r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10054
Expires: Thu, 24 Nov 2022 14:47:14 GMT
Date: Thu, 24 Nov 2022 11:59:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2230
Cache-Control: max-age=169721
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:40 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:08:21 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 11:18:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2442
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9518
Expires: Thu, 24 Nov 2022 14:38:18 GMT
Date: Thu, 24 Nov 2022 11:59:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CCeK0Sfm0JQmHI6ux9Nt1W8P6YT48pVd8L0ULjN3v5U/8opSRlrAOHoSVZZP4k3yiQ3cVnozyJ0=
x-amz-request-id: DEYHGYGMJC0SMMZ3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 11:40:23 GMT
age: 1157
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 11:59:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 11:08:53 GMT
cache-control: public,max-age=3600
age: 3047
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5990
Cache-Control: max-age=168418
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:41 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:46:39 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.148.163101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.148.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zam7q8MwpQ89rm2hMPc/bA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +JR0DZv8/aw0nCUNdwk7/usNb/Y=
18.133.14.77/
18.133.14.77200 OK 11 kB IP 18.133.14.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1871), with CRLF, LF line terminators
Hash 88057710d174c5c8d2c33201e40ef59c
0291a367ed86480022c88255057eebf9d437f13a
9aae36c502167a23870c2e3c5dc620aaab0bc91a756082ca2923ed5367daade3
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 18.133.14.77
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Nov 2022 11:59:41 GMT
Link: <https://18.133.14.77/wp-json/>; rel="https://api.w.org/"
Server: nginx
Set-Cookie: _lsm_device=10; expires=Tue, 19-Jan-2038 03:14:07 GMT; Max-Age=478192467; path=/
lsm_visit_count=1; expires=Sat, 24-Dec-2022 11:59:40 GMT; Max-Age=2592000; path=/
lsmuid=rBEABGN/XK3CngALA73HAg==; expires=Fri, 24-Nov-23 11:59:41 GMT; path=/
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 11311
Connection: keep-alive
code.jquery.com/jquery-3.4.1.min.js?ver=5.2.2
69.16.175.42200 OK 31 kB URL HTTP/1.1 code.jquery.com/jquery-3.4.1.min.js?ver=5.2.2
IP 69.16.175.42:0
File type ASCII text, with very long lines (65451)
Hash 9abb42735168ac9e960b770179b642aa
11475bf8c7244af7a820108b7762e7a3f95aa52c
df53c09a6546b3d23dc0b2d0d92c39808c5663a75f4bf1f8d035fd11b7c81243
GET /jquery-3.4.1.min.js?ver=5.2.2 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.133.14.77/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:59:42 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 30638
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 20 Aug 2021 17:47:53 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"611feac9-15851"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1669291182.dop226.sk1.t,1669291182.cds201.sk1.c
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleoptimize.com/optimize.js?id=GTM-N37BDSB
142.250.74.46200 OK 45 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=GTM-N37BDSB
IP 142.250.74.46:0
File type ASCII text, with very long lines (1921)
Hash 61179f6618fbde36fcd9408f8b97c74d
e37ccd9a8d4ffbaba74a7eca675409ad6de4a089
56878d8849a38c1ae1017a4c6aab29c11590261aae9374cc7fb3b9d40b1992b8
GET /optimize.js?id=GTM-N37BDSB HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 11:59:42 GMT
expires: Thu, 24 Nov 2022 11:59:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45287
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.1.0/js/all.js?ver=5.2.2
172.64.132.15200 OK 328 kB URL HTTP/1.1 use.fontawesome.com/releases/v5.1.0/js/all.js?ver=5.2.2
IP 172.64.132.15:0
File type ASCII text, with very long lines (65356)
Size 328 kB (328010 bytes)
Hash b33179752ed90385a521bbeb213a0de0
44adcd5f867fc737d706d4f9a8de6bfd8c23599e
b58f0a4df2145a1310a84c146fb0c46eccbda0ee198f04d57c615079231f6bf0
GET /releases/v5.1.0/js/all.js?ver=5.2.2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.133.14.77/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:59:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: gkzVQTiZ8aSgIBSDtKrTiEceffixFBZOvoUWM0TmBxT8e4njYd0wwM38z535CdxJoilnOalsjAs=
x-amz-request-id: 3M9MMC8NWHDERA98
last-modified: Wed, 30 Jun 2021 15:30:32 GMT
etag: W/"004993df80280fa6c4af6ca17c4e5433"
cache-control: max-age=31556926
CF-Cache-Status: HIT
Age: 28014002
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hqx8XM7cIBwgmY7n%2BUMaDV8%2FRxvjy%2B6d9Jhf5lsFlqrI%2F%2F%2BT100lv5TZ4vfMwsDk7lIqsgLt9Gu1pqkf1h8p0BPCro5vfLO2SUoadfdpxdYaobBDW64USqWs0cJSueraYDdyq2wK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f1fae1496b72fa-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 3dbfe846f87132190f989f425704fe39
bddec3c90d07dea04bb51f04dd3795525276328a
9a4893540fab8a2149d3cdae99d6351dfac973651aabf315416099ea05e75701
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147674
Date: Thu, 24 Nov 2022 11:59:42 GMT
Etag: "637efa88-1d7"
Expires: Sat, 26 Nov 2022 05:00:56 GMT
Last-Modified: Thu, 24 Nov 2022 05:00:56 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -TDKArj38r0wC_1mopKhSUyK3yG5DX_cAZX_peVJ_LVKHO6TxelJ4g==
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 3dbfe846f87132190f989f425704fe39
bddec3c90d07dea04bb51f04dd3795525276328a
9a4893540fab8a2149d3cdae99d6351dfac973651aabf315416099ea05e75701
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147674
Date: Thu, 24 Nov 2022 11:59:42 GMT
Etag: "637efa88-1d7"
Expires: Sat, 26 Nov 2022 05:00:56 GMT
Last-Modified: Thu, 24 Nov 2022 05:00:56 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5a5SEskaNfDplR7w31KgGnUy-e1uLy0HBsGop26D8n7roDDvqpwpUw==
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 3dbfe846f87132190f989f425704fe39
bddec3c90d07dea04bb51f04dd3795525276328a
9a4893540fab8a2149d3cdae99d6351dfac973651aabf315416099ea05e75701
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147674
Date: Thu, 24 Nov 2022 11:59:42 GMT
Etag: "637efa88-1d7"
Expires: Sat, 26 Nov 2022 05:00:56 GMT
Last-Modified: Thu, 24 Nov 2022 05:00:56 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NNBDPfrGiYmRkNONO2MH1LflZ8HJ4z1cDUq23JLAPlLUExrH92mQLA==
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 3dbfe846f87132190f989f425704fe39
bddec3c90d07dea04bb51f04dd3795525276328a
9a4893540fab8a2149d3cdae99d6351dfac973651aabf315416099ea05e75701
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147674
Date: Thu, 24 Nov 2022 11:59:42 GMT
Etag: "637efa88-1d7"
Expires: Sat, 26 Nov 2022 05:00:56 GMT
Last-Modified: Thu, 24 Nov 2022 05:00:56 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dM2FcVFv9AZQ2LWzUQ-A2G8_bWKLWDbVTxt2eymXHcVxx3yg31wkZQ==
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5410
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 11:59:42 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 24914
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F004aa6ae-7a76-4671-acda-0f0a01e41292.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F004aa6ae-7a76-4671-acda-0f0a01e41292.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfb61d1d2a4d3e62e410c926cfa4a1ab
5c3f269cd16e9dd6bbb2e32efd46a4b2599ca436
4297b6c45e7dca6f841ae56da1040e1287f2e70c98e5f7fc674a674b59ebc7a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F004aa6ae-7a76-4671-acda-0f0a01e41292.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8702
x-amzn-requestid: 9687d5fa-c9f8-4afc-8278-0f0c12b28329
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvx9FQ4oAMFWmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e933f-397fca41442c0d7309395e4b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4cgRxjx6TQRxl4FIKsjrBPDZmhoDgbG72UAMRUnxZBUqV7yCfj3PyQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:09 GMT
age: 51273
etag: "5c3f269cd16e9dd6bbb2e32efd46a4b2599ca436"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 51110
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28381329eca6c426a8b05fcdef4aafcc
a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a
4fc8414d39bbaacb1e6575924bd0bbb9373d78b177022f7d3c6457829abffd06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8748
x-amzn-requestid: 864da50a-44bb-4d20-b499-08c2a140871e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtENmoAMFqKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-2705cc956f2c2aa5535533b0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xT0IorkRpXysoYMnugcrV40YaAxoRPjLmkPcv1ElteP_-rNZ1c6fog==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:48:57 GMT
age: 51045
etag: "a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 037c0f19435a955d7ed58f65911e8f21
51a54b639617e113bb941d28b59c2571c0ca2e63
c2b15ed9257f220ed83845e1d0b343d21b7df9104c21162ea76b889609b8a404
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9992
x-amzn-requestid: a16f614c-5a5b-4f8b-97cb-c248e0b50753
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvcYEa0IAMFm_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e92b5-3b65b1b17c2a20b44a31aa9f;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:37:57 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OC0uEwrEKZ6UEEg_mpvYcoVBEUSEA_qTttmyRp1xptCRD4Vi4pFbCg==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:13:55 GMT
etag: "51a54b639617e113bb941d28b59c2571c0ca2e63"
content-type: image/jpeg
age: 49547
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:10:24 GMT
age: 17358
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 3dbfe846f87132190f989f425704fe39
bddec3c90d07dea04bb51f04dd3795525276328a
9a4893540fab8a2149d3cdae99d6351dfac973651aabf315416099ea05e75701
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 11:59:42 GMT
Server: ECS (dcb/7FA7)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: f6mFeSAG5NpioaaoXozxg9cOq78v3L-UMTFUc4NwM5e_V0MFAq_nyQ==
