r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 408d1564e8f59e6626e41be4106ce2e6
4149a1f17e8f7c446e7aa4963f3a49b6a00b6164
46e2e79c7977854058dec9cde88f963dd498dd235c3bb15b39a9e5ce1027d7fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E2E79C7977854058DEC9CDE88F963DD498DD235C3BB15B39A9E5CE1027D7FE"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10459
Expires: Thu, 09 Feb 2023 13:55:53 GMT
Date: Thu, 09 Feb 2023 11:01:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12242
Expires: Thu, 09 Feb 2023 14:25:36 GMT
Date: Thu, 09 Feb 2023 11:01:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5421
Expires: Thu, 09 Feb 2023 12:31:55 GMT
Date: Thu, 09 Feb 2023 11:01:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 10:34:15 GMT
content-type: application/json
age: 1640
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: S6P6IRMwFACgm6r2TVgqEK6BiUcDrmT+fKgrTmhYGT/o1iQtFuRNcR4hoqhJ+T7lm0GCNVc9bfY=
x-amz-request-id: CGD0J38DM8PZ5J5W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 10:46:22 GMT
age: 913
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 11:01:35 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 10:14:53 GMT
age: 2802
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11388
Expires: Thu, 09 Feb 2023 14:11:23 GMT
Date: Thu, 09 Feb 2023 11:01:35 GMT
Connection: keep-alive
push.services.mozilla.com/
52.39.11.89101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.11.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: k1BMKyKJpi1LuIXRKcbzkA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6THQsBEnNcr7qShsFnCg9bbEJSA=
beazfeeds.xyz/uncategorized/cloud-computing
176.9.84.42301 Moved Permanently 20 B URL HTTP/1.1 beazfeeds.xyz/uncategorized/cloud-computing
IP 176.9.84.42:0
ASN #24940 Hetzner Online GmbH
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /uncategorized/cloud-computing HTTP/1.1
Host: beazfeeds.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/8.1.14
content-type: text/html; charset=UTF-8
x-pingback: http://beazfeeds.xyz/xmlrpc.php
x-redirect-by: WordPress
location: http://beazfeeds.xyz/uncategorized/cloud-computing/
vary: Accept-Encoding
content-length: 20
content-encoding: gzip
date: Thu, 09 Feb 2023 11:01:36 GMT
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13752
Expires: Thu, 09 Feb 2023 14:50:49 GMT
Date: Thu, 09 Feb 2023 11:01:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13752
Expires: Thu, 09 Feb 2023 14:50:49 GMT
Date: Thu, 09 Feb 2023 11:01:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13752
Expires: Thu, 09 Feb 2023 14:50:49 GMT
Date: Thu, 09 Feb 2023 11:01:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ead57d-06ef-4e5b-9d45-4c0ed94ff0f7.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ead57d-06ef-4e5b-9d45-4c0ed94ff0f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa8bb3f20238f62a7a6ebb5d0985192a
f6b3839bfb0cf51d63e9eff2de402495906cd19b
db5ad61fdd000a13b6c8952d1614a6ab18e5f7104270d6471df96f773dacf4e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ead57d-06ef-4e5b-9d45-4c0ed94ff0f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 92d41e06-632b-43f9-828e-268bc024875c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiGuESYIAMFc_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e416f7-599e0f7d327a69921d447f7e;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:41:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ouX4yFdSvKvEUowCAqs8iTO2SOZuEFa2dGuMDeb_pygK0DbvS8XlHg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:10:46 GMT
age: 46251
etag: "f6b3839bfb0cf51d63e9eff2de402495906cd19b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 12:41:28 GMT
age: 80409
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9203cfb9f0c1c958dd008eac55a9d3c4
6bdd1047590dd3fb54c15d5d6d38e7c86274b203
09770229be5ff3037708543e3204c66de84253b3a858a83a0e1672a04c0e9cb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11760
x-amzn-requestid: b2863a01-4714-4554-a478-5402467b3448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKHc_oAMFwlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-1c5a3edf37bc7cc937c800d2;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: y-1zzLzVegi0T-SAyTpUuFD6iVVYbuL5u71dc74BY2l7PrxVu-am5w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:37 GMT
etag: "6bdd1047590dd3fb54c15d5d6d38e7c86274b203"
content-type: image/jpeg
age: 48420
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce710ab5746832fe637fada3e6d63abf
d545c85d4a8cf92dc8b88db0a056623d1ef7a943
40bae4a2fb9dd60e9339d15ad0838f3ca83b5b6275c35cd22878b6783fcd6247
