xBdF_klXO7n1Agt5n1OVpLsdHrq78TS_oGh2dcniigcZwBJXFkagYdAJQgVLPjRwxE2uOh3LIfdKBS7=w72-h72-p-k-no-nu
IP 216.58.207.225:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash f9430891fd5718667533510db8b30c4f
bb671f2321a61828ebc46815a3e2afa4f5402d16
c23168f6ddf15c0df75373cd561072e47da021ef537ae91708fa1ca9d6883029
GET /blogger_img_proxy/ANbyha3Psow9JzfNo1cN6umYKiow3hIfuu--mnbLb_WmciY_rZkV2yjKvZHkNAybs-UIa-vVjGsG0O0YVyYesYKRN40Sz1AxOP5qMFWa4u2K1KSq_qtyKjKBAIMSer-COmxBb34u7lUblsvgWAcgwBBesLct6xBdF_klXO7n1Agt5n1OVpLsdHrq78TS_oGh2dcniigcZwBJXFkagYdAJQgVLPjRwxE2uOh3LIfdKBS7=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 10:40:58 GMT
server: fife
content-length: 1833
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1-lqUaT2wJWvNRqlnq_sZgHDZnxJM9nBbY4tzkqampvEUbl_2g2M9oBVx5CENxh8Oa8jdHhJ-l_rrq_AyfiUTEQTBYXSd0Q8uEH-9h6UI=s0-d
216.58.207.225200 OK 31 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1-lqUaT2wJWvNRqlnq_sZgHDZnxJM9nBbY4tzkqampvEUbl_2g2M9oBVx5CENxh8Oa8jdHhJ-l_rrq_AyfiUTEQTBYXSd0Q8uEH-9h6UI=s0-d
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x800, components 3\012- data
Hash 2ffe4f29557e03d17f2efc6f2bceb149
dda1c86d1d798256217bbcd2aae2f20445c9aa81
070f332a0a27d30e26a9fd55d4cdc34e6ba3fefef2f64b778446237a47435ebe
GET /blogger_img_proxy/ANbyha1-lqUaT2wJWvNRqlnq_sZgHDZnxJM9nBbY4tzkqampvEUbl_2g2M9oBVx5CENxh8Oa8jdHhJ-l_rrq_AyfiUTEQTBYXSd0Q8uEH-9h6UI=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 06 Dec 2022 10:40:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 10:40:58 GMT
server: fife
content-length: 31252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6250
Cache-Control: max-age=127695
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 22:09:13 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
www.blogger.com/static/v1/widgets/2342155703-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 536249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b37f91606f90b4b37786c37c2a7dfe5
384cf182cb7313cbf850966c766caef9573f92fb
f2f60690cb04f065557154bdbee67448e671dabd6e17031c37c1e7824fe7a38f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2F60690CB04F065557154BDBEE67448E671DABD6E17031C37C1E7824FE7A38F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=873
Expires: Mon, 05 Dec 2022 10:55:31 GMT
Date: Mon, 05 Dec 2022 10:40:58 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 29335a536fd47c44f11a984665f501f6
46dbfa43c5a94c6baec55a9e89cb1cb0cee7eb69
39d8bc234639a4fceeee88f10319692733e37388c06ae5567971f9dbb7c0aab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0WQcDwY5ydeuP_DzU540CghXx3EVhUixtYyOziPZ_6RJOYKLdbNECOh4lDEQ42hgClTDEA2eMwtX3yAf8N1OqpqQRPwRfNk-7DPrmPOCoO7RbNqCwDDK4JtzXJl6ot8qNH8_WDEkyOXQ_zxwcQ5T83-N3bY8_V2rMv=s0-d
216.58.207.225200 OK 45 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0WQcDwY5ydeuP_DzU540CghXx3EVhUixtYyOziPZ_6RJOYKLdbNECOh4lDEQ42hgClTDEA2eMwtX3yAf8N1OqpqQRPwRfNk-7DPrmPOCoO7RbNqCwDDK4JtzXJl6ot8qNH8_WDEkyOXQ_zxwcQ5T83-N3bY8_V2rMv=s0-d
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x480, components 3\012- data
Hash d098aa11a663fcfa4d6af754bcc80358
0f7db75ae4fa320df2905d5667072755aae4bb6d
3257b01e239a6c0f70278accd9b5080d4a567d7fee02415522f323de022af7d0
GET /blogger_img_proxy/ANbyha0WQcDwY5ydeuP_DzU540CghXx3EVhUixtYyOziPZ_6RJOYKLdbNECOh4lDEQ42hgClTDEA2eMwtX3yAf8N1OqpqQRPwRfNk-7DPrmPOCoO7RbNqCwDDK4JtzXJl6ot8qNH8_WDEkyOXQ_zxwcQ5T83-N3bY8_V2rMv=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 06 Dec 2022 10:40:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 10:40:58 GMT
server: fife
content-length: 45362
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.66200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.66:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Sun, 04 Dec 2022 20:43:41 GMT
expires: Sun, 18 Dec 2022 20:43:41 GMT
cache-control: public, max-age=1209600
age: 50237
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2bd426183fde9fb64751c4944fdf7560
169f76c0ea06bb6e129d07ba7b5c5df0da828bb1
8f91eae50713a4640cec306473dbbed54e5e969cff742827876a2266cb888109
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F91EAE50713A4640CEC306473DBBED54E5E969CFF742827876A2266CB888109"
Last-Modified: Sat, 03 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8021
Expires: Mon, 05 Dec 2022 12:54:39 GMT
Date: Mon, 05 Dec 2022 10:40:58 GMT
Connection: keep-alive
thumbnail.imgbin.com/18/13/0/imgbin-the-mandalorian-armor-boba-fett-clone-trooper-sketch-star-wars-v4Fx6rG0MGj6Kjfbau7dzVm2J_t.jpg
172.67.71.218200 OK 20 kB URL HTTP/2 thumbnail.imgbin.com/18/13/0/imgbin-the-mandalorian-armor-boba-fett-clone-trooper-sketch-star-wars-v4Fx6rG0MGj6Kjfbau7dzVm2J_t.jpg
IP 172.67.71.218:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 310x231, components 3\012- data
Hash ce44c030b258ca9257ce05bbc9c5bc43
ac301200d6242f380b5ff98b2b9ab9886384c800
1243f491eb24a2dd867942c6d730968e00b2c091fa23780a8d88705e9ffd0e77
GET /18/13/0/imgbin-the-mandalorian-armor-boba-fett-clone-trooper-sketch-star-wars-v4Fx6rG0MGj6Kjfbau7dzVm2J_t.jpg HTTP/1.1
Host: thumbnail.imgbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:40:58 GMT
content-type: image/jpeg
content-length: 20149
last-modified: Fri, 22 Mar 2019 11:18:53 GMT
etag: "5c94c49d-4eb5"
expires: Tue, 05 Dec 2023 10:40:58 GMT
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9d6ICnCNK5rJxhUK7sVejnQAYQrdnFKdlJdtagaYGe5pt0kE8RNUFhmseHe8v8j3CYox7ywYg6Y0mPBHQg6PLUwpyinWUE4KtIHVHPSvnzUBSNQdRqCMn7bWD%2FH90B974UMp%2Fsm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2aadcfb5b511-OSL
X-Firefox-Spdy: h2
m.media-amazon.com/images/I/31VWQ5U-3TL.jpg
143.204.54.16200 OK 10 kB URL HTTP/2 m.media-amazon.com/images/I/31VWQ5U-3TL.jpg
IP 143.204.54.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash af23548c0518d3e8bdb9c3fe9e01de33
1a312dbe81fe14356761bb092def3df0c9b76424
6de8249176204da4079b917707b11c68d831b540246aa760f35b4f5e91f1b3c0
GET /images/I/31VWQ5U-3TL.jpg HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10443
server: Server
date: Mon, 28 Nov 2022 07:06:50 GMT
x-amz-ir-id: 36b8185a-3891-48de-8883-d04e2578e7a5
expires: Sun, 23 Nov 2042 07:06:50 GMT
cache-control: max-age=630720000,public
surrogate-key: x-cache-426 /images/I/31VWQ5U-3TL
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
edge-cache-tag: x-cache-426,/images/I/31VWQ5U-3TL
access-control-allow-origin: *
last-modified: Fri, 09 Oct 2020 18:36:21 GMT
x-nginx-cache-status: MISS
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fihAsfNYY5K3wa_M4osAEceuy8XLIPVs4sxcO3N_GwCzGK9Owm2tjA==
age: 617648
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73008f00242de4274dffc063a229b2e5
d6c9b67ce0d85f04d78fb4d343d1162ce3ad01a9
0be6966b742d863587c771cd946b374a836d52e369935151bd3fdcd1df33c972
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BE6966B742D863587C771CD946B374A836D52E369935151BD3FDCD1DF33C972"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14318
Expires: Mon, 05 Dec 2022 14:39:36 GMT
Date: Mon, 05 Dec 2022 10:40:58 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2tQcBZKIgI-aeNUS5Vga8UXaWKwhbw2cbElyZ7e9y6VgFWe51_GHhruNS3kIW2ZEpR23s1EZp1JwQqSIxa4EGC9bTXdVO-9RDMwo3EyxfpTcEOWl9_sxMjA-mnyWyGsyEIStw10f115QeyjZ9kvTKmhHepB9Swa9Nl=s0-d
216.58.207.225200 OK 68 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2tQcBZKIgI-aeNUS5Vga8UXaWKwhbw2cbElyZ7e9y6VgFWe51_GHhruNS3kIW2ZEpR23s1EZp1JwQqSIxa4EGC9bTXdVO-9RDMwo3EyxfpTcEOWl9_sxMjA-mnyWyGsyEIStw10f115QeyjZ9kvTKmhHepB9Swa9Nl=s0-d
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x860, components 3\012- data
Hash ff7f1f31d1655d7b2b3133b737714dba
a175c26afe7ce1cddc19e7c36679d095c9286dc5
c082a4b0e78ed91975818638cbff9d0d2b0e5182488e554a6b17ca63599b0314
GET /blogger_img_proxy/ANbyha2tQcBZKIgI-aeNUS5Vga8UXaWKwhbw2cbElyZ7e9y6VgFWe51_GHhruNS3kIW2ZEpR23s1EZp1JwQqSIxa4EGC9bTXdVO-9RDMwo3EyxfpTcEOWl9_sxMjA-mnyWyGsyEIStw10f115QeyjZ9kvTKmhHepB9Swa9Nl=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 06 Dec 2022 10:40:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 10:40:58 GMT
server: fife
content-length: 67496
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3ltoq82DsbyTwx3rfXPOAUNra5H10xk4DalqAdPfHNbdPhgQQK2RW7b5pjVA3TH9ikq9riKct1csVYlyeNAft0ghg7wdKUvkN_qIGSZTzHvDlv6t0=s0-d
216.58.207.225200 OK 58 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3ltoq82DsbyTwx3rfXPOAUNra5H10xk4DalqAdPfHNbdPhgQQK2RW7b5pjVA3TH9ikq9riKct1csVYlyeNAft0ghg7wdKUvkN_qIGSZTzHvDlv6t0=s0-d
IP 216.58.207.225:0
File type PNG image data, 600 x 522, 8-bit/color RGBA, non-interlaced\012- data
Hash b3ac9d5eb5bb802e28e326225d49a843
58c8f5358d8a5f5f3ce809024793da07eff4f9cc
a607982e81fe31e449293aa6d9b6296db3166883b911866a4b4da1776a6702f6
GET /blogger_img_proxy/ANbyha3ltoq82DsbyTwx3rfXPOAUNra5H10xk4DalqAdPfHNbdPhgQQK2RW7b5pjVA3TH9ikq9riKct1csVYlyeNAft0ghg7wdKUvkN_qIGSZTzHvDlv6t0=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 06 Dec 2022 10:40:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 10:40:58 GMT
server: fife
content-length: 57748
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2nF4wVZP48R3T4dNwSRtebUGCinxuRpowXVwO5hjYSEkv5teB2aeeq7cy_dq0pe9vDwWF_z73AlW7JpFCdViHzV93diDQ9EQSC546SyBDb871pUEgvOBbfKWA6q-K8wvfgA0kPo0F9K0FfFxJb7ps-ihVeHxUGPno=w72-h72-p-k-no-nu
216.58.207.225200 OK 3.0 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2nF4wVZP48R3T4dNwSRtebUGCinxuRpowXVwO5hjYSEkv5teB2aeeq7cy_dq0pe9vDwWF_z73AlW7JpFCdViHzV93diDQ9EQSC546SyBDb871pUEgvOBbfKWA6q-K8wvfgA0kPo0F9K0FfFxJb7ps-ihVeHxUGPno=w72-h72-p-k-no-nu
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 495889c02f914ca621c5dd78d1728356
2ddf5ed77e093bf61e039894f661d464fa29a90e
615204ae41f3372776d597c05d66290c8f4d0a426bb72fe78be8bd389b9f4912
GET /blogger_img_proxy/ANbyha2nF4wVZP48R3T4dNwSRtebUGCinxuRpowXVwO5hjYSEkv5teB2aeeq7cy_dq0pe9vDwWF_z73AlW7JpFCdViHzV93diDQ9EQSC546SyBDb871pUEgvOBbfKWA6q-K8wvfgA0kPo0F9K0FfFxJb7ps-ihVeHxUGPno=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 06 Dec 2022 10:40:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 10:40:58 GMT
server: fife
content-length: 3041
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.etsystatic.com/34559299/r/il/1519ab/3964655004/il_fullxfull.3964655004_9dui.jpg
151.101.1.224200 OK 421 kB URL HTTP/2 i.etsystatic.com/34559299/r/il/1519ab/3964655004/il_fullxfull.3964655004_9dui.jpg
IP 151.101.1.224:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2251x1407, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 421 kB (421314 bytes)
Hash 5fba3e6259061ada4fa519886c292a8f
87f06a98099261a842f5a35615e06e2ff68aee73
2fb5dd68ad9721fb9d4ff2c5899a8bf0b91998b119ae6d2be9452c5b3a4e36d3
GET /34559299/r/il/1519ab/3964655004/il_fullxfull.3964655004_9dui.jpg HTTP/1.1
Host: i.etsystatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=365000000, immutable
content-type: image/webp
etag: "cSu6rzTmOPTu8YAdwZeul7wxujPQkEUxJiVSXuvwOT0"
expires: Sun, 12 Nov 2023 05:52:48 GMT
fastly-io-info: ifsz=707099 idim=2251x1407 ifmt=jpeg ofsz=421314 odim=2251x1407 ofmt=webp
fastly-stats: io=1
server: UploadServer
x-goog-generation: 1656042553776973
x-goog-hash: crc32c=Os5pRA==, md5=yE1nyJL+L9cT77gpPrlg9w==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 707099
x-guploader-uploadid: ADPycduS624Ly7cDkYTxGThd0pOtCV4qwzF4Klp_tlZWw32xYhIQqvOcI24qPxstYZxWnI88l4UgA1v-st5tHBiiBl0Akw
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Dec 2022 10:40:58 GMT
age: 2004490
x-served-by: cache-chi-klot8100169-CHI, cache-bma1678-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1670236859.585331,VS0,VE113