www.googletagmanager.com/gtm.js?id=GTM-TN683C9
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TN683C9
IP 142.250.74.168:0
File type ASCII text, with very long lines (4064)
Hash 79289444b445923083f3b25e0adde215
81c0cf6f99ab3a2b01f72e91bf85c9639c1dd2b5
ae2a14fbe34300031bb577c789173f440cc7e9d92f92412fccf59764d72b9e8f
GET /gtm.js?id=GTM-TN683C9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 11:59:42 GMT
expires: Thu, 24 Nov 2022 11:59:42 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43905
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 42aa3a3ac1793d821cfd7eb0c6bd5ab3
a2575dfc6c925190e5204d977aea347cc800654e
5e415049a23027e531127fe57f93a8d2106c44bd344c24045a9e28fb86152128
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=166084
Date: Thu, 24 Nov 2022 11:59:42 GMT
Etag: "637f315a-1d7"
Expires: Sat, 26 Nov 2022 10:07:46 GMT
Last-Modified: Thu, 24 Nov 2022 08:54:50 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Z6J9jm5wmLXw8ubDuNzEe_SJ_ldfh8aiI6PCO5jF2bEw3xJPp3iZsw==
Age: 4376
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 42aa3a3ac1793d821cfd7eb0c6bd5ab3
a2575dfc6c925190e5204d977aea347cc800654e
5e415049a23027e531127fe57f93a8d2106c44bd344c24045a9e28fb86152128
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167338
Date: Thu, 24 Nov 2022 11:59:42 GMT
Etag: "637f315a-1d7"
Expires: Sat, 26 Nov 2022 10:28:40 GMT
Last-Modified: Thu, 24 Nov 2022 08:54:50 GMT
Server: ECS (dcb/7EC6)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KJ_hCfFTHp0mDlkVQnfopEi5NoXO4rqVtfhlcjwVFSsk9gGlRyMrIA==
Age: 5630
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 42aa3a3ac1793d821cfd7eb0c6bd5ab3
a2575dfc6c925190e5204d977aea347cc800654e
5e415049a23027e531127fe57f93a8d2106c44bd344c24045a9e28fb86152128
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165651
Date: Thu, 24 Nov 2022 11:59:42 GMT
Etag: "637f315a-1d7"
Expires: Sat, 26 Nov 2022 10:00:33 GMT
Last-Modified: Thu, 24 Nov 2022 08:54:50 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dIIX2dUCAm1TF6_vMHBvh-CCeqScXjGoPwqHhnOPbcNt-cEZRhUW4g==
Age: 3943
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 42aa3a3ac1793d821cfd7eb0c6bd5ab3
a2575dfc6c925190e5204d977aea347cc800654e
5e415049a23027e531127fe57f93a8d2106c44bd344c24045a9e28fb86152128
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164839
Date: Thu, 24 Nov 2022 11:59:42 GMT
Etag: "637f315a-1d7"
Expires: Sat, 26 Nov 2022 09:47:01 GMT
Last-Modified: Thu, 24 Nov 2022 08:54:50 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vVpG2vZxAovz3ycsEUpFxo0KPw79D-OBVBF7hrNUKO-KMug5RldeJg==
Age: 3131
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 42aa3a3ac1793d821cfd7eb0c6bd5ab3
a2575dfc6c925190e5204d977aea347cc800654e
5e415049a23027e531127fe57f93a8d2106c44bd344c24045a9e28fb86152128
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 11:59:42 GMT
Last-Modified: Thu, 24 Nov 2022 10:25:09 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: O-XkuylySu5GulCnRqIF1fssoT7yqDlPDjyTeIss6ArC-ZqR3ATWvA==
Age: 5674
s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/nowagering_dt_214x25_green.png
52.218.56.195200 OK 2.0 kB URL HTTP/1.1 s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/nowagering_dt_214x25_green.png
IP 52.218.56.195:0
File type PNG image data, 214 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 10945c1df0b3ba9c8cc512c014c20fdb
686a11ccaca440e362350c4d4c82f6699e7c4862
3ce9c548496e165dc1beebcbdbe4018730dad34821a482fa11b927a505b1da5e
GET /lsm-public-bucket/sfsg/wp-content/uploads/wp/nowagering_dt_214x25_green.png HTTP/1.1
Host: s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: dYExOVOFBDCkEH8Dft3l5oI8PxrmuTPWf0eGiJ/eLAJ8aNh9HE1Ti8jW6cnpLpVTSYN5xPw/cN4=
x-amz-request-id: 0DT7K8VH1Z9AE18W
Date: Thu, 24 Nov 2022 11:59:43 GMT
Last-Modified: Fri, 09 Sep 2022 08:49:32 GMT
ETag: "10945c1df0b3ba9c8cc512c014c20fdb"
Cache-Control: max-age=691200
x-amz-version-id: kwr3mVHWlN.jwk6.rbhI1mH33_RJLd4T
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 2032
www.googletagmanager.com/gtm.js?id=GTM-5N6Q3BW
142.250.74.168200 OK 87 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5N6Q3BW
IP 142.250.74.168:0
File type ASCII text, with very long lines (14144)
Hash 2e8585af779282cea39e858df149294b
0abbbf16cb39163ae52e8f2b29b4626935b35f74
5a37b2373c151bbdce1ee4a1f70d2c471360b5b09226888ec3bdfcee4193feb3
GET /gtm.js?id=GTM-5N6Q3BW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 11:59:42 GMT
expires: Thu, 24 Nov 2022 11:59:42 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87142
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/paddypower2.png
52.218.56.195200 OK 17 kB URL HTTP/1.1 s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/paddypower2.png
IP 52.218.56.195:0
File type PNG image data, 220 x 464, 8-bit colormap, non-interlaced\012- data
Hash 00ec6ca53adc927a5bc2e8e4e86b27f9
e82ee405586efc5169ab8c4b3ebc9277947b12bb
68bbccc78b21d793501ac73ab12a50a7e3c1dc8e0d739bed8c0aea01a08f349d
GET /lsm-public-bucket/sfsg/wp-content/uploads/wp/paddypower2.png HTTP/1.1
Host: s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: eN5wo8Tvk8pU+JEFlGU8hCO3Q9t78T5sQ8Hg1U5Pk0LhVevMA6EdgabgSDKsr415VkOTa8/hR/k=
x-amz-request-id: 0DTD7MV2SCNGRPDP
Date: Thu, 24 Nov 2022 11:59:43 GMT
Last-Modified: Thu, 03 Nov 2022 09:51:10 GMT
ETag: "00ec6ca53adc927a5bc2e8e4e86b27f9"
Cache-Control: max-age=691200
x-amz-version-id: _0heMpDGhjaz2lvmkxtj2LI9dYhWwLOS
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 16830
s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_spookyslotsarticle_100x100_oct.jpg
52.218.56.195200 OK 25 kB URL HTTP/1.1 s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_spookyslotsarticle_100x100_oct.jpg
IP 52.218.56.195:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.5 (Macintosh), datetime=2021:10:11 10:35:59], progressive, precision 8, 100x100, components 3\012- data
Hash f7264c85fc16645d9bbce6ed3e021491
49a53a4c09d90a19ecc5ce00da26d01761846b42
319eece23163e5f3bf7abc81df96e78487fc695d05caeafedd5648b353212ceb
GET /lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_spookyslotsarticle_100x100_oct.jpg HTTP/1.1
Host: s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: pRqsXzz/1mpiK5ygFB0xYEwH9e/ukxeXDPnHTpgCx9+kf/lo8T2isHdcKl+1kr2GHi6qRKkdAWI=
x-amz-request-id: 0DT02GZKH8NCTR6W
Date: Thu, 24 Nov 2022 11:59:43 GMT
Last-Modified: Fri, 19 Nov 2021 13:38:11 GMT
ETag: "f7264c85fc16645d9bbce6ed3e021491"
Cache-Control: max-age=691200
x-amz-version-id: h2VxD.CsgUOjUkgrqEGZYAyuL1h_ZnmK
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 24981
s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/exclusives_ribbon_dt_214x25.png
52.218.56.195200 OK 1.2 kB URL HTTP/1.1 s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/exclusives_ribbon_dt_214x25.png
IP 52.218.56.195:0
File type PNG image data, 214 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e543d7de780f388bdbfcec2155619fc
72cf1a99fd7478c378784dce99cecb3784656b5a
a1f837210cba0bfecd897ddafaf1bc20e6f27285782cc878bc467f227e18fed4
GET /lsm-public-bucket/sfsg/wp-content/uploads/wp/exclusives_ribbon_dt_214x25.png HTTP/1.1
Host: s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: hOjd+FRSL6eooV6ZuYg1beKlxFt20Hag7FrsWG1oQ6Nns2zKG2TfPfHOlQ5kI7sl6d4UzDjA3+I=
x-amz-request-id: 0DTA3MEWP6SBWCQG
Date: Thu, 24 Nov 2022 11:59:43 GMT
Last-Modified: Wed, 07 Sep 2022 11:04:22 GMT
ETag: "2e543d7de780f388bdbfcec2155619fc"
Cache-Control: max-age=691200
x-amz-version-id: SKg74iErqcLa59IJ3_zX_nuXMl9toUQC
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1198
s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_newgame_100x100_oct.jpg
52.218.56.195200 OK 20 kB URL HTTP/1.1 s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_newgame_100x100_oct.jpg
IP 52.218.56.195:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Hash b7f33296d96db1ecba7ba783e0be7a94
47dbe2c738500d2547e749957c7a1c19e2c72fee
d4bd0a1e943b3819e0c34b41286db426041afa7ed296b3a4d8a9f62537af70d9
GET /lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_newgame_100x100_oct.jpg HTTP/1.1
Host: s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: oN6QkiVAN0/qytu9XlLo5tgm939RPSxirVMykNAR5RbdElbgGKZO+qWZmnwUUtrFD7UdBldp224=
x-amz-request-id: 0DT24C2H422CNPV7
Date: Thu, 24 Nov 2022 11:59:43 GMT
Last-Modified: Tue, 11 Oct 2022 15:20:54 GMT
ETag: "b7f33296d96db1ecba7ba783e0be7a94"
Cache-Control: max-age=691200
x-amz-version-id: LS8CJ5.gLZtjMMwc5D1_2QB3bp3Yz2bt
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 19941
s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_safergamblingonsite_dt_218x415.gif
52.218.56.195200 OK 68 kB URL HTTP/1.1 s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_safergamblingonsite_dt_218x415.gif
IP 52.218.56.195:0
File type GIF image data, version 89a, 218 x 415\012- data
Hash 4281d8be08ba883f46d5e6832d0a0895
08d46d1c2137dfbdfb00c25a1b718b8d99557ccb
befd085182fa0f661a59e0be72a0cec55d8e715aead887a8149e821941e11e70
GET /lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_safergamblingonsite_dt_218x415.gif HTTP/1.1
Host: s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Or/ArZTvKmgv8A1bIuAKFCDM5z8KXxrFXZHb1F/rhz2Non64txfRCfnZLvF9hFvPHxZX1wEMpbg=
x-amz-request-id: 0DT4MCB1E64ZWCR3
Date: Thu, 24 Nov 2022 11:59:43 GMT
Last-Modified: Fri, 29 Apr 2022 08:24:35 GMT
ETag: "4281d8be08ba883f46d5e6832d0a0895"
Cache-Control: max-age=691200
x-amz-version-id: L4pGbgSlZw5yC14ThjZpXYkFAf2L0dqA
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 68379
s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_bluevegas_dt_1040X308_BORDERS_sept.jpg
52.218.56.195200 OK 171 kB URL HTTP/1.1 s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_bluevegas_dt_1040X308_BORDERS_sept.jpg
IP 52.218.56.195:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1040x308, components 3\012- data
Size 171 kB (171233 bytes)
Hash 2f4ef9d36a1629cef207b7943a3c29dc
46843177cf2e0118041d96cb6eb2240fbbd52043