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 7e2b1875-ecf9-4ee9-8d5a-a911fdd28d16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AColKGwOIAMFyqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e42153-097b982244d3ad7b6f49a392;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 22:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Uvdg9MhYDsR9aC-s_chZDKp7_5RzhQfTwXZ0epZVW7TUVdrdADUEfQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 03:49:25 GMT
age: 25932
etag: "d545c85d4a8cf92dc8b88db0a056623d1ef7a943"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 113363afa7cfd484dbc115a9f44c1723
2f9dfb845aa919a51a0b5fa9a824ac4845f669be
a91a045600ef2fdebd582ce453a85f7ce0c9f8be7258baf311d0d940de027c20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4308
x-amzn-requestid: 2d4ce596-9a69-4394-8e10-cd5c54687a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzKZ0F2DoAMF6nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddf10b-6c4fabe01360b8781bdd8e06;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 05:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GnbG_CYddidhGlygFinwMyN81eHxP_vRzxsm7QBIAJzFqwaKTt-POQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:44 GMT
age: 48413
etag: "2f9dfb845aa919a51a0b5fa9a824ac4845f669be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa089b5-b6af-40bb-98d7-cfce928d0761.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa089b5-b6af-40bb-98d7-cfce928d0761.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0e9c6d739031209088f6dbbf08f19e59
649a29bfcc9fa92c656231bad3ce41e88c4037a6
520f00562077664a006b427c200a9f3c42dbeba3fed67bdc61537e71adcf6fc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa089b5-b6af-40bb-98d7-cfce928d0761.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9872
x-amzn-requestid: 62e9b3ff-7a27-4d74-90b0-ef7aeabaad39
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f53QlGE4oAMF53A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e09f36-79e1ef9f3c167abb05cfefd4;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 06:33:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: i887GcI8RbG4H_MBORz2PmKh4q33pZ2jLz1f4MZNbolHX4b9O_f-aw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 23:57:48 GMT
age: 39829
etag: "649a29bfcc9fa92c656231bad3ce41e88c4037a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
beazfeeds.xyz/uncategorized/cloud-computing/
176.9.84.42200 OK 41 kB URL HTTP/1.1 beazfeeds.xyz/uncategorized/cloud-computing/
IP 176.9.84.42:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9876), with CRLF, LF line terminators
Hash 75101e4733742acb26a981f6e294be87
635b090722aa840d93729c0d5aa8e1d92a4e7273
5301a14a79b42ffd26f19779ecf896e1220cdd74272ff4a701436f71faa6ff78
GET /uncategorized/cloud-computing/ HTTP/1.1
Host: beazfeeds.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/8.1.14
content-type: text/html; charset=UTF-8
x-pingback: http://beazfeeds.xyz/xmlrpc.php
link: <https://beazfeeds.xyz/wp-json/>; rel="https://api.w.org/", <https://beazfeeds.xyz/wp-json/wp/v2/posts/5>; rel="alternate"; type="application/json", <https://beazfeeds.xyz/?p=5>; rel=shortlink
vary: Accept-Encoding
content-length: 40896
content-encoding: gzip
date: Thu, 09 Feb 2023 11:01:38 GMT
beazfeeds.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
176.9.84.42200 OK 12 kB URL HTTP/1.1 beazfeeds.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 176.9.84.42:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (47826)
Hash 45b3843596f3eda24398e2c1f68ee268
4ad9a0e6ed85ca57c5d134aa5ca546e19910640d
f2784720bca9efcc4c4c3ab35d5fa3b523eb1915acc04a53273559907d352e36
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: beazfeeds.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/uncategorized/cloud-computing/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 11:01:38 GMT
content-type: text/css
last-modified: Fri, 11 Nov 2022 14:56:46 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12489
date: Thu, 09 Feb 2023 11:01:38 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
beazfeeds.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
176.9.84.42200 OK 5.0 kB URL HTTP/1.1 beazfeeds.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 176.9.84.42:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (15660)
Hash 848f9aadf194f3d024a2a90dbd11e3b5
aecd4b03b5a7829c6ca015d926798dc95e4fa912
36ff79b2f6827e46be1df95ff739e536718c0ee4fc09462678b32d7abd60fc6c
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: beazfeeds.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/uncategorized/cloud-computing/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 11:01:38 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 05:56:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5021