vary: Accept
timing-allow-origin: *
strict-transport-security: max-age=300
content-length: 421314
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c446a0c33114f1b4aec3d6f2ef405b99
0aaf09592c1f43b4e72a7ec6fbc8b9af4742b566
9a99c00ff4509e10ba73496d354471e5fee71cc04343377374925e6ba1ed8838
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A99C00FF4509E10BA73496D354471E5FEE71CC04343377374925E6BA1ED8838"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4321
Expires: Mon, 05 Dec 2022 11:52:59 GMT
Date: Mon, 05 Dec 2022 10:40:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8cc9769a9528daa7439773d2ca88245
c7b31fe0330033886a4cbfbeff4a39653f33d43d
096ead6bacc9fb5a696142db04a7642c9ff050e801ae50c460a00ee9986bc120
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "096EAD6BACC9FB5A696142DB04A7642C9FF050E801AE50C460A00EE9986BC120"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9494
Expires: Mon, 05 Dec 2022 13:19:12 GMT
Date: Mon, 05 Dec 2022 10:40:58 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 29335a536fd47c44f11a984665f501f6
46dbfa43c5a94c6baec55a9e89cb1cb0cee7eb69
39d8bc234639a4fceeee88f10319692733e37388c06ae5567971f9dbb7c0aab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2nF4wVZP48R3T4dNwSRtebUGCinxuRpowXVwO5hjYSEkv5teB2aeeq7cy_dq0pe9vDwWF_z73AlW7JpFCdViHzV93diDQ9EQSC546SyBDb871pUEgvOBbfKWA6q-K8wvfgA0kPo0F9K0FfFxJb7ps-ihVeHxUGPno=s0-d
216.58.207.225200 OK 130 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2nF4wVZP48R3T4dNwSRtebUGCinxuRpowXVwO5hjYSEkv5teB2aeeq7cy_dq0pe9vDwWF_z73AlW7JpFCdViHzV93diDQ9EQSC546SyBDb871pUEgvOBbfKWA6q-K8wvfgA0kPo0F9K0FfFxJb7ps-ihVeHxUGPno=s0-d
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x1480, components 3\012- data
Size 130 kB (129706 bytes)
Hash d2d02be9d7ab5bb442808e4d01f6b1c2
08419475a0af2babe2cbb17d1fa288b1e1205840
f2385319540d4fd8c02a6df17f2eb5b5435a2b014bc5115fed86874c8e6b31b5
GET /blogger_img_proxy/ANbyha2nF4wVZP48R3T4dNwSRtebUGCinxuRpowXVwO5hjYSEkv5teB2aeeq7cy_dq0pe9vDwWF_z73AlW7JpFCdViHzV93diDQ9EQSC546SyBDb871pUEgvOBbfKWA6q-K8wvfgA0kPo0F9K0FfFxJb7ps-ihVeHxUGPno=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 06 Dec 2022 10:40:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 10:40:58 GMT
server: fife
content-length: 129706
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0JGRCXtO9QgZ7RjuLixUrtpidhjUEB-F7iG5jquKfDbVizGfjCDNzHoBuwN7qOmVBqwMLPXQ7GudKvoiJNosBDn4UVOWhltot1ydDhc9sSe_PZxHIAxMOaHuWjaJeEd2uFeVnsjUAlZxLoxPWf1B_4rC4BCWY3FKeP=s0-d
216.58.207.225200 OK 102 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0JGRCXtO9QgZ7RjuLixUrtpidhjUEB-F7iG5jquKfDbVizGfjCDNzHoBuwN7qOmVBqwMLPXQ7GudKvoiJNosBDn4UVOWhltot1ydDhc9sSe_PZxHIAxMOaHuWjaJeEd2uFeVnsjUAlZxLoxPWf1B_4rC4BCWY3FKeP=s0-d
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x1000, components 3\012- data
Size 102 kB (101450 bytes)
Hash 2c5e82087c63de79ba51f3e458aa73c6
de3ab8c3df1afbc85747ba105bb8c292dea98d25
1aca5614464fc9c4b9ff0f24280a88c6956df535bf21ccf873ae93054ac763b4
GET /blogger_img_proxy/ANbyha0JGRCXtO9QgZ7RjuLixUrtpidhjUEB-F7iG5jquKfDbVizGfjCDNzHoBuwN7qOmVBqwMLPXQ7GudKvoiJNosBDn4UVOWhltot1ydDhc9sSe_PZxHIAxMOaHuWjaJeEd2uFeVnsjUAlZxLoxPWf1B_4rC4BCWY3FKeP=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 06 Dec 2022 10:40:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 10:40:58 GMT
server: fife
content-length: 101450
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha10IcayMg3NM95Gz-yiVfpbJVcglsmnGuizTbXzGG7B1GxPuFhSJ6fNjc8iYiU8V79PbKe7Z1frjJIvHTzFfPsEbGP4EOSURo67gAwLPJwLJJgScQ4KsEc2eWiH7bq_b5IUbtxAIxsB6PUvqaBdpWDVwCfBPHj_8VVk=s0-d
216.58.207.225200 OK 14 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha10IcayMg3NM95Gz-yiVfpbJVcglsmnGuizTbXzGG7B1GxPuFhSJ6fNjc8iYiU8V79PbKe7Z1frjJIvHTzFfPsEbGP4EOSURo67gAwLPJwLJJgScQ4KsEc2eWiH7bq_b5IUbtxAIxsB6PUvqaBdpWDVwCfBPHj_8VVk=s0-d
IP 216.58.207.225:0
File type PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Hash 99b6ab39001e40a9c495f18ef94db441
8a1b8596188a0884acead3147febafadf03000c1
83ec5af50cb8eef20a0c09a709d7add71fd5909d20005a08258d96722519a0de
GET /blogger_img_proxy/ANbyha10IcayMg3NM95Gz-yiVfpbJVcglsmnGuizTbXzGG7B1GxPuFhSJ6fNjc8iYiU8V79PbKe7Z1frjJIvHTzFfPsEbGP4EOSURo67gAwLPJwLJJgScQ4KsEc2eWiH7bq_b5IUbtxAIxsB6PUvqaBdpWDVwCfBPHj_8VVk=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 06 Dec 2022 10:40:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 10:40:58 GMT
server: fife
content-length: 13828
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e9683ef74d7f1414f8210002e957c72c
f8efe791305fff907c5599754d60f05300673b2c
06c8b7a09c8a04bb8dce49078a332b6324cbfa919af7aa941dc8e417f2ba3d21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=141951
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Etag: "638d5239-117"
Expires: Wed, 07 Dec 2022 02:06:49 GMT
Last-Modified: Mon, 05 Dec 2022 02:06:49 GMT
Server: nginx
Content-Length: 279
free-dxf.com/storage/resized/public/designs/pictures/Y4MEE-300x1600/7800.jpg
188.114.97.1200 OK 19 kB URL HTTP/2 free-dxf.com/storage/resized/public/designs/pictures/Y4MEE-300x1600/7800.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 300x301, components 3\012- data
Hash 514df6af0f1b111062572d696da999ca
07f2efb06e2de5344e212250349687d843aed449
03faa1c64e8130b4cc685ddcb1b402cffdd0e0b6acefdb5420b0d86c301f3834
GET /storage/resized/public/designs/pictures/Y4MEE-300x1600/7800.jpg HTTP/1.1
Host: free-dxf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:40:58 GMT
content-type: image/jpeg
content-length: 18602
cache-control: public, max-age=31536000
expires: Tue, 06 Dec 2022 07:21:50 GMT
last-modified: Wed, 10 Mar 2021 09:53:49 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsaEsnIVTQY8Yo85VUdvemJ6hYuYrEANl4PHRRx8RD5IqL%2BVcDSANmS5LkOKO%2F9wqC%2B4YoVJLCb5UVfYOrDgO3b6l8IbrHOhOkK%2Bgjq5Tqygbm6ZJ%2FmUew6JjM41Ocw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774c2ab03e6db51d-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e9683ef74d7f1414f8210002e957c72c
f8efe791305fff907c5599754d60f05300673b2c
06c8b7a09c8a04bb8dce49078a332b6324cbfa919af7aa941dc8e417f2ba3d21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=141951
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:40:58 GMT
Etag: "638d5239-117"
Expires: Wed, 07 Dec 2022 02:06:49 GMT
Last-Modified: Mon, 05 Dec 2022 02:06:49 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
p.kindpng.com/picc/s/432-4322319_baby-yoda-stickers-01-mandalorian-baby-yoda-sticker.png
208.110.80.14200 OK 42 kB URL HTTP/1.1 p.kindpng.com/picc/s/432-4322319_baby-yoda-stickers-01-mandalorian-baby-yoda-sticker.png
IP 208.110.80.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 258x280, components 3\012- data
Hash 272c13ac88e6764771b19f3388ed5e53
0fa0af5c5d5a26494b0419191624acda016ec9a7
8bcd9d51cad3d393cfe9e3646232edafee79e21cc845aca8feed6b1bd4e090dc
GET /picc/s/432-4322319_baby-yoda-stickers-01-mandalorian-baby-yoda-sticker.png HTTP/1.1
Host: p.kindpng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Mon, 05 Dec 2022 10:40:58 GMT
Content-Type: image/png
Last-Modified: Sat, 14 Dec 2019 09:27:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5df4aafb-abe7"
Content-Encoding: gzip
p.kindpng.com/picc/s/778-7784491_the-mandalorian-baby-yoda-art-by-dan-hipp.png
208.110.80.14200 OK 57 kB URL HTTP/1.1 p.kindpng.com/picc/s/778-7784491_the-mandalorian-baby-yoda-art-by-dan-hipp.png
IP 208.110.80.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 303x320, components 3\012- data
Hash 9b697d54bc96839e92da41ff1fa90b92
cacfa1307df87f165643d97552b84baf78c715b0
028379ae61ca0c32cc380136a5de02034e0d2268aff3b1788d6687fcc55ae5be
GET /picc/s/778-7784491_the-mandalorian-baby-yoda-art-by-dan-hipp.png HTTP/1.1
Host: p.kindpng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Mon, 05 Dec 2022 10:40:58 GMT
Content-Type: image/png
Last-Modified: Tue, 21 Apr 2020 09:40:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e9ebf81-e3cf"
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c8dc057e31f6c9fc5b24cdb463ef479
746ce597214560f9e54a3f9ef62b824e9c802541
7a48fa3a5853f7ad6158ce2fb0f3a03d83c1bbb55e51337acb997125a78b546e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A48FA3A5853F7AD6158CE2FB0F3A03D83C1BBB55E51337ACB997125A78B546E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Mon, 05 Dec 2022 16:40:14 GMT
Date: Mon, 05 Dec 2022 10:40:59 GMT
Connection: keep-alive
www.blogger.com/dyn-css/authorization.css?targetBlogID=8051719653541364022&zx=4fc815d8-a23f-4957-940f-21ff5c254fa1
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=8051719653541364022&zx=4fc815d8-a23f-4957-940f-21ff5c254fa1
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=8051719653541364022&zx=4fc815d8-a23f-4957-940f-21ff5c254fa1 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 10:40:59 GMT
last-modified: Mon, 05 Dec 2022 10:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/a2ea5d0f3e862ce4828ea69ba848780c/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/a2ea5d0f3e862ce4828ea69ba848780c/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26975), with no line terminators
Hash ea3f3525204c1a4f51e3c8b9d04bf5aa
a0a5c72dbf7dee14e9acb19fb8912815a91fce30
25e61a0c7a1212239a186d28a49318c7a6329876c1912597054f657f8a53f800
GET /a2ea5d0f3e862ce4828ea69ba848780c/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 10:40:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 89029a7cdcb422f5163025cc0edad8c8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.blogger.com/navbar.g?targetBlogID=8051719653541364022&blogName=WahidKrishna&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://wahidkrishna.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://wahidkrishna.blogspot.com/&targetPostID=8594215502720391105&blogPostOrPageUrl=https://wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html&vt=-6432740121910992974&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
216.58.207.233200 OK 2.6 kB URL HTTP/2 www.blogger.com/navbar.g?targetBlogID=8051719653541364022&blogName=WahidKrishna&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://wahidkrishna.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://wahidkrishna.blogspot.com/&targetPostID=8594215502720391105&blogPostOrPageUrl=https://wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html&vt=-6432740121910992974&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP 216.58.207.233:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3172)
Hash c9b65b7e18166a76af24959a299bc2a4
4148afce9407e595cb706abcf9f7c49000e3fb24
8602a1d39ba76a2042d5ada7868d40e5e081f9167f68aecc32e23b957dc72a57
GET /navbar.g?targetBlogID=8051719653541364022&blogName=WahidKrishna&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://wahidkrishna.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://wahidkrishna.blogspot.com/&targetPostID=8594215502720391105&blogPostOrPageUrl=https://wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html&vt=-6432740121910992974&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 10:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2648
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.kindpng.com/picc/m/554-5549853_the-mandalorian-clip-art-baby-yoda-hd-png.png
173.208.200.108200 OK 496 kB URL HTTP/1.1 www.kindpng.com/picc/m/554-5549853_the-mandalorian-clip-art-baby-yoda-hd-png.png
IP 173.208.200.108:0
File type PNG image data, 860 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size 496 kB (495482 bytes)