356cddab811513b9582aa9b89def1fc1bbf27e0dc5a68181e86bf0ff17301cf7
GET /lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_bluevegas_dt_1040X308_BORDERS_sept.jpg HTTP/1.1
Host: s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: J9B+mf6vQU1VxsESIiVSuFeJdzQ23k4qc+OV/Z4lVG/8t75gZzEWq8dQMEk4Jvu2N83bH28qJhw=
x-amz-request-id: 0DT5B69C3GWFTZT6
Date: Thu, 24 Nov 2022 11:59:43 GMT
Last-Modified: Tue, 27 Sep 2022 09:26:14 GMT
ETag: "2f4ef9d36a1629cef207b7943a3c29dc"
Cache-Control: max-age=691200
x-amz-version-id: ckEQhKwHTDxdS20Iorp.8R6Q3TqBhGVU
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 171233
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 24 Nov 2022 01:07:28 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CEOvK9GkiUBcUSPqJWnwVZQAqp_TS6k_RxIvZNtYqZyYC6fROxXwAw==
Age: 39136
s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_battleoftheslots_articleimage_100x100_aug.jpg
52.218.56.195200 OK 1.9 MB URL HTTP/1.1 s3-eu-west-1.amazonaws.com/lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_battleoftheslots_articleimage_100x100_aug.jpg
IP 52.218.56.195:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.2 (Macintosh), datetime=2022:08:15 09:30:54], baseline, precision 8, 100x100, components 3\012- data
Size 1.9 MB (1944752 bytes)
Hash db8655258173cff34dea894e8c1bb56b
b744294e88b5f8953aac4a268239275970060913
be03cf2a6d2404ad713211e819ebc7d012ab46edeb2c3b3ceafc33680792ccd8
GET /lsm-public-bucket/sfsg/wp-content/uploads/wp/sfsg_battleoftheslots_articleimage_100x100_aug.jpg HTTP/1.1
Host: s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 7prFc2r2JaheDHbzJsroxK9IeeZd8xXm8bs0tuNB+RNTl7NVA9cZhoo0xr0PNb2Eb2Y9BswUjPc=
x-amz-request-id: 0DTAX0BHARJH45QD
Date: Thu, 24 Nov 2022 11:59:43 GMT
Last-Modified: Mon, 15 Aug 2022 13:21:12 GMT
ETag: "db8655258173cff34dea894e8c1bb56b"
Cache-Control: max-age=691200
x-amz-version-id: dlQ714XgMyK69ngH2EecxGCQiS.Xe8Bn
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 1944752
secure.adnxs.com/seg?add=22284848&t=1
37.252.171.21307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=22284848&t=1
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=22284848&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 24 Nov 2022 11:59:43 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22284848%26t%3D1
AN-X-Request-Uuid: 51911ab0-4adc-4178-a177-f8bb0cbf208c
Set-Cookie: uuid2=620564124652202697; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 22-Feb-2023 11:59:43 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
eured.quietyellowday.com/sxp/i/3f9f4e94aaf4953b302a57530cb9921b.js
143.204.55.21200 OK 30 kB URL HTTP/2 eured.quietyellowday.com/sxp/i/3f9f4e94aaf4953b302a57530cb9921b.js
IP 143.204.55.21:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash ae5d1f35febead66a6042183ffeef9d2
1a84dcd44460ef54df894619e9289f96d9ebecb9
4249604772aab6682908ea34fa00b1c6947fd5b4a7962f82e5eafdf533d169f5
GET /sxp/i/3f9f4e94aaf4953b302a57530cb9921b.js HTTP/1.1
Host: eured.quietyellowday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 29673
content-encoding: gzip
server: Caddy
date: Thu, 24 Nov 2022 11:59:43 GMT
cache-control: max-age=43200
expires: Thu, 24 Nov 2022 17:07:19 GMT
etag: "13ce3-Z1qViZ/DLXcw1u+Vqc68/EKWfRM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _TG3LmO2tN31hfkhpu4LfTdRKDfWNIRyfEbor2-W2tgOHjTxEm1DeA==
age: 24744
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22284848%26t%3D1
37.252.171.21200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22284848%26t%3D1
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D22284848%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18.133.14.77/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 24 Nov 2022 11:59:43 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 6e2e09b1-96b1-427b-9805-3898622ce185
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.pki.goog/s/gts1d4/zqdSywkF0qg
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/zqdSywkF0qg
IP 142.250.74.3:0
Hash d8f64ee692bfe3234ba0b2e9261bfaf0
000d4d36fd87188a4512bcebf44d4b2fcb112c74
1bdb56a890d146fd3a17108bc019e13161cf6fd0dfb5286b35ac18beac987b77
POST /s/gts1d4/zqdSywkF0qg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pir.quietyellowday.com/ct?id=21287&url=http%3A%2F%2F18.133.14.77%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1669291183078&hl=1&op=0&ag=1317291471&rand=035016806910206976880009886222008285618281011270266728796027759701202661156&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDE3MjhdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDIsMCwwLDAsMSwyLDIsMSwyLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDIsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMyJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCI4LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lUREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxbLTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJkYXRhTGF5ZXJcIixcImdvb2dsZV9vcHRpbWl6ZVwiLFwiX3dwZW1vamlTZXR0aW5nc1wiLFwiJFwiLFwialF1ZXJ5XCIsXCJfX19GT05UX0FXRVNPTUVfX19cIixcIkZvbnRBd2Vzb21lQ29uZmlnXCIsXCJGb250QXdlc29tZVwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiZ29vZ2xlX3RhZ19kYXRhXCIsXCJzZXRQZXJzaXN0ZW50Q29va2llXCIsXCJzZXRTZXNzaW9uQ29va2llXCIsXCJnZXRDb29raWVcIixcImdldF91cmxfcXVlcnlcIixcInBvc3RzY3JpYmVcIixcImdvb2dsZV90YWdfbWFuYWdlcl9leHRlcm5hbFwiLFwiaGpcIixcIl9oalNldHRpbmdzXCIsXCJ0d3FcIixcIl9yY3RmbFwiLFwiZmJxXCIsXCJfZmJxXCIsXCJ0cmFja2VyXCIsXCJnZXRQYXJhbWV0ZXJCeU5hbWVcIixcIkdvb2dsZUFuYWx5dGljc09iamVjdFwiLFwiZ2FcIixcInR0ZF9kb21fcmVhZHlcIixcIlRURFVuaXZlcnNhbFBpeGVsQXBpXCIsXCJqUXVlcnkzNDEwOTI2MzIwNjExNTY5MzAwNjFcIixcIm9uWW91VHViZUlmcmFtZUFQSVJlYWR5XCIsXCJnYUdsb2JhbFwiLFwiX19jdGNnX2N0XzIxMjg3X2V4ZWNcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCI1Nzk2NDIzMDcuMTY2OTI5MTE4MyJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2OTI5MTE4MzA1NSwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsLTUsMCwwLDAsMCwzMCwyMTQ0LC0xLDAsLDI4MDIsMzQwNiwzNDA2Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFsiZGRiIiwiMCw4LDAsMSwxLDIsMCwwLDAsMSwwLDAsMCwwLDIsMCwxLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwyLDAsMCwwLDEsMCwxLDAsMCwwLDAsMSwxLDIsMCwxNCwwLDAsMCwwLDAsMSJdLFsiYm5jaCIsNjVdLFsiYWJuY2giLDY1XV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=Z9b4Niilfm&pto=3429&ver=48&gac=579642307.1669291183&mei=&ap=&duid=1.1669291183.SQrrntVeksgfBI4X&suid=1.1669291183.nl7ekRdbiKsCMwz9&tuid=1.1669291183.t7PxmLYDstVNqSPn&fbc=->m=WyJmYWNlYm9va19wYWdlX3ZpZXciXQ%3D%3D&it=35%2C3206%2C120&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
54.75.69.192200 OK 901 B URL HTTP/2 pir.quietyellowday.com/ct?id=21287&url=http%3A%2F%2F18.133.14.77%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1669291183078&hl=1&op=0&ag=1317291471&rand=035016806910206976880009886222008285618281011270266728796027759701202661156&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDE3MjhdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDIsMCwwLDAsMSwyLDIsMSwyLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDIsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMyJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCI4LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lUREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxbLTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJkYXRhTGF5ZXJcIixcImdvb2dsZV9vcHRpbWl6ZVwiLFwiX3dwZW1vamlTZXR0aW5nc1wiLFwiJFwiLFwialF1ZXJ5XCIsXCJfX19GT05UX0FXRVNPTUVfX19cIixcIkZvbnRBd2Vzb21lQ29uZmlnXCIsXCJGb250QXdlc29tZVwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiZ29vZ2xlX3RhZ19kYXRhXCIsXCJzZXRQZXJzaXN0ZW50Q29va2llXCIsXCJzZXRTZXNzaW9uQ29va2llXCIsXCJnZXRDb29raWVcIixcImdldF91cmxfcXVlcnlcIixcInBvc3RzY3JpYmVcIixcImdvb2dsZV90YWdfbWFuYWdlcl9leHRlcm5hbFwiLFwiaGpcIixcIl9oalNldHRpbmdzXCIsXCJ0d3FcIixcIl9yY3RmbFwiLFwiZmJxXCIsXCJfZmJxXCIsXCJ0cmFja2VyXCIsXCJnZXRQYXJhbWV0ZXJCeU5hbWVcIixcIkdvb2dsZUFuYWx5dGljc09iamVjdFwiLFwiZ2FcIixcInR0ZF9kb21fcmVhZHlcIixcIlRURFVuaXZlcnNhbFBpeGVsQXBpXCIsXCJqUXVlcnkzNDEwOTI2MzIwNjExNTY5MzAwNjFcIixcIm9uWW91VHViZUlmcmFtZUFQSVJlYWR5XCIsXCJnYUdsb2JhbFwiLFwiX19jdGNnX2N0XzIxMjg3X2V4ZWNcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCI1Nzk2NDIzMDcuMTY2OTI5MTE4MyJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2OTI5MTE4MzA1NSwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsLTUsMCwwLDAsMCwzMCwyMTQ0LC0xLDAsLDI4MDIsMzQwNiwzNDA2Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFsiZGRiIiwiMCw4LDAsMSwxLDIsMCwwLDAsMSwwLDAsMCwwLDIsMCwxLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwyLDAsMCwwLDEsMCwxLDAsMCwwLDAsMSwxLDIsMCwxNCwwLDAsMCwwLDAsMSJdLFsiYm5jaCIsNjVdLFsiYWJuY2giLDY1XV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=Z9b4Niilfm&pto=3429&ver=48&gac=579642307.1669291183&mei=&ap=&duid=1.1669291183.SQrrntVeksgfBI4X&suid=1.1669291183.nl7ekRdbiKsCMwz9&tuid=1.1669291183.t7PxmLYDstVNqSPn&fbc=->m=WyJmYWNlYm9va19wYWdlX3ZpZXciXQ%3D%3D&it=35%2C3206%2C120&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
IP 54.75.69.192:0
File type ASCII text, with very long lines (2649), with no line terminators
Hash 712c7a2f4475e244a266275c7488c167
95a77f50b02a3814775adfad1b74b6a34a07c03f
cb231dff38a63c585b3bd1cd9cb244edc6d87ef319fd21b91251c48967be95b7