date: Thu, 09 Feb 2023 11:01:38 GMT
beazfeeds.xyz/wp-includes/js/comment-reply.min.js?ver=6.1.1
176.9.84.42200 OK 1.3 kB URL HTTP/1.1 beazfeeds.xyz/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 176.9.84.42:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2946)
Hash 1cfd4f485ffd20e7ee7693364fef33f9
a8c5d35ad20664ccfe03d7acfcbdb0a1e28d3fd8
b433efd57400d409a207820e22b93662fa48a0737a96eb44a4c6ce3b46ee7403
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: beazfeeds.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/uncategorized/cloud-computing/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 11:01:38 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1349
date: Thu, 09 Feb 2023 11:01:38 GMT
beazfeeds.xyz/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=693
176.9.84.42200 OK 5.3 kB URL HTTP/1.1 beazfeeds.xyz/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=693
IP 176.9.84.42:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (14432), with no line terminators
Hash b71b755d4735a47755232dafdc9fb836
30836705df1bc81f54ad48c0c374304104122904
32f1f006bfadf426d0d8eccc565136e115993ffe90c3ef24547ae3226c63c142
GET /wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=693 HTTP/1.1
Host: beazfeeds.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/uncategorized/cloud-computing/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 11:01:38 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 04:43:16 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5330
date: Thu, 09 Feb 2023 11:01:38 GMT
beazfeeds.xyz/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.5.1
176.9.84.42200 OK 2.6 kB URL HTTP/1.1 beazfeeds.xyz/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.5.1
IP 176.9.84.42:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (7116)
Hash b7d12406cf565cff3bcfbe1fad51f074
edfe6c174e89453510c45692cd80b66fceeccc15
face14902c5d4e304e8ff1b6c799f07abe85f5934f7a7c95e79f24db9c5f5df8
GET /wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.5.1 HTTP/1.1
Host: beazfeeds.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/uncategorized/cloud-computing/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 11:01:38 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 12:17:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2601
date: Thu, 09 Feb 2023 11:01:38 GMT
www.googletagmanager.com/gtag/js?id=UA-255879970-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-255879970-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash a0a0cee10f50ec5f2108d94890dab34d
124c27b2db5d4fe253f9240183df0b814b3658b3
bc860979757fe3e724d1dda81fd22c5fdba58d936e8533d808b55fb3829412a3
GET /gtag/js?id=UA-255879970-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://beazfeeds.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 11:01:38 GMT
expires: Thu, 09 Feb 2023 11:01:38 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44088
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
beazfeeds.xyz/wp-includes/css/classic-themes.min.css?ver=1
176.9.84.42200 OK 188 B URL HTTP/1.1 beazfeeds.xyz/wp-includes/css/classic-themes.min.css?ver=1
IP 176.9.84.42:0
ASN #24940 Hetzner Online GmbH
Hash 8ac085745a5bcc97c54f8088973df029
4e065566e82d4623d0f5b4d9275d3ee29e15acd1
a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: beazfeeds.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/uncategorized/cloud-computing/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 11:01:38 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 188
date: Thu, 09 Feb 2023 11:01:38 GMT
beazfeeds.xyz/wp-content/themes/neve/style-main-new.min.css?ver=3.5.1
176.9.84.42200 OK 8.5 kB URL HTTP/1.1 beazfeeds.xyz/wp-content/themes/neve/style-main-new.min.css?ver=3.5.1
IP 176.9.84.42:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (38877), with no line terminators
Hash 7a33c113972658aae0032f176c465d8d
98347d354e5e62abac7f6abef1fcea40bc02da30
8dada0c3a1054a758208115c01f3b5db562a2c2d78ca4a8bcf7e4c232621480b
GET /wp-content/themes/neve/style-main-new.min.css?ver=3.5.1 HTTP/1.1
Host: beazfeeds.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/uncategorized/cloud-computing/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 11:01:38 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 12:17:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 8450