Hash 6c40613b66072bd555503feb18997900
ca0fab94cc21105beaa98691b77940b4dfa69669
479ba40fab3ced4ef9615836dfd3ed0fbf91c7fb21a2c2ce51d5a0e69fdb0a8e
GET /picc/m/554-5549853_the-mandalorian-clip-art-baby-yoda-hd-png.png HTTP/1.1
Host: www.kindpng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Mon, 05 Dec 2022 10:40:58 GMT
Content-Type: image/png
Last-Modified: Sun, 26 Jan 2020 00:37:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e2cdf34-79887"
Content-Encoding: gzip
vlry5l4j5gbn.com/8546612cc3d574c06b4c0d418470a4d0/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/8546612cc3d574c06b4c0d418470a4d0/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash 20349d98ca22a84f5aff723756d3a7b1
985d9b07fbc2bed7d0527c6a92886507bb733b12
41fe769c74bed7d4dad0e071cfaad2fd6fd93108c0dabba96d8c45c8fa16d2b0
GET /8546612cc3d574c06b4c0d418470a4d0/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 10:40:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fcfcd0f059dd8cd036a329f5f4688972
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101774
Date: Mon, 05 Dec 2022 10:40:59 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 14:57:13 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9_4aJofqP40ZGS5vqmEQXq09eb7TD5vwkLtKw4Db5DN9ml2az6x7wA==
Age: 5165
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 8e55f5b9340da5c8360afc26709abf66
88a5acbf5ec18e15bca9902f83ae87e9952a31bd
c09b181c7df2b7ed06f67cd35c2c6e12803b757cec649612cfd936aedf1214de
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wahidkrishna.blogspot.com
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:40:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://wahidkrishna.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=ef444e93-f15a-4e2a-9584-209d685bfdc6:3:1; expires=Thu, 02 Dec 2032 10:40:59 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/75a9554123301b51a48e3b22b6473606/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/75a9554123301b51a48e3b22b6473606/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 9e446e64ce8bed179d31076aa551a69c
bc00b2b2bb8f83fa1e0263a8a7c6ae19567f0093
1c366af72733147bff6b12976b371410e27517a3fd9ec4a26efcf7ad46f3b309
GET /75a9554123301b51a48e3b22b6473606/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 10:40:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cb002ea9b064948945006a582a1c2dd3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 287f1325a661d8e31870278d5cd46b50
d29be6e0ece3cf189b29a82ca715433ae5701e26
4005b7d3afd6482c098524fdf1b039102d91f348142825d30b38564f78ba8c15
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wahidkrishna.blogspot.com
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:40:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://wahidkrishna.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=9bde74e5-0332-4bb9-9e7e-05dc40461fa8:3:1; expires=Thu, 02 Dec 2032 10:40:59 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 287f1325a661d8e31870278d5cd46b50
d29be6e0ece3cf189b29a82ca715433ae5701e26
4005b7d3afd6482c098524fdf1b039102d91f348142825d30b38564f78ba8c15
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wahidkrishna.blogspot.com
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Cookie: uid_id2=9bde74e5-0332-4bb9-9e7e-05dc40461fa8:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:40:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://wahidkrishna.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1TFZumNR-oOLhsW3Erl7lMQGUHkvDAoi9JR9779zEnpJr1U8jS8wexGVs19TpBHkq5Y_OMB5dIL5YybPdpL0mW4Kg1xvhoxsiOo9Fuz82vWG-WNMld6gPasiEow4hpyK6Y19igLafxcWSOfwPf8-sD0hneOa1K9_Now9OXfUNp2w7C8P1yYAbSvwuRRX1Es2hYz9yLYUnQV4w=w72-h72-p-k-no-nu
216.58.207.225200 OK 3.2 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1TFZumNR-oOLhsW3Erl7lMQGUHkvDAoi9JR9779zEnpJr1U8jS8wexGVs19TpBHkq5Y_OMB5dIL5YybPdpL0mW4Kg1xvhoxsiOo9Fuz82vWG-WNMld6gPasiEow4hpyK6Y19igLafxcWSOfwPf8-sD0hneOa1K9_Now9OXfUNp2w7C8P1yYAbSvwuRRX1Es2hYz9yLYUnQV4w=w72-h72-p-k-no-nu
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 8c84895ff2ee8017f5bfb5f33973870f
c628382ef67b2e4520a15cb3631bcde34853f6f7
d3fb0ac3ed5f6183c4b7f62a268264646f9ffd36ed44871e8ee21cd45b796ba8
GET /blogger_img_proxy/ANbyha1TFZumNR-oOLhsW3Erl7lMQGUHkvDAoi9JR9779zEnpJr1U8jS8wexGVs19TpBHkq5Y_OMB5dIL5YybPdpL0mW4Kg1xvhoxsiOo9Fuz82vWG-WNMld6gPasiEow4hpyK6Y19igLafxcWSOfwPf8-sD0hneOa1K9_Now9OXfUNp2w7C8P1yYAbSvwuRRX1Es2hYz9yLYUnQV4w=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 06 Dec 2022 10:40:59 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 10:40:59 GMT
server: fife
content-length: 3244
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6840
Expires: Mon, 05 Dec 2022 12:34:59 GMT
Date: Mon, 05 Dec 2022 10:40:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6840
Expires: Mon, 05 Dec 2022 12:34:59 GMT
Date: Mon, 05 Dec 2022 10:40:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6840
Expires: Mon, 05 Dec 2022 12:34:59 GMT
Date: Mon, 05 Dec 2022 10:40:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1be5ade2f8eb160f9974766374c9dd01
8d3d92355304ccfcd50ae96f55b2754220f05187
5087642c70cd92613c2a490b532fc7651c4b25f8712a59b4f7a178cc44cdf90f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6827
x-amzn-requestid: d4dfc77c-65cc-46f1-b8a3-ea6cebd0976d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYE2woAMFgPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-639ca0813c23b9cb75ff24c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhweRJZbG0P_lxekUIz506RXW5f9iVQ1Cvfg-k3gJTWHIrzTu2uenQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:26:44 GMT
age: 26055
etag: "8d3d92355304ccfcd50ae96f55b2754220f05187"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 46700
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 46275
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/475f67a0392a4024f64fe9d2b911a42e/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/475f67a0392a4024f64fe9d2b911a42e/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Hash 2958a52282d0bb99d7362e668af4a26c
44ed40bb1bbbfa5db5442f9dee00eafae7efe2f2
9ff0ccac4e72fb2197c7740c2af2124765e36230cb36fbfee43aa301ab27457a
GET /475f67a0392a4024f64fe9d2b911a42e/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 10:40:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 89cdf8714a60404c56813df1f179d5ce
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 46614
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 12:09:06 GMT
age: 81113
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6079166a1ed5bac7373183f03f33b84e
b0c9391b87a4560598e43d5084dda41e267974a9
3e2faccbc3e14a10da4a433d789068cdc3fb2d3e2a04a7e2b7ea5f6f6313dcd4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13647
x-amzn-requestid: 36276b12-9e02-4d00-a100-9aa5c794fc79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ueEWUoAMFj7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1329-7abb45a85c6bc2235c25d61e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Au3s215cCYumuz8qJ7dQFYQ45s4XRo0-zzFcnRLv7gNb3aFHpKnGwg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:07 GMT
age: 46132
etag: "b0c9391b87a4560598e43d5084dda41e267974a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 684d9efc40eb90ee751779681b28b991
d7bdbcf549773710308de7216f8d6081b01a39b1
0302eafe6839faa61f31957344f5a92978d360ad312c7aa54da01464ba51d44d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0302EAFE6839FAA61F31957344F5A92978D360AD312C7AA54DA01464BA51D44D"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6960
Expires: Mon, 05 Dec 2022 12:36:59 GMT
Date: Mon, 05 Dec 2022 10:40:59 GMT
Connection: keep-alive
cdn.shopify.com/s/files/1/0569/6074/5661/products/badbunnytumbler601_1024x1024.jpg?v=1660107613
162.159.135.68200 OK 190 kB URL HTTP/2 cdn.shopify.com/s/files/1/0569/6074/5661/products/badbunnytumbler601_1024x1024.jpg?v=1660107613
IP 162.159.135.68:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 190 kB (190438 bytes)
Hash 8a5b9e4c53ad12e6e8d25c1c8f399c99
b7305a1877ed6235fa10abbd362a6dc6bfb1879e
3b514d8644d42c3660cec3c45c5d5b85a96f9e81e3b771a1754e823167ce0395
GET /s/files/1/0569/6074/5661/products/badbunnytumbler601_1024x1024.jpg?v=1660107613 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:00 GMT
content-type: image/webp
content-length: 190438
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0569/6074/5661/products/badbunnytumbler601_1024x1024.jpg>; rel="canonical"
source-length: 3707517
source-type: image/jpeg
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 984014cf-4396-4cdc-b57e-81ca9f8072cb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-east1
last-modified: Mon, 05 Dec 2022 10:40:59 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnxyU5udWSxHNxjnAFNTu5SIrZWugKD%2B42XiAGXiWvZXXG5NF0BnoE2nsDCROhvnwtNRo%2F1TDlpYL8oTKVNYAkVCTQQZnnB4tg%2B6HOXPhXmBfY80Z5z2gwS0YrzQSmaMSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=920.496, imageryFetch;dur=140.602, imageryProcess;dur=547.961;desc="image", cfRequestDuration;dur=1345.999956
server: cloudflare
cf-ray: 774c2aaf6d57b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dd201b9395bcc192b5aa816bde9f2e12
5dbd4c78f1f92bb5ae4e3879950a42fe9870ef59
a33379f96a925c20b8f1799b4520c7803c97a021799689213fcc9ff3107a9d56
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A33379F96A925C20B8F1799B4520C7803C97A021799689213FCC9FF3107A9D56"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9096
Expires: Mon, 05 Dec 2022 13:12:36 GMT
Date: Mon, 05 Dec 2022 10:41:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c446a0c33114f1b4aec3d6f2ef405b99
0aaf09592c1f43b4e72a7ec6fbc8b9af4742b566
9a99c00ff4509e10ba73496d354471e5fee71cc04343377374925e6ba1ed8838
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A99C00FF4509E10BA73496D354471E5FEE71CC04343377374925E6BA1ED8838"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4319
Expires: Mon, 05 Dec 2022 11:52:59 GMT
Date: Mon, 05 Dec 2022 10:41:00 GMT
Connection: keep-alive
vlry5l4j5gbn.com/e69352f690a12fcbce1c792a36513e94/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/e69352f690a12fcbce1c792a36513e94/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26967), with no line terminators
Hash 9e89a1f136e15407aa2151cad0385ac4
08250e53137d232997c3e3ae146d42c39acdb6de
ea00970adbe86ca87cadedbe08645ba606d4a07d1ea1654003dce417f46d289b
GET /e69352f690a12fcbce1c792a36513e94/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 10:40:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8ebce4bfa0ce8bdbd43b9929457f7885
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 206ba62e3ac45d76baa935ea64fa2edd
4b9f2ab2a56aa6896ccb977dde33dadff86356de
6cbb311ca876627609acd3dcba58520b80ccb10d3b3a705bfe9ad02d26329841
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6CBB311CA876627609ACD3DCBA58520B80CCB10D3B3A705BFE9AD02D26329841"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7002
Expires: Mon, 05 Dec 2022 12:37:42 GMT
Date: Mon, 05 Dec 2022 10:41:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8fd42874e879a9e5845926aac5d95563
a1142a772cb25f01bbd893e6e4cc1017673d2e89
e8c316bedb8a7897e78b7693828fa235c3879f9eea00d696d5ec879f2ed3a655
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8C316BEDB8A7897E78B7693828FA235C3879F9EEA00D696D5EC879F2ED3A655"
Last-Modified: Sun, 04 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6902
Expires: Mon, 05 Dec 2022 12:36:02 GMT