GET /ct?id=21287&url=http%3A%2F%2F18.133.14.77%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1669291183078&hl=1&op=0&ag=1317291471&rand=035016806910206976880009886222008285618281011270266728796027759701202661156&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDE3MjhdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDIsMCwwLDAsMSwyLDIsMSwyLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDIsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMyJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCI4LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lUREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxbLTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJkYXRhTGF5ZXJcIixcImdvb2dsZV9vcHRpbWl6ZVwiLFwiX3dwZW1vamlTZXR0aW5nc1wiLFwiJFwiLFwialF1ZXJ5XCIsXCJfX19GT05UX0FXRVNPTUVfX19cIixcIkZvbnRBd2Vzb21lQ29uZmlnXCIsXCJGb250QXdlc29tZVwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiZ29vZ2xlX3RhZ19kYXRhXCIsXCJzZXRQZXJzaXN0ZW50Q29va2llXCIsXCJzZXRTZXNzaW9uQ29va2llXCIsXCJnZXRDb29raWVcIixcImdldF91cmxfcXVlcnlcIixcInBvc3RzY3JpYmVcIixcImdvb2dsZV90YWdfbWFuYWdlcl9leHRlcm5hbFwiLFwiaGpcIixcIl9oalNldHRpbmdzXCIsXCJ0d3FcIixcIl9yY3RmbFwiLFwiZmJxXCIsXCJfZmJxXCIsXCJ0cmFja2VyXCIsXCJnZXRQYXJhbWV0ZXJCeU5hbWVcIixcIkdvb2dsZUFuYWx5dGljc09iamVjdFwiLFwiZ2FcIixcInR0ZF9kb21fcmVhZHlcIixcIlRURFVuaXZlcnNhbFBpeGVsQXBpXCIsXCJqUXVlcnkzNDEwOTI2MzIwNjExNTY5MzAwNjFcIixcIm9uWW91VHViZUlmcmFtZUFQSVJlYWR5XCIsXCJnYUdsb2JhbFwiLFwiX19jdGNnX2N0XzIxMjg3X2V4ZWNcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCI1Nzk2NDIzMDcuMTY2OTI5MTE4MyJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2OTI5MTE4MzA1NSwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsLTUsMCwwLDAsMCwzMCwyMTQ0LC0xLDAsLDI4MDIsMzQwNiwzNDA2Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFsiZGRiIiwiMCw4LDAsMSwxLDIsMCwwLDAsMSwwLDAsMCwwLDIsMCwxLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwyLDAsMCwwLDEsMCwxLDAsMCwwLDAsMSwxLDIsMCwxNCwwLDAsMCwwLDAsMSJdLFsiYm5jaCIsNjVdLFsiYWJuY2giLDY1XV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=Z9b4Niilfm&pto=3429&ver=48&gac=579642307.1669291183&mei=&ap=&duid=1.1669291183.SQrrntVeksgfBI4X&suid=1.1669291183.nl7ekRdbiKsCMwz9&tuid=1.1669291183.t7PxmLYDstVNqSPn&fbc=->m=WyJmYWNlYm9va19wYWdlX3ZpZXciXQ%3D%3D&it=35%2C3206%2C120&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0 HTTP/1.1
Host: pir.quietyellowday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Thu, 24 Nov 2022 11:59:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=9847e4056d168db591b5fe18658de31d; Max-Age=29030400; Path=/; Expires=Thu, 26 Oct 2023 11:59:43 GMT; HttpOnly; Secure; SameSite=None
content-length: 901
X-Firefox-Spdy: h2
pir.quietyellowday.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136ce7c53ceb46829e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c108f652017071a10acf9f29f67408a878e52283f1ef82c76028f6f8d67ce05620075c6530859300c0b93bd6a1b77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2d42710f0ea7db28327e0ea7fe4b2b84aaf17a95e153734e7afea1a0969e77b6cfc248b5038e523c64cded86a7b376cccee879cf774a91f3d633191ee9606cab8e1560f0dffc6b9d1aed12e79612c353d98d2a957b6ac88b2ddb6493cefaa09de5f16755e433a4e9e8235328ae963282be46af570454810818c785938899bcc57e882bdadeedc879e47b6862966a2ad4dad14224c4e376a817ec9e41d62fef71020514c9359e03d7c0a2699381789f5cb0da878f31de081638b10d400725192594ff39e5059a8c832484906efa9c3af184a9a63dc0f0a91f7670c8b1671595e65a0b4cbbb8b066b83e9aef40f2e328b611bc23c1168d40c5a22ec60426e2a89b64363e610b29153f76e8a3d228b457ec0619155b81b027cd840a4fbbe18ba8b67ec3f3e5fa80f1adf84a4e34f859d8ea5e3bd82131498e181e0211b131a66405d0af843ade72dd378ab52dcbbe049b720e20280162579ba0ac86401221d95c23eb92badbeed84f17dcf0eb6f9ca41e67ca9056657bf391c54478f45ec52dc345b064c24c8cda19aeeb6ea1cec5&cri=Z9b4Niilfm&ts=202&cb=1669291183280
54.75.69.192200 OK 43 B URL HTTP/2 pir.quietyellowday.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136ce7c53ceb46829e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c108f652017071a10acf9f29f67408a878e52283f1ef82c76028f6f8d67ce05620075c6530859300c0b93bd6a1b77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2d42710f0ea7db28327e0ea7fe4b2b84aaf17a95e153734e7afea1a0969e77b6cfc248b5038e523c64cded86a7b376cccee879cf774a91f3d633191ee9606cab8e1560f0dffc6b9d1aed12e79612c353d98d2a957b6ac88b2ddb6493cefaa09de5f16755e433a4e9e8235328ae963282be46af570454810818c785938899bcc57e882bdadeedc879e47b6862966a2ad4dad14224c4e376a817ec9e41d62fef71020514c9359e03d7c0a2699381789f5cb0da878f31de081638b10d400725192594ff39e5059a8c832484906efa9c3af184a9a63dc0f0a91f7670c8b1671595e65a0b4cbbb8b066b83e9aef40f2e328b611bc23c1168d40c5a22ec60426e2a89b64363e610b29153f76e8a3d228b457ec0619155b81b027cd840a4fbbe18ba8b67ec3f3e5fa80f1adf84a4e34f859d8ea5e3bd82131498e181e0211b131a66405d0af843ade72dd378ab52dcbbe049b720e20280162579ba0ac86401221d95c23eb92badbeed84f17dcf0eb6f9ca41e67ca9056657bf391c54478f45ec52dc345b064c24c8cda19aeeb6ea1cec5&cri=Z9b4Niilfm&ts=202&cb=1669291183280
IP 54.75.69.192:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00136ce7c53ceb46829e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c108f652017071a10acf9f29f67408a878e52283f1ef82c76028f6f8d67ce05620075c6530859300c0b93bd6a1b77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2d42710f0ea7db28327e0ea7fe4b2b84aaf17a95e153734e7afea1a0969e77b6cfc248b5038e523c64cded86a7b376cccee879cf774a91f3d633191ee9606cab8e1560f0dffc6b9d1aed12e79612c353d98d2a957b6ac88b2ddb6493cefaa09de5f16755e433a4e9e8235328ae963282be46af570454810818c785938899bcc57e882bdadeedc879e47b6862966a2ad4dad14224c4e376a817ec9e41d62fef71020514c9359e03d7c0a2699381789f5cb0da878f31de081638b10d400725192594ff39e5059a8c832484906efa9c3af184a9a63dc0f0a91f7670c8b1671595e65a0b4cbbb8b066b83e9aef40f2e328b611bc23c1168d40c5a22ec60426e2a89b64363e610b29153f76e8a3d228b457ec0619155b81b027cd840a4fbbe18ba8b67ec3f3e5fa80f1adf84a4e34f859d8ea5e3bd82131498e181e0211b131a66405d0af843ade72dd378ab52dcbbe049b720e20280162579ba0ac86401221d95c23eb92badbeed84f17dcf0eb6f9ca41e67ca9056657bf391c54478f45ec52dc345b064c24c8cda19aeeb6ea1cec5&cri=Z9b4Niilfm&ts=202&cb=1669291183280 HTTP/1.1
Host: pir.quietyellowday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Cookie: cg_uuid=9847e4056d168db591b5fe18658de31d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Thu, 24 Nov 2022 11:59:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
visitor.reactful.com/dist/main.rtfl.js
142.250.74.83200 OK 108 kB URL HTTP/1.1 visitor.reactful.com/dist/main.rtfl.js
IP 142.250.74.83:0
File type Unicode text, UTF-8 text, with very long lines (32002)
Size 108 kB (107826 bytes)
Hash 648d98ecbe7fbef8af9248674905cf74
053b7e52b0306bd63c9d7b5e1b8eb9f701844b48
79632289c3ad894bf09f27ac18e83356e67ad3c26986cde8ed017478c1bf0763
GET /dist/main.rtfl.js HTTP/1.1
Host: visitor.reactful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.133.14.77/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:59:43 GMT
Expires: Tue, 29 Nov 2022 11:59:43 GMT
Cache-Control: public, public, max-age=432000
ETag: "T5buNg"
X-Cloud-Trace-Context: 9310fc905906626b5be18ef17151499b
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Server: Google Frontend
Transfer-Encoding: chunked
deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/magicred/magicred_sml.jpg
54.230.245.31200 OK 11 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/magicred/magicred_sml.jpg
IP 54.230.245.31:0
File type JPEG image data, progressive, precision 8, 220x63, components 3\012- data
Hash ffedbdd2a85eb8264daacdff7ca2cbf4
72486d4c65cb9a2b4c5c83954c1f760da651878c
4615c08264b7388566f7c2eb9d4a640b0a68122f3a45859015765232a9e85d54
GET /sfsg/operator-logos/magicred/magicred_sml.jpg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10808
last-modified: Thu, 27 Oct 2022 08:02:23 GMT
x-amz-version-id: lp10IjJ9bBWy3ey_n4SykKoj7sjPiWA9
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 16:49:11 GMT
cache-control: max-age=691200
etag: "ffedbdd2a85eb8264daacdff7ca2cbf4"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5qw5zJXI4yqfiGNMy4GotEZeeXzXCwDW8zCUJB_wAy1ccOiD1k1z_A==
age: 69033
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/buzzbingo/buzzbingo_sml.jpg
54.230.245.31200 OK 2.6 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/buzzbingo/buzzbingo_sml.jpg
IP 54.230.245.31:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x63, components 3\012- data
Hash b4ba7a4d968144d7d08f0a5a3a2b8d78
2735f401bc7b2cd9d63f1100d584d8ac81cd37f1
d671caaadfc842ed93f84c57d1b0c90791264c7e7c39d916862e4ef2006149f6
GET /sfsg/operator-logos/buzzbingo/buzzbingo_sml.jpg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2583
last-modified: Thu, 16 Jul 2020 11:06:06 GMT
x-amz-version-id: 2ANfBO_v58Al9UTxE8fxInoqWkf_masf
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 21:16:24 GMT
cache-control: max-age=691200
etag: "b4ba7a4d968144d7d08f0a5a3a2b8d78"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PO4no8yYffxEuMDfFEzoM0IDqTz0vm9bkW9RzQZPk82z_G3S4V9Ozg==
age: 53000
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/lasvegascasino/lasvegascasino_sml.jpg
54.230.245.31200 OK 6.2 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/lasvegascasino/lasvegascasino_sml.jpg
IP 54.230.245.31:0
File type JPEG image data, progressive, precision 8, 220x63, components 3\012- data
Hash 1da04be2c4590b6d2ac6946959bf1302
55225887ade34d975848399181c3ff207a10923f
cf947aa269415b21b14dfdc830714d7007793df6ce9f9f0cf8e128a2875efbbe
GET /sfsg/operator-logos/lasvegascasino/lasvegascasino_sml.jpg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 6233
last-modified: Thu, 14 Jul 2022 11:34:59 GMT
x-amz-version-id: u_WzuYiNZBgmxInJDWLVbFt9KD8TTWAK
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 22:39:11 GMT
cache-control: max-age=691200
etag: "1da04be2c4590b6d2ac6946959bf1302"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hl6YlXjloiwOWIrk6cuGek-7rugafyuW7zsEjRFJp2BoSGmyyPUoew==
age: 48033
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/ladbrokes/ladbrokes_sml.jpg
54.230.245.31200 OK 7.7 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/ladbrokes/ladbrokes_sml.jpg
IP 54.230.245.31:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x63, components 3\012- data
Hash 19be2c18080b4ef24d23022fe74ad511
ed1df71d2e97acadd76b31d8a9a226f2439781a0
79cb352d4de00d643aa26ee9829849060c96341ce7fd83b9a458fd12b631e084
GET /sfsg/operator-logos/ladbrokes/ladbrokes_sml.jpg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 7726
last-modified: Mon, 22 Jun 2020 08:49:52 GMT
x-amz-version-id: JPbo.ttStgqzCKHvwp5uTSemIsxyF2TZ
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 16:49:12 GMT
cache-control: max-age=691200
etag: "19be2c18080b4ef24d23022fe74ad511"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5Mxj_bQkFXU2uII8aDdAbm1RjiSfiKy67CzDXYkLFQUD-BVfk_mCyw==
age: 69032