date: Thu, 09 Feb 2023 11:01:38 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pl18374803.highcpmrevenuenetwork.com/6595693a81f37a16a4ecaa202b63b8ae/invoke.js
173.233.137.36200 OK 9.3 kB URL HTTP/1.1 pl18374803.highcpmrevenuenetwork.com/6595693a81f37a16a4ecaa202b63b8ae/invoke.js
IP 173.233.137.36:0
File type Unicode text, UTF-8 text, with very long lines (25110), with no line terminators
Hash 9ae57b7bff88c1e8768a32b106b0ccac
4c728d894e08b3b099f37b2513bff1b45c64ebc4
6afff3a8c26a9b88ebd94809a056d849e83840295337bf02c6bcf63fecd3755b
Analyzer Verdict Alert quad9 Sinkholed
GET /6595693a81f37a16a4ecaa202b63b8ae/invoke.js HTTP/1.1
Host: pl18374803.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a045df27f64e1cb2186b4ab03dd22bbf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.effectivecreativeformat.com/8a0e38d34d07c41ac9bb29de00b51db4/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/8a0e38d34d07c41ac9bb29de00b51db4/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26973), with no line terminators
Hash 04aeececa5b9447bf5b5a87ce27f6427
970acc6f5783dad55b6d88a6d4110cd1c7a3f570
0c16dcd00220072c32441f07017b84e693c6e3910db7ae3fd9eb64aff37a6583
Analyzer Verdict Alert quad9 Sinkholed
GET /8a0e38d34d07c41ac9bb29de00b51db4/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c8318cbfcd0c9c7a74dc44b37d22722
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl18379894.highcpmrevenuenetwork.com/28/e4/ac/28e4acf4a4100fe3a3f7089567b86acd.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 pl18379894.highcpmrevenuenetwork.com/28/e4/ac/28e4acf4a4100fe3a3f7089567b86acd.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37152), with no line terminators
Hash b468d144b58ca302483e401634bb6e27
bfd92e26b59806c99fb735f7fdb7177cc0412221
c972c69073c5a6d09ce3c6b31e103eb1851b13248f935935f22a2fc21dda054d
Analyzer Verdict Alert quad9 Sinkholed
GET /28/e4/ac/28e4acf4a4100fe3a3f7089567b86acd.js HTTP/1.1
Host: pl18379894.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 09 Feb 2023 11:01:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a5446a75a1b0b15c66d0fb39eb076a45
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl18374730.highcpmrevenuenetwork.com/36/e5/15/36e51565925742c5d909734f81aa905f.js
192.243.59.20200 OK 21 kB URL HTTP/1.1 pl18374730.highcpmrevenuenetwork.com/36/e5/15/36e51565925742c5d909734f81aa905f.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60137), with no line terminators
Hash da422c5f8ff36df5b3859b382aa7b8b0
12ab1c0ca463bbfcd08985e08c14f20078cee040
78f0e073e499e4171865ea554d044cbefd88ccd4dbb38369296f6807ee4b13b6
Analyzer Verdict Alert quad9 Sinkholed
GET /36/e5/15/36e51565925742c5d909734f81aa905f.js HTTP/1.1
Host: pl18374730.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 09 Feb 2023 11:01:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ef78041647012043bfa2288825277278
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ad.a-ads.com/2162379?size=728x90
136.243.35.166200 OK 4.7 kB URL HTTP/1.1 ad.a-ads.com/2162379?size=728x90
IP 136.243.35.166:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11122)
Hash 6a92797ed16a447214429ce042c9d792
cf8eeeb409b5bd0979b5821c29b9cf4829f2fbe4
dd1993bd718a57fd95f6f22ecbfc610784b59457ccea327741655c699e56eb49
GET /2162379?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 11:01:39 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: http://beazfeeds.xyz/
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Content-Encoding: gzip
www.effectivecreativeformat.com/5168dbc80ff6a0fcf3199ef1440dcf58/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/5168dbc80ff6a0fcf3199ef1440dcf58/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26939), with no line terminators
Hash f5561ef00f0f6957c2656b6513f219d7
9791d5ffd3e687f27fdf563779ffb631215aede0
022f10966b3735037f9ae844a9538fa19d155cbe5034813e7894a2ab71e2f6f0
Analyzer Verdict Alert quad9 Sinkholed
GET /5168dbc80ff6a0fcf3199ef1440dcf58/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 20661880e3434e05be866f2957c18654
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash a28222744ed7330bea9a621b935adcc1
d6c82547cae9ebf20c9e2534b2b072977d721399
14be94c7e087e140464c8d3cb8b77642c6ed07cde45992faa54d577cf26df94a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101793
Date: Thu, 09 Feb 2023 11:01:39 GMT
Etag: "63e3a415-1d7"
Expires: Fri, 10 Feb 2023 15:18:12 GMT
Last-Modified: Wed, 08 Feb 2023 13:31:01 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0a6KhPUCPhNzr0YMnSgDVhX0eVU_GHgoVFJoLVJW49qrAxIOyJxu1A==
Age: 6431
simplewebanalysis.com/stats
18.192.190.118200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.192.190.118:0