Date: Mon, 05 Dec 2022 10:41:00 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:41:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:41:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:41:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
semicoloninadequacypleasantly.com/watch.167588639108.js?key=a2ea5d0f3e862ce4828ea69ba848780c&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=ef444e93-f15a-4e2a-9584-209d685bfdc6%3A3%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 semicoloninadequacypleasantly.com/watch.167588639108.js?key=a2ea5d0f3e862ce4828ea69ba848780c&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=ef444e93-f15a-4e2a-9584-209d685bfdc6%3A3%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.167588639108.js?key=a2ea5d0f3e862ce4828ea69ba848780c&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=ef444e93-f15a-4e2a-9584-209d685bfdc6%3A3%3A1 HTTP/1.1
Host: semicoloninadequacypleasantly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wahidkrishna.blogspot.com
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 10:41:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://wahidkrishna.blogspot.com
Access-Control-Allow-Origin: https://wahidkrishna.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://semicoloninadequacypleasantly.com/watch.167588639108.js?key=a2ea5d0f3e862ce4828ea69ba848780c&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=ef444e93-f15a-4e2a-9584-209d685bfdc6%3A3%3A1&shu=d2dbcdcfc3b63fdd1a9acf03d6913508b293ab771b9d4ef63aed333bb7d125daa82f13bd0e6adb2f3d2aca1154fb27e524fbf428e7dd94c2747536bd844c9b3dc0729ea4bf3e88a357e4ac6e0696ed3061078adbb0752035ebd21ab2e03bdf725a4ea133&pst=1670236920&rmtc=t
Set-Cookie: u_pl=17037309; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzNzMwOSwiayI6ImEyZWE1ZDBmM2U4NjJjZTQ4MjhlYTY5YmE4NDg3ODBjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJlbTNhd21ocmciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93YWhpZGtyaXNobmEuYmxvZ3Nwb3QuY29tLzIwMjIvMTEvMjMtbWFuZGFsb3JpYW4tY2xpcC1hcnQtZnJlZS5odG1sIn19.ae0N7e1o3n94caspU-t8dSAT_jCuUZlPl9sntTASusY; expires=Mon, 05 Dec 2022 10:42:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1522659a7f61f9488dca9e9d42fcd8bf
Strict-Transport-Security: max-age=0; includeSubdomains
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
142.250.74.35200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wahidkrishna.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:08:51 GMT
expires: Tue, 28 Nov 2023 21:08:51 GMT
cache-control: public, max-age=31536000
age: 567129
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wahidkrishna.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:21 GMT
expires: Fri, 01 Dec 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 339099
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:41:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2aecb4f85e02ebc697bb91bb67456d82
2ef35add95a18ac5846ee32df0dd0a63700a2133
4bc2f398453e4555768605e037634156176592626df384f881d782e85b316ca9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BC2F398453E4555768605E037634156176592626DF384F881D782E85B316CA9"
Last-Modified: Fri, 02 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1434
Expires: Mon, 05 Dec 2022 11:04:54 GMT
Date: Mon, 05 Dec 2022 10:41:00 GMT
Connection: keep-alive
kidhumiliateessay.com/watch.1411139222256.js?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 kidhumiliateessay.com/watch.1411139222256.js?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1411139222256.js?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1 HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wahidkrishna.blogspot.com
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 10:41:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://wahidkrishna.blogspot.com
Access-Control-Allow-Origin: https://wahidkrishna.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://kidhumiliateessay.com/watch.1411139222256.js?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&shu=b2a6e36ecab44cee542655b74a1233154d688e7d68c71cae79e9736e4ffae3f64bba83bcd315816fe67a274f506af292a86f3b3bdbabcf2298a6dc9f2bfbed7dfd2168e6b7b90fd62f4d638990e0de584d57b75c&pst=1670236920&rmtc=t
Set-Cookie: u_pl=17037282; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzNzI4MiwiayI6Ijc1YTk1NTQxMjMzMDFiNTFhNDhlM2IyMmI2NDczNjA2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6ImZnZ2t0Nzc3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd2FoaWRrcmlzaG5hLmJsb2dzcG90LmNvbS8yMDIyLzExLzIzLW1hbmRhbG9yaWFuLWNsaXAtYXJ0LWZyZWUuaHRtbCJ9fQ.AMFQ6-u780oYyuSxzwGokukiblm63MN60XnPGL4c92s; expires=Mon, 05 Dec 2022 10:42:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3bc92411517d0ff183d4bf97d85f73c5
Strict-Transport-Security: max-age=0; includeSubdomains
soldierreproduceadmiration.com/watch.1448599987725.js?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 soldierreproduceadmiration.com/watch.1448599987725.js?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1448599987725.js?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wahidkrishna.blogspot.com
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 10:41:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://wahidkrishna.blogspot.com
Access-Control-Allow-Origin: https://wahidkrishna.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://soldierreproduceadmiration.com/watch.1448599987725.js?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&shu=96c7e8830750f5c53b99ea2c827cb1edd11639ea1e9a821e6bc5c6697412d8af67b65657c2b6886d6b73f4681c561fec79e43e2590673b70a62540303dc0b058aadb04e86cc768c8239e5af9598142ea8dc4a0d0&pst=1670236920&rmtc=t
Set-Cookie: u_pl=17902416; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzkwMjQxNiwiayI6Ijg1NDY2MTJjYzNkNTc0YzA2YjRjMGQ0MTg0NzBhNGQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI2LCJwdCI6NCwicGsiOiJ4dDI4a3o2NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3dhaGlka3Jpc2huYS5ibG9nc3BvdC5jb20vMjAyMi8xMS8yMy1tYW5kYWxvcmlhbi1jbGlwLWFydC1mcmVlLmh0bWwifX0.0UuwC8c8WbgtBcKujNrFUJVglHK7g35jqrRdgWZ6-uc; expires=Mon, 05 Dec 2022 10:42:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ac866d7fbd5edf31fce3ae5e55651c1
Strict-Transport-Security: max-age=0; includeSubdomains
semicoloninadequacypleasantly.com/watch.167588639108.js?key=a2ea5d0f3e862ce4828ea69ba848780c&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=ef444e93-f15a-4e2a-9584-209d685bfdc6%3A3%3A1&shu=d2dbcdcfc3b63fdd1a9acf03d6913508b293ab771b9d4ef63aed333bb7d125daa82f13bd0e6adb2f3d2aca1154fb27e524fbf428e7dd94c2747536bd844c9b3dc0729ea4bf3e88a357e4ac6e0696ed3061078adbb0752035ebd21ab2e03bdf725a4ea133&pst=1670236920&rmtc=t
173.233.137.36200 OK 641 B URL HTTP/1.1 semicoloninadequacypleasantly.com/watch.167588639108.js?key=a2ea5d0f3e862ce4828ea69ba848780c&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=ef444e93-f15a-4e2a-9584-209d685bfdc6%3A3%3A1&shu=d2dbcdcfc3b63fdd1a9acf03d6913508b293ab771b9d4ef63aed333bb7d125daa82f13bd0e6adb2f3d2aca1154fb27e524fbf428e7dd94c2747536bd844c9b3dc0729ea4bf3e88a357e4ac6e0696ed3061078adbb0752035ebd21ab2e03bdf725a4ea133&pst=1670236920&rmtc=t
IP 173.233.137.36:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (601)
Hash b253797420b9aa242d7e9569a110ac32
5ec9b9e636d8ef28d0fe71303cb0819b933e3161
98ad6f61cde1a6de8e2cdd473dee75e3e3477221a0ab9068bbdeb723123af539
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.167588639108.js?key=a2ea5d0f3e862ce4828ea69ba848780c&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=ef444e93-f15a-4e2a-9584-209d685bfdc6%3A3%3A1&shu=d2dbcdcfc3b63fdd1a9acf03d6913508b293ab771b9d4ef63aed333bb7d125daa82f13bd0e6adb2f3d2aca1154fb27e524fbf428e7dd94c2747536bd844c9b3dc0729ea4bf3e88a357e4ac6e0696ed3061078adbb0752035ebd21ab2e03bdf725a4ea133&pst=1670236920&rmtc=t HTTP/1.1
Host: semicoloninadequacypleasantly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wahidkrishna.blogspot.com
Referer: https://wahidkrishna.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17037309; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzNzMwOSwiayI6ImEyZWE1ZDBmM2U4NjJjZTQ4MjhlYTY5YmE4NDg3ODBjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJlbTNhd21ocmciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93YWhpZGtyaXNobmEuYmxvZ3Nwb3QuY29tLzIwMjIvMTEvMjMtbWFuZGFsb3JpYW4tY2xpcC1hcnQtZnJlZS5odG1sIn19.ae0N7e1o3n94caspU-t8dSAT_jCuUZlPl9sntTASusY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 10:41:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://wahidkrishna.blogspot.com
Access-Control-Allow-Origin: https://wahidkrishna.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=ef444e93-f15a-4e2a-9584-209d685bfdc6:3:1; expires=Mon, 12 Dec 2022 10:41:00 GMT; secure; SameSite=None
iprca0a94d4d3af6160a647dadaa44484f00=2717343; expires=Tue, 06 Dec 2022 12:41:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
pdhtkv23=true; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
uncs23=1; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b5cd562fb4a0f5569b165f039c113278
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
skinneroverturn.com/watch.108884267837.js?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 skinneroverturn.com/watch.108884267837.js?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.108884267837.js?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1 HTTP/1.1
Host: skinneroverturn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wahidkrishna.blogspot.com
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 10:41:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://wahidkrishna.blogspot.com
Access-Control-Allow-Origin: https://wahidkrishna.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://skinneroverturn.com/watch.108884267837.js?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&shu=ac23e02d3f2767fa699ef86f4b375775706f60e69234cb418d1cbff39790d2f552d46d9573772f51d5cebdc6697df15ff928ef357c4c94a42d9c22a68697318f99ef21205345842c4dab0deccc80f50feb07dcdf&pst=1670236920&rmtc=t
Set-Cookie: u_pl=17569139; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2OTEzOSwiayI6IjQ3NWY2N2EwMzkyYTQwMjRmNjRmZTlkMmI5MTFhNDJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJza2Q2NG45NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3dhaGlka3Jpc2huYS5ibG9nc3BvdC5jb20vMjAyMi8xMS8yMy1tYW5kYWxvcmlhbi1jbGlwLWFydC1mcmVlLmh0bWwifX0.y_12fGs0Mzv6fG9p7UEa5Y6JwXlmIesB_I1AAOWji-A; expires=Mon, 05 Dec 2022 10:42:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 63dfc4be58063a2c178016cf0b28559e
Strict-Transport-Security: max-age=0; includeSubdomains
organexpectationsmaintain.com/watch.1139030039890?key=e69352f690a12fcbce1c792a36513e94&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
173.233.137.36200 OK 1.2 kB URL HTTP/1.1 organexpectationsmaintain.com/watch.1139030039890?key=e69352f690a12fcbce1c792a36513e94&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (558)
Hash ba468c0b4a4abd9df4f790501e751cca
64393472e4ed5a2c91bc752c007ed1e883b61e34
796d5b787fe46e06df9108658f35366469d36fbeee68f301f97e6e1fb613de59
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1139030039890?key=e69352f690a12fcbce1c792a36513e94&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1 HTTP/1.1
Host: organexpectationsmaintain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 10:41:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17569137; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2OTEzNywiayI6ImU2OTM1MmY2OTBhMTJmY2JjZTFjNzkyYTM2NTEzZTk0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJyaW14aDZybjZ0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd2FoaWRrcmlzaG5hLmJsb2dzcG90LmNvbS8yMDIyLzExLzIzLW1hbmRhbG9yaWFuLWNsaXAtYXJ0LWZyZWUuaHRtbCJ9fQ.hRApVpeItcyL3aqmrF7-yp06QVn1gnFntDw9aoiGE4c; expires=Mon, 05 Dec 2022 10:42:00 GMT; secure; SameSite=None