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/casino77/casino77_sml.jpg
54.230.245.31200 OK 18 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/casino77/casino77_sml.jpg
IP 54.230.245.31:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Macintosh), datetime=2022:11:18 08:54:46], baseline, precision 8, 220x63, components 3\012- data
Hash e0d5be69b9e43ce3a9d6b66b984b2146
437a7044740a5f30bcd4962679a9e3b3e83ffc5e
7542aa2ecc98f5685a37e42e0fe8f6b6e45f9c7bded9bbb5cf6d0249c2906e57
GET /sfsg/operator-logos/casino77/casino77_sml.jpg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 18505
last-modified: Fri, 18 Nov 2022 09:32:47 GMT
x-amz-version-id: hASeFw.NEoEDxP76rw4Z_5aYcCgV2xC0
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 22:39:11 GMT
cache-control: max-age=691200
etag: "e0d5be69b9e43ce3a9d6b66b984b2146"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tjV8Ka191tDaupmJtvldJs5uxdg_5l8-pQwZ6xtnC79uenwS9imUEQ==
age: 48033
X-Firefox-Spdy: h2
18.133.14.77/favicon.ico
18.133.14.77200 OK 299 B IP 18.133.14.77:0
File type MS Windows icon resource - 1 icon, 16x16\012- data
Hash a0ee91a0ed0e446279fb64eee5d59531
42572d009046e5c46528ba245a24535c571a55f2
e581f9b570c9bc3a62099010c3000a3aeb98adc97ccff180d09e2b9cea408246
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 18.133.14.77
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.133.14.77/
Cookie: _lsm_device=10; lsm_visit_count=1; lsmuid=rBEABGN/XK3CngALA73HAg==; _gcl_au=1.1.273614628.1669291183; _ga_94W5159N8N=GS1.1.1669291182.1.0.1669291182.0.0.0; _ga=GA1.1.579642307.1669291183; _cq_duid=1.1669291183.SQrrntVeksgfBI4X; _cq_suid=1.1669291183.nl7ekRdbiKsCMwz9
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: image/x-icon
Date: Thu, 24 Nov 2022 11:59:43 GMT
ETag: W/"634e70b4-57e"
Last-Modified: Tue, 18 Oct 2022 09:24:04 GMT
Server: nginx
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 299
Connection: keep-alive
deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/pokerstarscasino/pokerstarscasino_sml.jpg
54.230.245.31200 OK 226 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/pokerstarscasino/pokerstarscasino_sml.jpg
IP 54.230.245.31:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Macintosh), datetime=2020:08:21 11:27:24], baseline, precision 8, 220x63, components 3\012- data
Size 226 kB (226516 bytes)
Hash 6a5c6ec081f06a5fab76e8c8df65fafd
5031f1be5c0ece64ebd494da9d687803bb7d0563
dd8c6b3b6055781e93c976239b795805829708040dab1963703b2d7934a880ed
GET /sfsg/operator-logos/pokerstarscasino/pokerstarscasino_sml.jpg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 226516
last-modified: Fri, 21 Aug 2020 10:29:13 GMT
x-amz-version-id: xCDHf91umnDVqndvB3dmVVcxytqmq.dT
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 19:16:06 GMT
cache-control: max-age=691200
etag: "6a5c6ec081f06a5fab76e8c8df65fafd"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eLImFOxmgdRr0E_tR1hcmez84QyQ6nFM5cA4ugCu5eUis4F62buTwQ==
age: 60218
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.133.14.77/
HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 11421
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 09 Nov 2022 21:23:50 GMT
Accept-Ranges: bytes
ETag: "077538f81f4d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=27E2B9B25E2A68CF3D67ABD45F7D696C; domain=.bing.com; expires=Tue, 19-Dec-2023 11:59:43 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 59CFE83030D343F9AA66C5AA085C4699 Ref B: OSL30EDGE0412 Ref C: 2022-11-24T11:59:43Z
Date: Thu, 24 Nov 2022 11:59:43 GMT
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2818
Cache-Control: max-age=97907
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:43 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 15:11:30 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
deyg1c4zof44p.cloudfront.net/sfsg/wp-content/mobile/sfsglogo.png
54.230.245.31200 OK 2.9 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/wp-content/mobile/sfsglogo.png
IP 54.230.245.31:0
File type PNG image data, 325 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash c64215674e01bf34fbd5d4d66999f12c
b9e722761abaf84be258256c3b6ff4ed2fef8d63
37841ee169c4331108ea3588c18f2be16691cca0772f933a9cc95cb282c02302
GET /sfsg/wp-content/mobile/sfsglogo.png HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2882
last-modified: Tue, 21 Aug 2018 13:07:46 GMT
x-amz-version-id: KZtiuLk8NSJqdobfZd03_UceBUuZhpVm
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 11:59:43 GMT
cache-control: max-age=691200
etag: "c64215674e01bf34fbd5d4d66999f12c"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: my8-cWi2UWIleP6OMSeKTn5cdrTfkTXaYsscxQE6gkZ1821XEi282w==
age: 12754
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/videoslots/videoslots_sml.jpg
54.230.245.31200 OK 3.3 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/videoslots/videoslots_sml.jpg
IP 54.230.245.31:0
File type JPEG image data, baseline, precision 8, 220x63, components 3\012- data
Hash 7c69997703c15bd1e7a8a67a9dc4be57
a986027fd4e967b3d9f6aaa5c5173b894761379e
e5b5f3c837fa24680500e7f1eccfa4403f9fb450b91f6549d26f4054cae62703
GET /sfsg/operator-logos/videoslots/videoslots_sml.jpg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3323
last-modified: Wed, 24 Apr 2019 10:50:09 GMT
x-amz-version-id: sO0pVuN1VtpCIyOruA0DPV8xyczRSaR1
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 11:59:43 GMT
cache-control: max-age=691200
etag: "7c69997703c15bd1e7a8a67a9dc4be57"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5-JPgVW9Sdh5hlMyJTls7O30lazyvP0QOF-OPirV8P8o4V15npYiaA==
age: 72180
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/site-assets/safergambling_footer_logos/keepitfunplayitsafe_logo_white.svg
54.230.245.31200 OK 8.7 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/site-assets/safergambling_footer_logos/keepitfunplayitsafe_logo_white.svg
IP 54.230.245.31:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1292)
Hash abe1fe2a1491796258320ef5b6988004
65889163e4f06e2491c6035975de52ae78968cc0
894a5b2cc2599acbaf94a7a966be01e3ae926d8542cf551ec22fb9419a357444
GET /sfsg/site-assets/safergambling_footer_logos/keepitfunplayitsafe_logo_white.svg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 8653
last-modified: Thu, 29 Jul 2021 14:07:57 GMT
x-amz-version-id: MKjaBewPnwhRlURvslmsgMktyvRFgy9e
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 11:59:43 GMT
cache-control: max-age=691200
etag: "abe1fe2a1491796258320ef5b6988004"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0NVpUr4paEJV9kdeUlBViL8HUScWc8q2DXbrSVZnOLpX2YqXuUxHUw==
age: 16309
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/sfsg_site/gambleaware/gamble-aware_wh.svg
54.230.245.31200 OK 6.5 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/sfsg_site/gambleaware/gamble-aware_wh.svg
IP 54.230.245.31:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (745)
Hash 2775ddcdcb53f5d8a09611714807c195
8d2c73538f621efda9e767831010b39755a03f2b
4b4f39a3d0c39727f3d31fa3a289040f54c7c5cd2bfaf5a48407e193cf66630c
GET /sfsg/sfsg_site/gambleaware/gamble-aware_wh.svg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 6480
last-modified: Tue, 03 Aug 2021 14:59:15 GMT
x-amz-version-id: Fj1_h_oj2xW4zIyiNWMyVHBSKysbDXpO
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 02:56:56 GMT
cache-control: max-age=691200
etag: "2775ddcdcb53f5d8a09611714807c195"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: whakBt0GnJbPDVvKvfuNKGjRjBwwumg8kl_2ula8bcmnZHHZX0wl5w==
age: 32568
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/site-assets/safergambling_footer_logos/gamcare_helpline.svg
54.230.245.31200 OK 23 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/site-assets/safergambling_footer_logos/gamcare_helpline.svg
IP 54.230.245.31:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (22535)
Hash 014bc788b8b218d99c2a4a647f08569c
3f4eddca45e2165047c3d98c23b81a909e785ad5
771a24b0ac9cc6176033c6d457362f52d7c5313058139821f27c41a9a9f1a923
GET /sfsg/site-assets/safergambling_footer_logos/gamcare_helpline.svg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 22842
last-modified: Thu, 29 Jul 2021 14:08:00 GMT
x-amz-version-id: UfxJIML7pbkY2eoYs8RKsTS9FFZ4MgLg
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 11:59:43 GMT
cache-control: max-age=691200
etag: "014bc788b8b218d99c2a4a647f08569c"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s0kHUnen4JNoT-BIQOcYwcar8mToGeGw9vn9GeOIRROXzja6HKojSQ==
age: 22573
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/site-assets/safergambling_footer_logos/18%2B.svg
54.230.245.31200 OK 1.5 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/site-assets/safergambling_footer_logos/18%2B.svg
IP 54.230.245.31:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (563)
Hash 4e8633d5a0ba71d908edf371e3c19203
42ff8912962cdc2ac4b9de40b949aadebe0d7ee8
818395164fce66b619aa44e41cd612197aa4dfd0911251a50ecb3190fb83f61a
GET /sfsg/site-assets/safergambling_footer_logos/18%2B.svg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1519
last-modified: Thu, 29 Jul 2021 14:08:03 GMT
x-amz-version-id: Us.EZcrlZeGt7I4n4dvM3VKSP3UhTRR4
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 03:14:06 GMT
cache-control: max-age=691200
etag: "4e8633d5a0ba71d908edf371e3c19203"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x3quRJYS_rMRhceXH7GrqTJ99HrEAIHPgAWSFOc5G-Tl23m2kWKF3A==
age: 31538
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/site-assets/safergambling_footer_logos/gamblingtherapy.svg
54.230.245.31200 OK 7.5 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/site-assets/safergambling_footer_logos/gamblingtherapy.svg
IP 54.230.245.31:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (885)
Hash 8e334beeb2aec14639acb4c02f11f409
0d7615bc5ad838e4aa84d37874b5692acc222c8f
a2a4084a6cbe48f51a07b4905157ed95c89a44483f706963824fa19bf0c03021
GET /sfsg/site-assets/safergambling_footer_logos/gamblingtherapy.svg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 7544