uid_id2=9bde74e5-0332-4bb9-9e7e-05dc40461fa8:3:1; expires=Mon, 12 Dec 2022 10:41:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 06d523de0e7daceede63b218db870bbf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
skinneroverturn.com/watch.108884267837?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
192.243.59.20200 OK 1.2 kB URL HTTP/1.1 skinneroverturn.com/watch.108884267837?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (558)
Hash 6d567738574db1879f53715f7ba1c204
2b5f25f44cffe40268eceab4f75120474db37b51
0cfc1bac6dcdab7ca4b3cd1f8c1e01a8ba5a402ac7609793a0152a40552fffb7
GET /watch.108884267837?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1 HTTP/1.1
Host: skinneroverturn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Cookie: u_pl=17569139; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2OTEzOSwiayI6IjQ3NWY2N2EwMzkyYTQwMjRmNjRmZTlkMmI5MTFhNDJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJza2Q2NG45NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3dhaGlka3Jpc2huYS5ibG9nc3BvdC5jb20vMjAyMi8xMS8yMy1tYW5kYWxvcmlhbi1jbGlwLWFydC1mcmVlLmh0bWwifX0.y_12fGs0Mzv6fG9p7UEa5Y6JwXlmIesB_I1AAOWji-A
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 10:41:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2OTEzOSwiayI6IjQ3NWY2N2EwMzkyYTQwMjRmNjRmZTlkMmI5MTFhNDJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJza2Q2NG45NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly93YWhpZGtyaXNobmEuYmxvZ3Nwb3QuY29tLzIwMjIvMTEvMjMtbWFuZGFsb3JpYW4tY2xpcC1hcnQtZnJlZS5odG1sIn19.MKBuIe8FDujE_3C1ZMvYOjHJH_RW1RC6XwiHlry6eeo; expires=Mon, 05 Dec 2022 10:42:00 GMT; secure; SameSite=None
uid_id2=9bde74e5-0332-4bb9-9e7e-05dc40461fa8:3:1; expires=Mon, 12 Dec 2022 10:41:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be9a4c01ff8b46b2f0a8234856d9970e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
soldierreproduceadmiration.com/watch.1448599987725?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
192.243.59.20200 OK 1.2 kB URL HTTP/1.1 soldierreproduceadmiration.com/watch.1448599987725?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (558)
Hash b9a157e1e3db8843d85cf775283cab1b
53dff847d4b66fd961deeadaf498437b0cce7ca4
9c92b47807bff5fa6fa7f74586aedc4cff50e4972b3b6461cb0941ac4aef2080
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1448599987725?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Cookie: u_pl=17902416; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzkwMjQxNiwiayI6Ijg1NDY2MTJjYzNkNTc0YzA2YjRjMGQ0MTg0NzBhNGQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI2LCJwdCI6NCwicGsiOiJ4dDI4a3o2NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3dhaGlka3Jpc2huYS5ibG9nc3BvdC5jb20vMjAyMi8xMS8yMy1tYW5kYWxvcmlhbi1jbGlwLWFydC1mcmVlLmh0bWwifX0.0UuwC8c8WbgtBcKujNrFUJVglHK7g35jqrRdgWZ6-uc
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 10:41:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzkwMjQxNiwiayI6Ijg1NDY2MTJjYzNkNTc0YzA2YjRjMGQ0MTg0NzBhNGQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI2LCJwdCI6NCwicGsiOiJ4dDI4a3o2NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly93YWhpZGtyaXNobmEuYmxvZ3Nwb3QuY29tLzIwMjIvMTEvMjMtbWFuZGFsb3JpYW4tY2xpcC1hcnQtZnJlZS5odG1sIn19.sFkrRF-L_USNAMIk6rPFGV922fArAzTIRgK-wdvtg8U; expires=Mon, 05 Dec 2022 10:42:00 GMT; secure; SameSite=None
uid_id2=9bde74e5-0332-4bb9-9e7e-05dc40461fa8:3:1; expires=Mon, 12 Dec 2022 10:41:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4c5e6a281c5926feec1fcbd33b68ef6e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
kidhumiliateessay.com/watch.1411139222256?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
192.243.59.13200 OK 1.2 kB URL HTTP/1.1 kidhumiliateessay.com/watch.1411139222256?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (558)
Hash dc27909776b3f8d3463cf7056f7133c2
f324e6d97f32eaf4b539a1392cc36ae6a90d3c75
01a6abf64c017e9070cace91ba93f28fc90c6ae7fef22d629be9a3674d12561e
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1411139222256?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1 HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Cookie: u_pl=17037282; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzNzI4MiwiayI6Ijc1YTk1NTQxMjMzMDFiNTFhNDhlM2IyMmI2NDczNjA2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6ImZnZ2t0Nzc3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd2FoaWRrcmlzaG5hLmJsb2dzcG90LmNvbS8yMDIyLzExLzIzLW1hbmRhbG9yaWFuLWNsaXAtYXJ0LWZyZWUuaHRtbCJ9fQ.AMFQ6-u780oYyuSxzwGokukiblm63MN60XnPGL4c92s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 10:41:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzNzI4MiwiayI6Ijc1YTk1NTQxMjMzMDFiNTFhNDhlM2IyMmI2NDczNjA2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6ImZnZ2t0Nzc3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3dhaGlka3Jpc2huYS5ibG9nc3BvdC5jb20vMjAyMi8xMS8yMy1tYW5kYWxvcmlhbi1jbGlwLWFydC1mcmVlLmh0bWwifX0.oEzeoWSJkK0LDoRvHwwe7NnLINNgjpUt7YQzCCC3-p0; expires=Mon, 05 Dec 2022 10:42:00 GMT; secure; SameSite=None
uid_id2=9bde74e5-0332-4bb9-9e7e-05dc40461fa8:3:1; expires=Mon, 12 Dec 2022 10:41:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f2d3097bbd3ebabe824afadd4dbdc52d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
organexpectationsmaintain.com/watch.1139030039890?shu=a36a2b7689ca216976d727ee00d1486a0ab7c0dc9db914015268f29070130365b3b28499e001e998f86d47aa0023a30d07ddc8440edcaf15aa37854d7ae76672b8f11923cc75ee7d02a29ef457ad31de7c1f9cf271a12e7ae8732d49516aaf&pst=1670236920&rmtc=t&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&pii=&in=false&key=e69352f690a12fcbce1c792a36513e94&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&tz=0&dev=e&res=12.1055
173.233.137.36200 OK 1.8 kB URL HTTP/1.1 organexpectationsmaintain.com/watch.1139030039890?shu=a36a2b7689ca216976d727ee00d1486a0ab7c0dc9db914015268f29070130365b3b28499e001e998f86d47aa0023a30d07ddc8440edcaf15aa37854d7ae76672b8f11923cc75ee7d02a29ef457ad31de7c1f9cf271a12e7ae8732d49516aaf&pst=1670236920&rmtc=t&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&pii=&in=false&key=e69352f690a12fcbce1c792a36513e94&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&tz=0&dev=e&res=12.1055
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2557)
Hash ca711f33dc4fe1de5b7de82e00ef77bc
0628adbe65f4e8b66b89972910e7ba754a6af395
77e208b9c07a7daeea9c9b060eec741d0bc6a01e5435c3eeb267d02971bdd20c
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1139030039890?shu=a36a2b7689ca216976d727ee00d1486a0ab7c0dc9db914015268f29070130365b3b28499e001e998f86d47aa0023a30d07ddc8440edcaf15aa37854d7ae76672b8f11923cc75ee7d02a29ef457ad31de7c1f9cf271a12e7ae8732d49516aaf&pst=1670236920&rmtc=t&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&pii=&in=false&key=e69352f690a12fcbce1c792a36513e94&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: organexpectationsmaintain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://organexpectationsmaintain.com/watch.1139030039890?key=e69352f690a12fcbce1c792a36513e94&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
Cookie: u_pl=17569137; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2OTEzNywiayI6ImU2OTM1MmY2OTBhMTJmY2JjZTFjNzkyYTM2NTEzZTk0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJyaW14aDZybjZ0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd2FoaWRrcmlzaG5hLmJsb2dzcG90LmNvbS8yMDIyLzExLzIzLW1hbmRhbG9yaWFuLWNsaXAtYXJ0LWZyZWUuaHRtbCJ9fQ.hRApVpeItcyL3aqmrF7-yp06QVn1gnFntDw9aoiGE4c; uid_id2=9bde74e5-0332-4bb9-9e7e-05dc40461fa8:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 10:41:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html
Access-Control-Allow-Origin: https://wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9bde74e5-0332-4bb9-9e7e-05dc40461fa8:3:1; expires=Mon, 12 Dec 2022 10:41:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 05aa5c82d602c654959d438f6084e255
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
skinneroverturn.com/watch.108884267837?shu=11d802e0c39d09700e2aa039c9431af2bc03bfba68406b0258813c7a51ac1822b4d211f7fadbd146fec1d6643eac58a4d2a257656ad7a6c268e5f71808d82ff6079846dfbf39b6f6435d1e9e108a5c770c596f4be8f39e36db14e3b8c6ee51253e&pst=1670236920&rmtc=t&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&pii=&in=false&key=475f67a0392a4024f64fe9d2b911a42e&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&tz=0&dev=e&res=12.1055
192.243.59.20200 OK 1.8 kB URL HTTP/1.1 skinneroverturn.com/watch.108884267837?shu=11d802e0c39d09700e2aa039c9431af2bc03bfba68406b0258813c7a51ac1822b4d211f7fadbd146fec1d6643eac58a4d2a257656ad7a6c268e5f71808d82ff6079846dfbf39b6f6435d1e9e108a5c770c596f4be8f39e36db14e3b8c6ee51253e&pst=1670236920&rmtc=t&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&pii=&in=false&key=475f67a0392a4024f64fe9d2b911a42e&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&tz=0&dev=e&res=12.1055
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2423)
Hash 22799030d84c529816320f98f20747a7
c5da87b67326c27fb196479454e4fd77ede64df1
93c79886d1060bc4443183b0ed77f296b472caa3a95d9989e3e15c019a6ab408
GET /watch.108884267837?shu=11d802e0c39d09700e2aa039c9431af2bc03bfba68406b0258813c7a51ac1822b4d211f7fadbd146fec1d6643eac58a4d2a257656ad7a6c268e5f71808d82ff6079846dfbf39b6f6435d1e9e108a5c770c596f4be8f39e36db14e3b8c6ee51253e&pst=1670236920&rmtc=t&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&pii=&in=false&key=475f67a0392a4024f64fe9d2b911a42e&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: skinneroverturn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinneroverturn.com/watch.108884267837?key=475f67a0392a4024f64fe9d2b911a42e&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
Cookie: u_pl=17569139; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2OTEzOSwiayI6IjQ3NWY2N2EwMzkyYTQwMjRmNjRmZTlkMmI5MTFhNDJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJza2Q2NG45NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly93YWhpZGtyaXNobmEuYmxvZ3Nwb3QuY29tLzIwMjIvMTEvMjMtbWFuZGFsb3JpYW4tY2xpcC1hcnQtZnJlZS5odG1sIn19.MKBuIe8FDujE_3C1ZMvYOjHJH_RW1RC6XwiHlry6eeo; uid_id2=9bde74e5-0332-4bb9-9e7e-05dc40461fa8:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 10:41:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html
Access-Control-Allow-Origin: https://wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9bde74e5-0332-4bb9-9e7e-05dc40461fa8:3:1; expires=Mon, 12 Dec 2022 10:41:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6c15786468055ff1f8a50776c9b5e43b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
kidhumiliateessay.com/watch.1411139222256?shu=39a42fab0dad78ea90173922f91d8e2833865cff26bf7eb8956e7d44283292021696e430f645730441a84f521661abe28907432e5ce7b927464ec95c66ae9a1b24c5279bd8b898cfe69fca369db1af09a7074c38&pst=1670236920&rmtc=t&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&pii=&in=false&key=75a9554123301b51a48e3b22b6473606&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&res=12.1055&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&tz=0&dev=e
192.243.59.13200 OK 1.8 kB URL HTTP/1.1 kidhumiliateessay.com/watch.1411139222256?shu=39a42fab0dad78ea90173922f91d8e2833865cff26bf7eb8956e7d44283292021696e430f645730441a84f521661abe28907432e5ce7b927464ec95c66ae9a1b24c5279bd8b898cfe69fca369db1af09a7074c38&pst=1670236920&rmtc=t&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&pii=&in=false&key=75a9554123301b51a48e3b22b6473606&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&res=12.1055&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&tz=0&dev=e
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2528)
Hash b968d80332cb01bbd72505a314fdf224
4da75b102711ed7f5faa0643ebc520963f872d4b
335b28e3404ac77f391296bd1039dd95be22f44cca8b0a3d87e3ffb8fbcb27c0
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1411139222256?shu=39a42fab0dad78ea90173922f91d8e2833865cff26bf7eb8956e7d44283292021696e430f645730441a84f521661abe28907432e5ce7b927464ec95c66ae9a1b24c5279bd8b898cfe69fca369db1af09a7074c38&pst=1670236920&rmtc=t&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&pii=&in=false&key=75a9554123301b51a48e3b22b6473606&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&res=12.1055&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&tz=0&dev=e HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kidhumiliateessay.com/watch.1411139222256?key=75a9554123301b51a48e3b22b6473606&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
Cookie: u_pl=17037282; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzNzI4MiwiayI6Ijc1YTk1NTQxMjMzMDFiNTFhNDhlM2IyMmI2NDczNjA2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6ImZnZ2t0Nzc3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3dhaGlka3Jpc2huYS5ibG9nc3BvdC5jb20vMjAyMi8xMS8yMy1tYW5kYWxvcmlhbi1jbGlwLWFydC1mcmVlLmh0bWwifX0.oEzeoWSJkK0LDoRvHwwe7NnLINNgjpUt7YQzCCC3-p0; uid_id2=9bde74e5-0332-4bb9-9e7e-05dc40461fa8:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 10:41:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html
Access-Control-Allow-Origin: https://wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9bde74e5-0332-4bb9-9e7e-05dc40461fa8:3:1; expires=Mon, 12 Dec 2022 10:41:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2cd78c5b0942123720257026a2f420a2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
soldierreproduceadmiration.com/watch.1448599987725?shu=7992f128ec026671d9f65ce3a142c171d73221434bbc148e0412a9cf8ea0ac3aa2f270f675cd5769443338c4412b0d76feadb85752d051a3fcfddc8875184f1fb098b7ab15cea8c1d36ef2c3b33baad7ead990c2&pst=1670236920&rmtc=t&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&pii=&in=false&key=8546612cc3d574c06b4c0d418470a4d0&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D
192.243.59.20200 OK 1.8 kB URL HTTP/1.1 soldierreproduceadmiration.com/watch.1448599987725?shu=7992f128ec026671d9f65ce3a142c171d73221434bbc148e0412a9cf8ea0ac3aa2f270f675cd5769443338c4412b0d76feadb85752d051a3fcfddc8875184f1fb098b7ab15cea8c1d36ef2c3b33baad7ead990c2&pst=1670236920&rmtc=t&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&pii=&in=false&key=8546612cc3d574c06b4c0d418470a4d0&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2475)
Hash 21e35dfef965268bfe2d916f789c7f50
522aa383be9f8265dc77fc34f06623134a662373
6b527d56f08a1dfaae5fc07b1c729b8444586230fe7253cbfe47703abbf3a882
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1448599987725?shu=7992f128ec026671d9f65ce3a142c171d73221434bbc148e0412a9cf8ea0ac3aa2f270f675cd5769443338c4412b0d76feadb85752d051a3fcfddc8875184f1fb098b7ab15cea8c1d36ef2c3b33baad7ead990c2&pst=1670236920&rmtc=t&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1&pii=&in=false&key=8546612cc3d574c06b4c0d418470a4d0&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soldierreproduceadmiration.com/watch.1448599987725?key=8546612cc3d574c06b4c0d418470a4d0&kw=%5B%2223%2B%22%2C%22mandalorian%22%2C%22clip%22%2C%22art%22%2C%22free%22%2C%22-%22%2C%22wahidkrishna%22%5D&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F2022%2F11%2F23-mandalorian-clip-art-free.html&tz=0&dev=e&res=12.1055&uuid=9bde74e5-0332-4bb9-9e7e-05dc40461fa8%3A3%3A1
Cookie: u_pl=17902416; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzkwMjQxNiwiayI6Ijg1NDY2MTJjYzNkNTc0YzA2YjRjMGQ0MTg0NzBhNGQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4NDcyLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI2LCJwdCI6NCwicGsiOiJ4dDI4a3o2NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly93YWhpZGtyaXNobmEuYmxvZ3Nwb3QuY29tLzIwMjIvMTEvMjMtbWFuZGFsb3JpYW4tY2xpcC1hcnQtZnJlZS5odG1sIn19.sFkrRF-L_USNAMIk6rPFGV922fArAzTIRgK-wdvtg8U; uid_id2=9bde74e5-0332-4bb9-9e7e-05dc40461fa8:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 10:41:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html
Access-Control-Allow-Origin: https://wahidkrishna.blogspot.com/2022/11/23-mandalorian-clip-art-free.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9bde74e5-0332-4bb9-9e7e-05dc40461fa8:3:1; expires=Mon, 12 Dec 2022 10:41:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
pdhtkv26=true; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
uncs26=1; expires=Tue, 06 Dec 2022 10:41:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d62490ffcc593378a7992e837dedfcf8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c69a25b07dd690540ccbd3dcd885b7d8
3e457a884cdd89322592e571f7c5411a99eba29f
b28b957159b81b77f88525867c2261ddab32ed9a4f3b3fd71e727bd5522d93d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B28B957159B81B77F88525867C2261DDAB32ED9A4F3B3FD71E727BD5522D93D7"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7732
Expires: Mon, 05 Dec 2022 12:49:53 GMT
Date: Mon, 05 Dec 2022 10:41:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5575d12e87dd96f370a6ef6332c460bf
4fc5e8837b5c0fcfeba488c58afe7915ae94434f
67016264f28c5cfaf12fa4aa15e69af8f2fc249c2c6eb3428f4723abb5541ec6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67016264F28C5CFAF12FA4AA15E69AF8F2FC249C2C6EB3428F4723ABB5541EC6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11778
Expires: Mon, 05 Dec 2022 13:57:19 GMT
Date: Mon, 05 Dec 2022 10:41:01 GMT
Connection: keep-alive
cdn.cloudimagesb.com/bi/8e/48/09/8e4809fdac8d433c09cbbe08d2015f79/1667211575.jpg
45.133.44.10200 OK 8.3 kB URL HTTP/2 cdn.cloudimagesb.com/bi/8e/48/09/8e4809fdac8d433c09cbbe08d2015f79/1667211575.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 320x50, components 3\012- data
Hash 064c364e4da807137822586d3404daec
682d5ee1b3c89560368067d3999fccc69c8d8c8f
5345d375a3c613af86cd290886d54767162db9eeab7ffe43650ec17cdc1a57b0
GET /bi/8e/48/09/8e4809fdac8d433c09cbbe08d2015f79/1667211575.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://organexpectationsmaintain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:01 GMT
content-type: image/jpeg
content-length: 8326
server: nginx/1.17.6
last-modified: Mon, 31 Oct 2022 10:19:43 GMT
etag: "635fa13f-2086"
expires: Wed, 07 Dec 2022 10:41:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/ed/01/e1/ed01e168c38c9176b5af5029d4e9d025/1627917121.png
45.133.44.10200 OK 26 kB URL HTTP/2 cdn.cloudimagesb.com/cti/ed/01/e1/ed01e168c38c9176b5af5029d4e9d025/1627917121.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 468 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 6643aad2748c3fa6febd62db1a67a26b
8e3bc5cc51ff87adf9ad65ac02891febe7649632
d03b5f0fa87ff0044176afb05bbae920081614917dbfa590287ed76fea3fb914
GET /cti/ed/01/e1/ed01e168c38c9176b5af5029d4e9d025/1627917121.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinneroverturn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:01 GMT
content-type: image/png
content-length: 25785
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 15:12:09 GMT
etag: "61080b49-64b9"
expires: Wed, 07 Dec 2022 10:41:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/90/fa/55/90fa55e79f85a5822e197862b4c53149/1663334602.png
45.133.44.10200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/cti/90/fa/55/90fa55e79f85a5822e197862b4c53149/1663334602.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 160 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash fb8a0af2c78607cf4c540a8be54248ef
795083ee49378071a4a04505ac40dfb4134acd74
1ad52c531815350c0f4411825fde5553748dd6b14bbc73752c939f6eba73c029
GET /cti/90/fa/55/90fa55e79f85a5822e197862b4c53149/1663334602.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soldierreproduceadmiration.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:01 GMT
content-type: image/png
content-length: 33090
server: nginx/1.17.6
last-modified: Fri, 16 Sep 2022 13:23:30 GMT
etag: "632478d2-8142"
expires: Wed, 07 Dec 2022 10:41:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/f2/89/27/f28927d07b6373b93ae5b1653e846c86/1631285382.jpg
45.133.44.10200 OK 112 kB URL HTTP/2 cdn.cloudimagesb.com/bi/f2/89/27/f28927d07b6373b93ae5b1653e846c86/1631285382.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:07:26 12:52:17], baseline, precision 8, 300x250, components 3\012- data
Size 112 kB (112312 bytes)
Hash dd0a4cbb6df8b96545ec7e29ad7d11c2
17e87af834f16860a8d7f29cecae5f8f8d43a43c
e398a1cf616297b2245accfe84afb007c1e99468a534863e695a1a359105da53
GET /bi/f2/89/27/f28927d07b6373b93ae5b1653e846c86/1631285382.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kidhumiliateessay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:01 GMT
content-type: image/jpeg
content-length: 112312
server: nginx/1.17.6
last-modified: Fri, 10 Sep 2021 14:49:52 GMT
etag: "613b7090-1b6b8"
expires: Wed, 07 Dec 2022 10:41:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17037309
192.243.59.12200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17037309
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 945c80de3db6c017ebcc62d4b653620f
5e690fe55e8fb6a72c3b29ff8ecf100b3b57f7d0
9007250c7afbbd021026be08f1130698df17ab68e9aad11b2da0c3cfaf19d315
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17037309 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Cookie: u_pl=16122660; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 10:41:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTcwMzczMDkiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd2FoaWRrcmlzaG5hLmJsb2dzcG90LmNvbS8ifX0.u2lF5bVplAd1-NafQBlC4Z7oSVmYXZ27RxmJ5lTfUrY; expires=Mon, 05 Dec 2022 10:42:01 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9a3f4ddc98d2f77accf2e2de0fb7835d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?shu=b03a48ba8c2816d8efdffb9a14b42d9c0d74c275a07fe173cb95f64079d11ed947a459c46464444297f99b8a0925a2bb3fd95e4ed39cb416790d849ce35db0f306fcc8e7e6c758ab58d0debe6f925d6352ce1ac9&pst=1670236921&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F&psid=17037309
192.243.59.12302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=b03a48ba8c2816d8efdffb9a14b42d9c0d74c275a07fe173cb95f64079d11ed947a459c46464444297f99b8a0925a2bb3fd95e4ed39cb416790d849ce35db0f306fcc8e7e6c758ab58d0debe6f925d6352ce1ac9&pst=1670236921&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F&psid=17037309
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=b03a48ba8c2816d8efdffb9a14b42d9c0d74c275a07fe173cb95f64079d11ed947a459c46464444297f99b8a0925a2bb3fd95e4ed39cb416790d849ce35db0f306fcc8e7e6c758ab58d0debe6f925d6352ce1ac9&pst=1670236921&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwahidkrishna.blogspot.com%2F&psid=17037309 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTcwMzczMDkiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd2FoaWRrcmlzaG5hLmJsb2dzcG90LmNvbS8ifX0.u2lF5bVplAd1-NafQBlC4Z7oSVmYXZ27RxmJ5lTfUrY; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 10:41:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: uncs=2; expires=Tue, 06 Dec 2022 10:41:01 GMT