last-modified: Thu, 29 Jul 2021 14:08:02 GMT
x-amz-version-id: i_joINmkEgLQDqIFppzyLrjzouR3FXh_
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 02:54:14 GMT
cache-control: max-age=691200
etag: "8e334beeb2aec14639acb4c02f11f409"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RudV4iqenfZ92eRu8LQPA8tTxyONhF3o77bKinDdazDyemDIxziJhw==
age: 32730
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/site-assets/safergambling_footer_logos/gamstoplogo.svg
54.230.245.31200 OK 4.6 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/site-assets/safergambling_footer_logos/gamstoplogo.svg
IP 54.230.245.31:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1784)
Hash 2cf9d9d5d39d9d265ea232b56400dec2
471c2d844d5265c47e38ff67c5a785abac887feb
b8d44f058a98f87e7cd93c569c0456983ddec3fff45209391222e2226eedaeaf
GET /sfsg/site-assets/safergambling_footer_logos/gamstoplogo.svg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4593
last-modified: Wed, 28 Jul 2021 15:44:57 GMT
x-amz-version-id: QD1kRRsVA6Kzf_DDcrOIfJE4uB0s50L_
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 11:59:43 GMT
cache-control: max-age=691200
etag: "2cf9d9d5d39d9d265ea232b56400dec2"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qv656maf_2J33q0S7yAn6o85PEL2yu8XDTt2vRm_QcYOvlFoO67N-w==
age: 12752
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 10:41:08 GMT
expires: Thu, 24 Nov 2022 12:41:08 GMT
cache-control: public, max-age=7200
age: 4715
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/mrvegas/mrvegas_sml.jpg
54.230.245.31200 OK 8.9 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/mrvegas/mrvegas_sml.jpg
IP 54.230.245.31:0
File type JPEG image data, progressive, precision 8, 220x63, components 3\012- data
Hash f95b9575698dedea28ec86ac4a3a8f6f
21dcb60569d414b7ab7e50e9eb8a36ab4c87b830
c40780da873766a5e96ae594d548d300a0cccc6aaa06278dc459305dbc68b2bd
GET /sfsg/operator-logos/mrvegas/mrvegas_sml.jpg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 8894
date: Thu, 24 Nov 2022 10:34:29 GMT
last-modified: Fri, 18 Nov 2022 13:51:51 GMT
etag: "f95b9575698dedea28ec86ac4a3a8f6f"
cache-control: max-age=691200
x-amz-version-id: We3DhmxC3QOb6qPjDEoJ6WxzT2lO98V.
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MGxddXdLd6y1A4anzdoKOj1xrPYGUVJrkyr6xAxX6zrZoF6FQLdZ4g==
age: 5115
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: FpMVfR3MyyiRj7qjkIMbJtAruW30scYA/05ivmCfhMvof1FWSOI6pVphSvfHkiKtXKXJiKqOoJL5WqJkXblkvg==
content-length: 27340
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 11:59:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Thu, 24 Nov 2022 11:59:43 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1675-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/skyvegas/skyvegas_sml.jpg
54.230.245.31200 OK 4.3 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/skyvegas/skyvegas_sml.jpg
IP 54.230.245.31:0
File type JPEG image data, baseline, precision 8, 220x63, components 3\012- data
Hash 7882798685fe2b065333fd6aa44c3ef0
ad9d80cb02c5b28ffb8df8516605f2b8e7594b37
c00081e262d1a17577d35a7a383b7432a54eec3aef72535b8ff67ddcd5d98a34
GET /sfsg/operator-logos/skyvegas/skyvegas_sml.jpg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4261
last-modified: Thu, 01 Oct 2020 07:58:10 GMT
x-amz-version-id: 7m.vsF7WjQBPwtEkBDsWVT3UarsjFQmP
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 21:43:34 GMT
cache-control: max-age=691200
etag: "7882798685fe2b065333fd6aa44c3ef0"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BeUE18ec0kpKQNAOc5CAPpynS-RryQ1huDNmhEYjWllPYZyx0YpGGw==
age: 51370
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/bwin/bwin_sml.jpg
54.230.245.31200 OK 10 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/bwin/bwin_sml.jpg
IP 54.230.245.31:0
File type JPEG image data, progressive, precision 8, 220x63, components 3\012- data
Hash 31e731aa3161c48c0e23a42e4d142812
ecb35face37ecb28d1ece4731a05d15ce95615e8
199a5b7db7ccd0c9e9a26e4c0b0c7dbcd3eccaf204d52a55a782aab68f8a5140
GET /sfsg/operator-logos/bwin/bwin_sml.jpg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10191
last-modified: Tue, 23 Aug 2022 09:30:56 GMT
x-amz-version-id: C50mreGz7fNGodroTlJmKauUsfpp2.uZ
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 22:31:13 GMT
cache-control: max-age=691200
etag: "31e731aa3161c48c0e23a42e4d142812"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lDcVcOAuxJuHBmx72E_MRekNRLR65T5VYOT3S2Xm8thJEGBwJEG1DA==
age: 48510
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/paddypowergames/paddypowergames_sml.jpg
54.230.245.31200 OK 13 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/paddypowergames/paddypowergames_sml.jpg
IP 54.230.245.31:0
File type JPEG image data, progressive, precision 8, 220x63, components 3\012- data
Hash 3c6f40f2720ec6dd04a3d974710031bf
55edce14594d04f89c94db26b934c982f65b6e85
2cf94508638e117bb90177dea3f34c8d2d7d91c77596d389057b044ecf3c6da6
GET /sfsg/operator-logos/paddypowergames/paddypowergames_sml.jpg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 12982
last-modified: Wed, 26 Jan 2022 15:40:40 GMT
x-amz-version-id: wUrvwg6c7kXEPiwOnPQejsoVgjCRtsKK
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 22:39:11 GMT
cache-control: max-age=691200
etag: "3c6f40f2720ec6dd04a3d974710031bf"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0lv7qw8JQk8tlQWH1ztjJl3tO57soptnqGsS-LCkzr0eKyUrYtUH7Q==
age: 48033
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/betfaircasino/betfaircasino_sml.jpg
54.230.245.31200 OK 6.4 kB URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/betfaircasino/betfaircasino_sml.jpg
IP 54.230.245.31:0
File type JPEG image data, baseline, precision 8, 220x63, components 3\012- data
Hash 9a6f2477dd8afdf8b7f05bad3361cc87
3b9bc67c2db89f8e4c54077288052947b61c0730
7cbffecde545ae6da6d1ef98eeffb35139b4b5abab69589598557128d69d46fb
GET /sfsg/operator-logos/betfaircasino/betfaircasino_sml.jpg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 6422
last-modified: Wed, 06 Mar 2019 14:21:51 GMT
x-amz-version-id: IY9menvEACGY2AT7p4PCNdkooMN64wIp
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 11:59:43 GMT
cache-control: max-age=691200
etag: "9a6f2477dd8afdf8b7f05bad3361cc87"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4cwfB2BkTj7pqAsZl8Q1lefL9gHPk3Q3wHhZw6qwZJRDeg_rBJOdIQ==
age: 5115
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2818
Cache-Control: max-age=97907
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:43 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 15:11:30 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3De38e2ea3-3d18-5566-b1ff-4545586d8815%26type%3D4%26m%3D3&ex-fch=416613&ex-src=https://www.superfreeslotgames.com/&ex-hargs=v%3D1.0%3Bc%3D7143589790602%3Bp%3DE38E2EA3-3D18-5566-B1FF-4545586D8815
67.220.228.203302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3De38e2ea3-3d18-5566-b1ff-4545586d8815%26type%3D4%26m%3D3&ex-fch=416613&ex-src=https://www.superfreeslotgames.com/&ex-hargs=v%3D1.0%3Bc%3D7143589790602%3Bp%3DE38E2EA3-3D18-5566-B1FF-4545586D8815
IP 67.220.228.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/iui3?d=forester-did&ex-fargs=%3Fid%3De38e2ea3-3d18-5566-b1ff-4545586d8815%26type%3D4%26m%3D3&ex-fch=416613&ex-src=https://www.superfreeslotgames.com/&ex-hargs=v%3D1.0%3Bc%3D7143589790602%3Bp%3DE38E2EA3-3D18-5566-B1FF-4545586D8815 HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Thu, 24 Nov 2022 11:59:43 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: Q2NY6MZ5740TN6EM2EBH
Set-Cookie: ad-id=A2yspz7CaUSGhoIqI_FyW6I|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jul-2023 11:59:43 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3De38e2ea3-3d18-5566-b1ff-4545586d8815%26type%3D4%26m%3D3&ex-fch=416613&ex-src=https://www.superfreeslotgames.com/&ex-hargs=v%3D1.0%3Bc%3D7143589790602%3Bp%3DE38E2EA3-3D18-5566-B1FF-4545586D8815&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ba3f91bb9fdab896351f4ac20ae6a446
eac012f008db67e6f224e8b5b977e6ffa31f48b2
4df0aa96071c41885abbd25f64a805f1693235e094e60077b40336fab9b84738
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 24 Nov 2022 11:59:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 23 Nov 2022 20:08:58 GMT
Expires: Thu, 24 Nov 2022 20:08:58 GMT
ETag: "eac012f008db67e6f224e8b5b977e6ffa31f48b2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ba3f91bb9fdab896351f4ac20ae6a446
eac012f008db67e6f224e8b5b977e6ffa31f48b2
4df0aa96071c41885abbd25f64a805f1693235e094e60077b40336fab9b84738
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 24 Nov 2022 11:59:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 23 Nov 2022 20:08:58 GMT
Expires: Thu, 24 Nov 2022 20:08:58 GMT
ETag: "eac012f008db67e6f224e8b5b977e6ffa31f48b2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 95f9d2fba40ffffced72e5fd789b5128
cb1898576a90da22bd41688277e47ab27feb479c
8c1163a9918a56a682fe39e6d3762cbf23316b2e99aa01dc40688049903d4753
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1928
Cache-Control: max-age=88034
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:44 GMT
Etag: "637e0a0a-13a"
Expires: Fri, 25 Nov 2022 12:26:58 GMT
Last-Modified: Wed, 23 Nov 2022 11:54:50 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
t.co/i/adsct?bci=3&eci=2&event_id=5c6a8370-a1d2-4385-9c69-17673100bbb5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=20a30e67-4b3f-4968-92e1-60c2c5151f42&tw_document_href=http%3A%2F%2F18.133.14.77%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8vzb&type=javascript&version=2.3.29
104.244.42.69200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=5c6a8370-a1d2-4385-9c69-17673100bbb5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=20a30e67-4b3f-4968-92e1-60c2c5151f42&tw_document_href=http%3A%2F%2F18.133.14.77%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8vzb&type=javascript&version=2.3.29
IP 104.244.42.69:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=5c6a8370-a1d2-4385-9c69-17673100bbb5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=20a30e67-4b3f-4968-92e1-60c2c5151f42&tw_document_href=http%3A%2F%2F18.133.14.77%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8vzb&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:59:43 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=fe9c3789-e52c-4dc4-8b9e-966690301d8d; Max-Age=63072000; Expires=Sat, 23 Nov 2024 11:59:44 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: ecca2f221d43e929
strict-transport-security: max-age=0
x-response-time: 104
x-connection-hash: 9e7b49d75c4b4e9a547e39895be073f5305e13846769f296a91bc846224b06ac
X-Firefox-Spdy: h2
aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3De38e2ea3-3d18-5566-b1ff-4545586d8815%26type%3D4%26m%3D3&ex-fch=416613&ex-src=https://www.superfreeslotgames.com/&ex-hargs=v%3D1.0%3Bc%3D7143589790602%3Bp%3DE38E2EA3-3D18-5566-B1FF-4545586D8815&dcc=t
67.220.228.203200 OK 43 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3De38e2ea3-3d18-5566-b1ff-4545586d8815%26type%3D4%26m%3D3&ex-fch=416613&ex-src=https://www.superfreeslotgames.com/&ex-hargs=v%3D1.0%3Bc%3D7143589790602%3Bp%3DE38E2EA3-3D18-5566-B1FF-4545586D8815&dcc=t
IP 67.220.228.203:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /s/iui3?d=forester-did&ex-fargs=%3Fid%3De38e2ea3-3d18-5566-b1ff-4545586d8815%26type%3D4%26m%3D3&ex-fch=416613&ex-src=https://www.superfreeslotgames.com/&ex-hargs=v%3D1.0%3Bc%3D7143589790602%3Bp%3DE38E2EA3-3D18-5566-B1FF-4545586D8815&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18.133.14.77/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Thu, 24 Nov 2022 11:59:44 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: FCHWNG10GYM51CA578T8
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
visitor.reactful.com/config/612916/?page=%2F&hash=&referer=&user_id=&hshkgid=bb2efcbf-0225-4123-b873-318a0cf9e73a&cb_rtfl=_rtfl_jsonp_0
142.250.74.83200 OK 0 B URL HTTP/2 visitor.reactful.com/config/612916/?page=%2F&hash=&referer=&user_id=&hshkgid=bb2efcbf-0225-4123-b873-318a0cf9e73a&cb_rtfl=_rtfl_jsonp_0
IP 142.250.74.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /config/612916/?page=%2F&hash=&referer=&user_id=&hshkgid=bb2efcbf-0225-4123-b873-318a0cf9e73a&cb_rtfl=_rtfl_jsonp_0 HTTP/1.1
Host: visitor.reactful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: url-params-data
Referer: http://18.133.14.77/
Origin: http://18.133.14.77
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-origin: http://18.133.14.77
access-control-allow-methods: GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Six-Sense-Data, Custom-Vars-Data, Url-Params-Data
content-type: text/javascript
set-cookie: unique_visitor_session=eyJfc2lkIjoiYzVTZ2JDclNkOEtIVE9FbVJnSHJxeiJ9|1669291184|e35f7e36bae8014edf81db1f788e81a27daeffd0; Max-Age=315359999; Path=/; expires=Sun, 21-Nov-2032 11:59:44 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
x-cloud-trace-context: 26f3caedafded8a76c196531a96477bc
date: Thu, 24 Nov 2022 11:59:44 GMT
server: Google Frontend
content-length: 0
expires: Thu, 24 Nov 2022 11:59:44 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=143000722&Ver=2&mid=c78be581-ed38-490f-8ba3-fd78f083cc78&sid=7bc47d406bef11eda328a561da1e1b26&vid=7bc4b0406bef11eda1ebd114be458ed4&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=216994
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=143000722&Ver=2&mid=c78be581-ed38-490f-8ba3-fd78f083cc78&sid=7bc47d406bef11eda328a561da1e1b26&vid=7bc4b0406bef11eda1ebd114be458ed4&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=216994
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=143000722&Ver=2&mid=c78be581-ed38-490f-8ba3-fd78f083cc78&sid=7bc47d406bef11eda328a561da1e1b26&vid=7bc4b0406bef11eda1ebd114be458ed4&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=216994 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2BD9DCDA31E566DF0006CEBC30B2672F; domain=.bing.com; expires=Tue, 19-Dec-2023 11:59:44 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D5F99BCE89A940858F5BBDD1AF118D6E Ref B: OSL30EDGE0406 Ref C: 2022-11-24T11:59:44Z
date: Thu, 24 Nov 2022 11:59:43 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d9a959d78bbdd08b2a5891f00187d637
a09c3a752f9cc07d3b986e98107f69ffdaacd7e5
e5d2937be537fe06582408a08744e674ec8b7607940b6af117edca1f8388e392
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4606
Cache-Control: max-age=131740
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:44 GMT
Etag: "637eaa4e-139"
Expires: Sat, 26 Nov 2022 00:35:24 GMT
Last-Modified: Wed, 23 Nov 2022 23:18:38 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
bat.bing.com/action/0?ti=143000722&Ver=2&mid=c78be581-ed38-490f-8ba3-fd78f083cc78&sid=7bc47d406bef11eda328a561da1e1b26&vid=7bc4b0406bef11eda1ebd114be458ed4&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Super%20Free%20Slot%20Games&p=http%3A%2F%2F18.133.14.77%2F&r=<=3184&evt=pageLoad&sv=1&rn=131390
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=143000722&Ver=2&mid=c78be581-ed38-490f-8ba3-fd78f083cc78&sid=7bc47d406bef11eda328a561da1e1b26&vid=7bc4b0406bef11eda1ebd114be458ed4&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Super%20Free%20Slot%20Games&p=http%3A%2F%2F18.133.14.77%2F&r=<=3184&evt=pageLoad&sv=1&rn=131390
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=143000722&Ver=2&mid=c78be581-ed38-490f-8ba3-fd78f083cc78&sid=7bc47d406bef11eda328a561da1e1b26&vid=7bc4b0406bef11eda1ebd114be458ed4&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Super%20Free%20Slot%20Games&p=http%3A%2F%2F18.133.14.77%2F&r=<=3184&evt=pageLoad&sv=1&rn=131390 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0F05436BC58C6D3E262B510DC4DB6CD8; domain=.bing.com; expires=Tue, 19-Dec-2023 11:59:44 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F281F9B379D64F50A361D22E1340748F Ref B: OSL30EDGE0406 Ref C: 2022-11-24T11:59:44Z
date: Thu, 24 Nov 2022 11:59:43 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/143000722.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/143000722.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/143000722.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=0EC9243E1B5C662936DF36581A0B6777; domain=.bing.com; expires=Tue, 19-Dec-2023 11:59:44 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E97BC882162D4519877AA9654C0AC449 Ref B: OSL30EDGE0406 Ref C: 2022-11-24T11:59:44Z
date: Thu, 24 Nov 2022 11:59:43 GMT
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11806137-17&cid=579642307.1669291183&jid=1035656066&gjid=657910826&_gid=1658965649.1669291184&_u=YADAAAAAAAAAAC~&z=945293499
142.251.1.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11806137-17&cid=579642307.1669291183&jid=1035656066&gjid=657910826&_gid=1658965649.1669291184&_u=YADAAAAAAAAAAC~&z=945293499
IP 142.251.1.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11806137-17&cid=579642307.1669291183&jid=1035656066&gjid=657910826&_gid=1658965649.1669291184&_u=YADAAAAAAAAAAC~&z=945293499 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://18.133.14.77
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://18.133.14.77
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Nov 2022 11:59:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=5c6a8370-a1d2-4385-9c69-17673100bbb5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=20a30e67-4b3f-4968-92e1-60c2c5151f42&tw_document_href=http%3A%2F%2F18.133.14.77%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8vzb&type=javascript&version=2.3.29
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=5c6a8370-a1d2-4385-9c69-17673100bbb5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=20a30e67-4b3f-4968-92e1-60c2c5151f42&tw_document_href=http%3A%2F%2F18.133.14.77%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8vzb&type=javascript&version=2.3.29
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=5c6a8370-a1d2-4385-9c69-17673100bbb5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=20a30e67-4b3f-4968-92e1-60c2c5151f42&tw_document_href=http%3A%2F%2F18.133.14.77%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8vzb&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:59:44 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_H3aEWYOp7uI2ASuWPtKSZw=="; Max-Age=63072000; Expires=Sat, 23 Nov 2024 11:59:44 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: d8f9316f9362c517
strict-transport-security: max-age=631138519
x-response-time: 109
x-connection-hash: b077d80a2397aceee2616b7b80ba0d204befa73175f95d19f0898683628fb3e2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pir.quietyellowday.com/mon
54.75.69.192200 OK 0 B URL HTTP/2 pir.quietyellowday.com/mon
IP 54.75.69.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: pir.quietyellowday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1359
Origin: http://18.133.14.77
Connection: keep-alive
Referer: http://18.133.14.77/
Cookie: cg_uuid=9847e4056d168db591b5fe18658de31d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: http://18.133.14.77
content-type: application/json
date: Thu, 24 Nov 2022 11:59:44 GMT
content-length: 0
X-Firefox-Spdy: h2
pir.quietyellowday.com/mon
54.75.69.192200 OK 0 B URL HTTP/2 pir.quietyellowday.com/mon
IP 54.75.69.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: pir.quietyellowday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1354
Origin: http://18.133.14.77
Connection: keep-alive
Referer: http://18.133.14.77/
Cookie: cg_uuid=9847e4056d168db591b5fe18658de31d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: http://18.133.14.77
content-type: application/json