uncs28=2; expires=Tue, 06 Dec 2022 10:41:01 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7aee66db01fe6a980b3be1efa406b92a
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
95.101.10.153307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP 95.101.10.153:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Mon, 05 Dec 2022 10:41:02 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 05 Dec 2022 10:41:02 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; domain=.unibet.com; expires=Wed, 05-Dec-3021 10:41:01 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=42, origin; dur=54
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node0x7yjz7uwx68o4vj9rq25ntlb3; uniattr=ST.0.T; uniattr_ref=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 05 Dec 2022 10:41:02 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node0kttbe7hw3ieqcvn675ocezac3125408.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node0x7yjz7uwx68o4vj9rq25ntlb3; Path=/; Domain=.unibet.nu; Expires=Wed, 04-Dec-2024 10:41:02 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Wed, 04-Dec-2024 10:41:02 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.spikereekvelocity.com/"; Path=/; Domain=.unibet.nu; Expires=Wed, 04-Dec-2024 10:41:02 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_B2D3BD319BD5422481E81A2579C794B3; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B2D3BD319BD5422481E81A2579C794B3%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://www.spikereekvelocity.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Mon, 05 Dec 2022 10:41:02 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node0x7yjz7uwx68o4vj9rq25ntlb3; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; affiliateId=1; B-TAG=127656177_B2D3BD319BD5422481E81A2579C794B3; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B2D3BD319BD5422481E81A2579C794B3%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Mon, 05 Dec 2022 10:41:02 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Mon, 05 Dec 2022 10:41:02 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4bc24a752482e96aa7f4699c713888b4
78d5d6d0a195ccc1650ce7a174d375f3ea8d188b
6a17636802702728bce1a7ffb368008aab911ff3d4f2a5b54b0253066c3d4881
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A17636802702728BCE1A7FFB368008AAB911FF3D4F2A5B54B0253066C3D4881"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2100
Expires: Mon, 05 Dec 2022 11:16:02 GMT
Date: Mon, 05 Dec 2022 10:41:02 GMT
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.25.188200 OK 934 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash 113895ebdc9ace27f68e5b202fd9aedf
ec2334e7cbeb49a8d57901db38fd9b6de8a65637
63fd41f2599b877a56edf777828986f1975d68956c79189ea92af6f6628b1e15
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB1D5BF7A"
x-ms-request-id: 5d879bd0-f01e-002a-0703-03cd12000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 8026
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac86aacb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.25.188200 OK 1.3 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3207), with no line terminators
Hash eb55cf40f0d6bf5f06483065b0c3355c
bf079dbf1343eb588437ffc62cb2e01b699b7fa2
c55dff1bec73cc168647215fe30984d7ee1c5be4c960f17594627f54e596a06b
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB2079DB0"
x-ms-request-id: 24a2aae3-d01e-004f-0203-036356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 8025
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac86aaab4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.25.188200 OK 10 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (15888), with no line terminators
Hash 46dc8373de1ac349bd9fd0de9194311e
ff337c47385d59b07a65168ed5c28fbf20978ef7
a9d0ab28d4be3d9eb71b7ba83dae2cb33438f4dfa2570faa13f89f168f1b6989
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4BDF480"
x-ms-request-id: 88d0ed69-201e-0074-2803-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 8026
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac87ab5b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
216.58.207.202200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 216.58.207.202:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 12:45:16 GMT
expires: Wed, 29 Nov 2023 12:45:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 510946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1d7ae9cb4d3ada56f3c875f55b37a3e1
296e23579403d85854df89b45e91dde802a91617
b86bdf54353e0459f9acb777656d5928b8d04aece9f060a8ecf4961548f7c490
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5552
Cache-Control: max-age=97104
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:41:02 GMT
Etag: "638c8d5e-117"
Expires: Tue, 06 Dec 2022 13:39:26 GMT
Last-Modified: Sun, 04 Dec 2022 12:06:54 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
104.18.25.188200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP 104.18.25.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DACBBCB1BBD29B"
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0b1c71c4-b01e-0049-7003-0350e9000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 7979
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac97c1cb4f3-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.25.188200 OK 12 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.25.188:0
File type HTML document, ASCII text
Hash aa90edb47af1f1080825c9fefd0fd68e
80dcee5560adb3e50971556e7762233d990e43ba
bb60657ccb71f02b2e0a478011300644b6f37ee2dfde3e41192c8ad76668affc
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB5157DAD"
x-ms-request-id: 88d0ed66-201e-0074-2503-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 8026
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac86a94b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:41:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.25.188200 OK 76 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.25.188:0
File type HTML document, Unicode text, UTF-8 text
Hash d5ce896a6eadfcad47976b91ea806040
068af6906d86a703d50b74315105e12385838261
4259f7ce42605968828b7bcdbe924d771e5d78020ea994b76fb87f414e614bac
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB50B45F5"
x-ms-request-id: 10dfb792-f01e-0077-0703-03c796000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 8026
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac85a91b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:41:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.25.188404 Not Found 643 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.25.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash 1d1813df482db4f78e74a56285cae2fb
54e675a9a6ed17071a0f8390160ed5df54fb3e50
b9033ba3e8dd9be00dea8071207365723d935b7bdfe56bd744d35738ae909645
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: application/xml
x-ms-request-id: ce2d9346-301e-000a-7f95-08b6b5000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 190
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac87ad0b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:41:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 400027
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.133.15200 OK 93 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Hash ecf18d3762e5c5328c69a948a20ea385
473cfe1c24d59cccf328e76042cd7b0e2fed44ec
7edf962d7c7e45cfc107fe9341d77f4e270ca4319d5313cb0f094a893816737d
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: text/css
x-amz-id-2: kIWUcp4/gRprxrhG4Bo7YL49QfCfoJzgcb+lBni7kDeALpU6YcOHbXZK3Ce3+VKgInDBPr7yuoA=
x-amz-request-id: GQJ6HHGYZ6JW9X6Q
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 739753
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iCkBqdHS3cuAy4wWNap7WZVLh7cbCLZTvRNKoOvBd7JRUlFtN8B4VCk9pDIiUbEhLE808iCEG8cA4E7dMD548tujfNNRwahRkyaK5OxE3zyPvQ%2FxOLXNLriy0FX2e%2B%2F1oBHzDqs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774c2ac8e81f76b7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.25.188200 OK 16 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1481), with no line terminators
Hash 8175a5536bbb679a1c945c3a683a8b83
cbf8c11b776e26048ea6f2e8dfba6475254c2fb0
7472655fae6b1495e1dfa0d7d20c16c542968db3b959f140bc9371084ddd0b42
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3E60357"
x-ms-request-id: 16b99321-701e-000b-6a03-03e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 8026
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac87aceb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/widget/betslip/betslip.js
104.18.25.188200 OK 20 kB URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP 104.18.25.188:0
File type ASCII text, with very long lines (693)
Hash 993e80ac1642155936ae252b60e0f5c9
7690bb8a6e5576cf3a621ea77dc5db08b8838492
bdacd82adc1da4c9dcac9a5080a39345ce8c25afa27d6ea95f06a683985dd8ab
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 8025
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac94bccb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:41:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 71603bd1d94bcd618ae379faa78b0202
db9d93670ddd32ec66940ccef4e0cc53c0ddde78
855ae3a14e17b4c4a151b644e1bc9bd01a5adfc1a92487c2882897a6018b3da6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3116
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:41:03 GMT
Last-Modified: Mon, 05 Dec 2022 09:49:07 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
secure.adnxs.com/seg?add=9755599
37.252.171.85307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 10:41:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: e1febfa1-b85b-4a79-9661-c7101bfe0f03
Set-Cookie: uuid2=8243251119274082035; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 10:41:03 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
104.19.148.8200 OK 1.8 kB URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP 104.19.148.8:0
File type JSON data\012- , ASCII text, with very long lines (5061), with no line terminators
Hash cb8699e9b2633c676a2ec148c4d7c731
9791589cde9c94880903b272d5fdcd3c76dc83a6
bbbc226c852d5b999213b6cd5839e37c60c267af5bb63709efe63c1ea38e917a
GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:03 GMT
content-type: application/json
content-length: 1770
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Mon, 05 Dec 2022 07:03:28 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 13055
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2acb89ca0b45-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
37.252.171.85200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 37.252.171.85:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 10:41:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 0d74916f-bb5f-45ce-a0db-1070abfbde33
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Illj`qmf!]tbP6j2F-XstGt!@E%e%#S$=; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 10:41:03 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
104.19.148.8200 OK 27 kB URL HTTP/2 script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
IP 104.19.148.8:0
File type ASCII text, with very long lines (63889)
Hash 40a61971f3342753b240df82579098d2
75a44689092cd59612c3c77f4c3f353f5898c4b9
c53652de8d763aa53a2226f899e6c57434675b324a4e22b91bea1f217e99504a
GET /pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:03 GMT
content-type: text/javascript
content-length: 26836
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Fri, 18 Nov 2022 16:53:01 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 839768