date: Thu, 24 Nov 2022 11:59:44 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=311124155947827&ev=PageView&dl=http%3A%2F%2F18.133.14.77%2F&rl=&if=false&ts=1669291184229&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.3.1669291184227.474815992&it=1669291183696&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=311124155947827&ev=PageView&dl=http%3A%2F%2F18.133.14.77%2F&rl=&if=false&ts=1669291184229&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.3.1669291184227.474815992&it=1669291183696&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=311124155947827&ev=PageView&dl=http%3A%2F%2F18.133.14.77%2F&rl=&if=false&ts=1669291184229&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.3.1669291184227.474815992&it=1669291183696&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Nov 2022 11:59:44 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=311124155947827&ev=CHEQ&dl=http%3A%2F%2F18.133.14.77%2F&rl=&if=false&ts=1669291184234&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.3.1669291184227.474815992&it=1669291183696&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=311124155947827&ev=CHEQ&dl=http%3A%2F%2F18.133.14.77%2F&rl=&if=false&ts=1669291184234&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.3.1669291184227.474815992&it=1669291183696&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=311124155947827&ev=CHEQ&dl=http%3A%2F%2F18.133.14.77%2F&rl=&if=false&ts=1669291184234&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.3.1669291184227.474815992&it=1669291183696&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Nov 2022 11:59:44 GMT
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11806137-17&cid=579642307.1669291183&jid=1035656066&_u=YADAAAAAAAAAAC~&z=1775317727
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11806137-17&cid=579642307.1669291183&jid=1035656066&_u=YADAAAAAAAAAAC~&z=1775317727
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11806137-17&cid=579642307.1669291183&jid=1035656066&_u=YADAAAAAAAAAAC~&z=1775317727 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 11:59:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11806137-17&cid=579642307.1669291183&jid=1035656066&_u=YADAAAAAAAAAAC~&z=1775317727
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11806137-17&cid=579642307.1669291183&jid=1035656066&_u=YADAAAAAAAAAAC~&z=1775317727
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11806137-17&cid=579642307.1669291183&jid=1035656066&_u=YADAAAAAAAAAAC~&z=1775317727 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 11:59:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
visitor.reactful.com/config/612916/?page=%2F&hash=&referer=&user_id=&hshkgid=bb2efcbf-0225-4123-b873-318a0cf9e73a&cb_rtfl=_rtfl_jsonp_0
142.250.74.83200 OK 2.6 kB URL HTTP/2 visitor.reactful.com/config/612916/?page=%2F&hash=&referer=&user_id=&hshkgid=bb2efcbf-0225-4123-b873-318a0cf9e73a&cb_rtfl=_rtfl_jsonp_0
IP 142.250.74.83:0
Hash b1283fabe8a90ad25bcd20eb1376e5a7
c6edca0c9d790d465958fd83275f6f68078a5242
c52b1aaf487a703d980d76610d9c501732b842d4085ee15b51353bdc8acfd526
GET /config/612916/?page=%2F&hash=&referer=&user_id=&hshkgid=bb2efcbf-0225-4123-b873-318a0cf9e73a&cb_rtfl=_rtfl_jsonp_0 HTTP/1.1
Host: visitor.reactful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Url-Params-Data: e30=
Origin: http://18.133.14.77
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-origin: http://18.133.14.77
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: Six-Sense-Data,Custom-Vars-Data,Url-Params-Data
set-cookie: unique_visitor_session=eyJfc2lkIjoiYzVTZ2JDclNkOEtIVE9FbVJnSHJxeiJ9|1669291186|6b56592d137dd8d92627548a534abb5f964b09f3; Max-Age=315359999; Path=/; expires=Sun, 21-Nov-2032 11:59:46 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-encoding: gzip
x-cloud-trace-context: fcb8ef30972d0b701d681ad83caac842
vary: Accept-Encoding
date: Thu, 24 Nov 2022 11:59:46 GMT
server: Google Frontend
content-length: 2606
expires: Thu, 24 Nov 2022 11:59:46 GMT
X-Firefox-Spdy: h2
pir.quietyellowday.com/mon
54.75.69.192200 OK 0 B URL HTTP/2 pir.quietyellowday.com/mon
IP 54.75.69.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: pir.quietyellowday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1354
Origin: http://18.133.14.77
Connection: keep-alive
Referer: http://18.133.14.77/
Cookie: cg_uuid=9847e4056d168db591b5fe18658de31d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: http://18.133.14.77
content-type: application/json
date: Thu, 24 Nov 2022 11:59:46 GMT
content-length: 0
X-Firefox-Spdy: h2
tracking.reactful.com/tracking/612916/
142.250.74.83200 OK 26 B URL HTTP/2 tracking.reactful.com/tracking/612916/
IP 142.250.74.83:0
File type ASCII text, with no line terminators
Hash 5140104b46d1303084d20ccf007eee61
896b8454761c1016611b80178caa901e8ee68b94
6259dca9c067673271e39880575ca69998222c84457f653a9aed867cf21af526
POST /tracking/612916/ HTTP/1.1
Host: tracking.reactful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 518
Origin: http://18.133.14.77
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache
access-control-allow-origin: *
content-encoding: gzip
x-cloud-trace-context: e16aff46e9ab85f2c6ff8e95c80f24a2
vary: Accept-Encoding
date: Thu, 24 Nov 2022 11:59:46 GMT
server: Google Frontend
content-length: 26
X-Firefox-Spdy: h2
pir.quietyellowday.com/mon
54.75.69.192200 OK 0 B URL HTTP/2 pir.quietyellowday.com/mon
IP 54.75.69.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: pir.quietyellowday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1354
Origin: http://18.133.14.77
Connection: keep-alive
Referer: http://18.133.14.77/
Cookie: cg_uuid=9847e4056d168db591b5fe18658de31d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: http://18.133.14.77
content-type: application/json
date: Thu, 24 Nov 2022 11:59:48 GMT
content-length: 0
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-694751.js?sv=7
143.204.55.54200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-694751.js?sv=7
IP 143.204.55.54:0
GET /c/hotjar-694751.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 11:59:02 GMT
cache-control: max-age=60
etag: W/528b2e9286cf0f23e5c967439217023c
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bk6buQQvxUQsBxBKpOwKe1UOAGqhfFa38QPdc9jYxLX5uptaMJe4Ig==
age: 41
X-Firefox-Spdy: h2
deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/winbritish/winbritish_sml.jpg
54.230.245.31200 OK 0 B URL HTTP/2 deyg1c4zof44p.cloudfront.net/sfsg/operator-logos/winbritish/winbritish_sml.jpg
IP 54.230.245.31:0
GET /sfsg/operator-logos/winbritish/winbritish_sml.jpg HTTP/1.1
Host: deyg1c4zof44p.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 224109
last-modified: Wed, 15 Jan 2020 08:51:04 GMT
x-amz-version-id: 4VwmnCGVk6Rt9ub5iVOLMMGuqePYW7lL
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 22:31:13 GMT
cache-control: max-age=691200
etag: "d6a56c0d729bfe1757e1bda53d1aa99d"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ql2URkGjWdtCqNVkz36Btre_Z8ENNypl-iv_zLNJKUGSpV_WeNFTPw==
age: 48511
X-Firefox-Spdy: h2
gtm.lsmnetwork.com/g/collect?v=2&tid=G-94W5159N8N>m=2oeb90&_p=857617659&cid=579642307.1669291183&ul=en-us&sr=1280x1024&_fplc=0&_uc=NO&_s=1&sid=1669291182&sct=1&seg=0&dl=http%3A%2F%2F18.133.14.77%2F&dt=Super%20Free%20Slot%20Games&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Source%20URL=http%3A%2F%2F18.133.14.77%2F&ep.facebook_pixel_id=311124155947827&ep.user_data.email=Not%20Set&ep.user_data._tag_mode=MANUAL&richsstsse
216.239.32.21200 OK 0 B URL HTTP/2 gtm.lsmnetwork.com/g/collect?v=2&tid=G-94W5159N8N>m=2oeb90&_p=857617659&cid=579642307.1669291183&ul=en-us&sr=1280x1024&_fplc=0&_uc=NO&_s=1&sid=1669291182&sct=1&seg=0&dl=http%3A%2F%2F18.133.14.77%2F&dt=Super%20Free%20Slot%20Games&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Source%20URL=http%3A%2F%2F18.133.14.77%2F&ep.facebook_pixel_id=311124155947827&ep.user_data.email=Not%20Set&ep.user_data._tag_mode=MANUAL&richsstsse
IP 216.239.32.21:0
GET /g/collect?v=2&tid=G-94W5159N8N>m=2oeb90&_p=857617659&cid=579642307.1669291183&ul=en-us&sr=1280x1024&_fplc=0&_uc=NO&_s=1&sid=1669291182&sct=1&seg=0&dl=http%3A%2F%2F18.133.14.77%2F&dt=Super%20Free%20Slot%20Games&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Source%20URL=http%3A%2F%2F18.133.14.77%2F&ep.facebook_pixel_id=311124155947827&ep.user_data.email=Not%20Set&ep.user_data._tag_mode=MANUAL&richsstsse HTTP/1.1
Host: gtm.lsmnetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://18.133.14.77
Connection: keep-alive
Referer: http://18.133.14.77/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:59:43 GMT
content-type: text/plain
vary: Accept-Encoding
set-cookie: FPLC=hP4s0K7CcGgT65p3bRtN0dRLQVUCBaXu7FJkHvE7r5CdYfvEAHY8N2TIW8JUWoN1Ec%2BYzpS41zKnvD9x4R2CeKqKr%2BYG%2BIJmG8kwBZEpvtMVZP1xsHdc%2BMOgIurlcg%3D%3D; Max-Age=72000; Domain=14.77; Path=/; Secure
FPID=FPID2.2.iN7uB1gLpfD25Q8DyI27vOdwstPRE%2FxWvv%2BnVM%2Fyejo%3D.1669291183; Max-Age=63072000; Domain=14.77; Path=/; Secure; HttpOnly
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-origin: http://18.133.14.77
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=c1g5bvc&ref=http%3A%2F%2F18.133.14.77%2F&upid=ffympfn&upv=1.1.0
3.33.220.150302 Found 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=c1g5bvc&ref=http%3A%2F%2F18.133.14.77%2F&upid=ffympfn&upv=1.1.0
IP 3.33.220.150:0
GET /track/up?adv=c1g5bvc&ref=http%3A%2F%2F18.133.14.77%2F&upid=ffympfn&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18.133.14.77/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 11:59:45 GMT
content-type: text/html; charset=utf-8
location: https://match.adsrvr.org/track/upb/?adv=c1g5bvc&ref=http%3A%2F%2F18.133.14.77%2F&upid=ffympfn&upv=1.1.0
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=6d8b9d23-ad45-4966-8830-fa7754c31c11; domain=.adsrvr.org; expires=Fri, 24-Nov-2023 11:59:45 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
match.adsrvr.org/track/upb/?adv=c1g5bvc&ref=http%3A%2F%2F18.133.14.77%2F&upid=ffympfn&upv=1.1.0
3.33.220.150200 OK 0 B URL HTTP/2 match.adsrvr.org/track/upb/?adv=c1g5bvc&ref=http%3A%2F%2F18.133.14.77%2F&upid=ffympfn&upv=1.1.0
IP 3.33.220.150:0
GET /track/upb/?adv=c1g5bvc&ref=http%3A%2F%2F18.133.14.77%2F&upid=ffympfn&upv=1.1.0 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18.133.14.77/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:59:45 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2