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2acbfa4d0b45-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b967016c92599586200298d67c900ac5
14a6fd8d84b435e154c0ae357a9f8dc24c16e9eb
b266fccee1baec0b93927cf1385b1a3e6987424f00cbf0ac879fcc8f212df56c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5673
Cache-Control: max-age=162024
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:41:03 GMT
Etag: "638d8a7e-1d7"
Expires: Wed, 07 Dec 2022 07:41:27 GMT
Last-Modified: Mon, 05 Dec 2022 06:06:54 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=07863033650280021441162086631053248077&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1670236860748
52.17.115.124200 OK 496 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=07863033650280021441162086631053248077&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1670236860748
IP 52.17.115.124:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash c0f741630544505a9b93808169abab90
d873278b7492ccc41ebfe2495e104850a239b36b
ff37d295be6b2ee629997f2ecd94787d574f822d8e2bc01f8248956d115df4ba
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=07863033650280021441162086631053248077&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1670236860748 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-00960800d.edge-irl1.demdex.com 10 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=88709040007075127382584035572711840736; Max-Age=15552000; Expires=Sat, 03 Jun 2023 10:41:03 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: eSdmj5XASaQ=
Content-Length: 496
Connection: keep-alive
script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463954
104.19.148.8200 OK 145 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463954
IP 104.19.148.8:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 77fdf78ff0ba562b3830a62c5a261e05
03f5af9751c431e188a3b1199f56caea5b5259b3
1998b3484809de65a5ef6542322381a28f0d65961f7e5375e6b1f0d9c05f35a8
GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463954 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:03 GMT
content-type: application/json
content-length: 145
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Mon, 05 Dec 2022 07:03:30 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 13053
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2acd5b440b45-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fc89f2976f3e29cb45d76106324a16e1
15e95114687f8ade2238c0ed5871180f17968c94
bd19bb70f4d6719d008faa592d15ef4993b402e994f97a7e5643be7671c963a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5848
Cache-Control: max-age=167609
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:41:03 GMT
Etag: "638d9fa1-1d7"
Expires: Wed, 07 Dec 2022 09:14:32 GMT
Last-Modified: Mon, 05 Dec 2022 07:37:05 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s1220242449335?AQB=1&ndh=1&pf=1&t=5%2F11%2F2022%2010%3A41%3A0%201%200&mid=07863033650280021441162086631053248077&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_B2D3BD319BD5422481E81A2579C794B3%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_B2D3BD319BD5422481E81A2579C794B3%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=10%3A41%20AM%7CMonday&v6=10%3A41%20AM%7CMonday&v11=GBP&c14=New&v14=New&c16=1670236861&v21=Not%20Logged-In&c73=unibet&c74=07863033650280021441162086631053248077&v99=07863033650280021441162086631053248077&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_B2D3BD319BD5422481E81A2579C794B3&v126=68246908&v127=37950&v134=1670236860&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
13.36.218.177200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s1220242449335?AQB=1&ndh=1&pf=1&t=5%2F11%2F2022%2010%3A41%3A0%201%200&mid=07863033650280021441162086631053248077&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_B2D3BD319BD5422481E81A2579C794B3%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_B2D3BD319BD5422481E81A2579C794B3%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=10%3A41%20AM%7CMonday&v6=10%3A41%20AM%7CMonday&v11=GBP&c14=New&v14=New&c16=1670236861&v21=Not%20Logged-In&c73=unibet&c74=07863033650280021441162086631053248077&v99=07863033650280021441162086631053248077&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_B2D3BD319BD5422481E81A2579C794B3&v126=68246908&v127=37950&v134=1670236860&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 13.36.218.177:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s1220242449335?AQB=1&ndh=1&pf=1&t=5%2F11%2F2022%2010%3A41%3A0%201%200&mid=07863033650280021441162086631053248077&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_B2D3BD319BD5422481E81A2579C794B3%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_B2D3BD319BD5422481E81A2579C794B3%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=10%3A41%20AM%7CMonday&v6=10%3A41%20AM%7CMonday&v11=GBP&c14=New&v14=New&c16=1670236861&v21=Not%20Logged-In&c73=unibet&c74=07863033650280021441162086631053248077&v99=07863033650280021441162086631053248077&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_B2D3BD319BD5422481E81A2579C794B3&v126=68246908&v127=37950&v134=1670236860&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
date: Mon, 05 Dec 2022 10:41:03 GMT
expires: Sun, 04 Dec 2022 10:41:03 GMT
last-modified: Tue, 06 Dec 2022 10:41:03 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3586806351596617728-4619384530019394779
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
104.16.171.188200 OK 11 kB URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP 104.16.171.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 09c4f78864dcffc68441cc04666db3d5
ae09fa29254fd03f4a911d9eb3371542aba54e16
c49b37de235cf47b0dd5db9dcc8c2517c98085f407bed45ea07212c376e1c021
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:03 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 360
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2acd0f140b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3
IP 142.250.74.106:0
GET /css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 10:40:58 GMT
date: Mon, 05 Dec 2022 10:40:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.25.188:0
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 7979
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac86a9db4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: 3j1KK5ReHy/6ckOVwt+Uag==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
x-ms-request-id: e3faf0b2-801e-001f-6496-08a106000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac64fd8b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
104.40.147.180200 OK 0 B URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP 104.40.147.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Mon, 05 Dec 2022 10:41:03 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=15ba40cd1caa1bec2184ac4d6bc54f4c82e5289caaa419bdac02883b5bb07792;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=15ba40cd1caa1bec2184ac4d6bc54f4c82e5289caaa419bdac02883b5bb07792;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
104.16.171.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP 104.16.171.188:0
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:03 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 424
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2accff050b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js?463954
104.19.148.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?463954
IP 104.19.148.8:0
GET /pages/scripts/0012/9242.js?463954 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:03 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Mon, 05 Dec 2022 07:03:28 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 13055
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2acab9340b45-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
bayupras.com/ars/view.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
104.21.28.72200 OK 0 B URL HTTP/2 bayupras.com/ars/view.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP 104.21.28.72:0
GET /ars/view.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wahidkrishna.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:40:58 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 14:00:21 GMT
last-modified: Wed, 30 Nov 2022 07:42:02 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 247237
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FQkQyVwhLpUdutv84LFk4FfpNDmM8dVdVal3KwSpU9NgB4FizNYTtzWJzJj4mR9NwTetV3n7iq5fyA0fAzm9DposJDP4IQoHx0j19jr8jZhDGDjjYLbAUUYO5EJBNk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774c2aacc81fb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
104.19.148.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP 104.19.148.8:0
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:03 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Mon, 05 Dec 2022 07:03:28 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 13055
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2acaa9270b45-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB117460B"
x-ms-request-id: dbafa778-701e-0034-4703-0321ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 8026
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac85a8bb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:24 GMT
etag: W/"705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4CC7156"
x-ms-request-id: 4fc06b4d-901e-004e-1803-033c8a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 8026
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac87ac5b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB39EA46F"
x-ms-request-id: a11628c9-801e-0042-7503-03ab82000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 8026
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac87ac8b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3A5CF50"
x-ms-request-id: cd88faad-301e-0047-5503-037959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 8026
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac87acbb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4C5466A"
x-ms-request-id: 0b580569-d01e-0060-1f03-036e9d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 8026
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac87abab4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_B2D3BD319BD5422481E81A2579C794B3&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670217716326)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022125521%22%7d%2c%7b%22PID%22%3a86119372%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670225410749)%5c%2f%22%2c%22CookieTag%22%3a%223795086119372451240919C2022125730%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228523129823%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C07863033650280021441162086631053248077%7CMCAAMLH-1670837588%7C6%7CMCAAMB-1670837588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670239988s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~7c6ad29ca482d2d6d0d4d970243255c397cf2ba6~vpv~2~v11.rlc~1670232788921
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:41:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 21 Nov 2022 12:34:13 GMT
etag: W/"0x8DACBBCB22FE05F"
x-ms-request-id: bf5a1d34-901e-003c-5a03-033bc5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 8026
vary: Accept-Encoding
server: cloudflare
cf-ray: 774c2ac87ad2b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 10:41:02 GMT
date: Mon, 05 Dec 2022 10:41:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2