File type ASCII text, with no line terminators
Hash 3d3b72d0df1dd069a04d11c35133c99c
eb2ab6db4ba53ace36fe010c4c5d65b1a8b0c1a5
3198f8fd23189ce48da59517ca64993140213efd607946da197983e12812e4c0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://beazfeeds.xyz
Connection: keep-alive
Referer: http://beazfeeds.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://beazfeeds.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=5390fec3-1068-4263-8a6f-baf0e7506e76:1:1; expires=Sun, 06 Feb 2033 11:01:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.192.190.118200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.192.190.118:0
File type ASCII text, with no line terminators
Hash 2d536448001b0358d898c611cfe0c682
412007bdcf36d70d1d6099116000fa02eae76d76
92be8f4bb6f81039127a96e2859aa095fb127a4bf3a5c351b364eb99d15674fc
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://beazfeeds.xyz
Connection: keep-alive
Referer: http://beazfeeds.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://beazfeeds.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=fc885f04-dc15-476c-8d8b-f14e41d44085:1:1; expires=Sun, 06 Feb 2033 11:01:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.192.190.118200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.192.190.118:0
File type ASCII text, with no line terminators
Hash 3831bebfcda4122c1fd2e4cfb598ad88
561e6dca9946265df54dc478d72ec272ac12de64
c9daeec6984f7e6a2b753c55f3eb4371967a024cb219335fae552a8bc242b4f9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://beazfeeds.xyz
Connection: keep-alive
Referer: http://beazfeeds.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://beazfeeds.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=56c9aa1b-b8c1-4309-901e-c78963caf6f4:1:1; expires=Sun, 06 Feb 2033 11:01:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
pl18379894.highcpmrevenuenetwork.com/28/e4/ac/28e4acf4a4100fe3a3f7089567b86acd.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 pl18379894.highcpmrevenuenetwork.com/28/e4/ac/28e4acf4a4100fe3a3f7089567b86acd.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37149), with no line terminators
Hash 27d598b09115912587ce143ba20644ca
1ad9855f4d5c200ea18d5ecc68c0bd5b9c595b0d
b7ae98796dba4ae13e2caa173daaabf86342c466b86c4353947087fbbc3ee12a
Analyzer Verdict Alert quad9 Sinkholed
GET /28/e4/ac/28e4acf4a4100fe3a3f7089567b86acd.js HTTP/1.1
Host: pl18379894.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 09 Feb 2023 11:01:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 64bd3729101d2b55a6ac7a51f3e455d4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
static.a-ads.com/a-ads-banners/411236/728x90?region=eu-central-1
136.243.35.166200 OK 22 kB URL HTTP/1.1 static.a-ads.com/a-ads-banners/411236/728x90?region=eu-central-1
IP 136.243.35.166:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 728x90, components 3\012- data
Hash 3af60c06af21e754e17a66a85c08ac23
f02b01816a6a2564d657a359c0ba0d585a993231
358937f4c7c0c4114510596de9908e6932dbf51373698c30c3f4c3bd1b07c9d3
GET /a-ads-banners/411236/728x90?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ad.a-ads.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 11:01:39 GMT
Content-Type: image/jpeg
Content-Length: 22528
Connection: keep-alive
x-amz-id-2: AL+AewR59wzepcQSCccRj5Oq0uhmSHRxKwAuYzlwrA5VJ7vHNOhRkE1APi7dbhuEjFAW+cZTtpc=
x-amz-request-id: ZARGF95XZT86M84A
x-amz-replication-status: COMPLETED
Last-Modified: Tue, 23 Aug 2022 13:55:57 GMT
ETag: "3af60c06af21e754e17a66a85c08ac23"
Cache-Control: max-age=315360000
x-amz-version-id: tmLbPJUzSnQLrL6wSdQ.Jf6.nZP7JavK
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges: bytes
friendshipmale.com/sfp.js
104.21.234.92200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 104.21.234.92:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 11:01:39 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 3ed57134b25276cd8f10a9e46dd6a3fa
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Thu, 09 Feb 2023 11:01:39 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zBLU9ry4nw%2Fh921sc8cft%2FaO6ITA9LZssFTT5VIpV1HHIZiy8m3OpvjOtlemGcsxacoxrqTE6x93Vh1XTGuPI6Nm1bkYExtKwTCgPfLVJIVsIkkPj9L1Z3jAw3yO2uJTMVN47A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796c1bb91bde386b-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
simplewebanalysis.com/stats
18.192.190.118200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.192.190.118:0
File type ASCII text, with no line terminators
Hash 3831bebfcda4122c1fd2e4cfb598ad88
561e6dca9946265df54dc478d72ec272ac12de64
c9daeec6984f7e6a2b753c55f3eb4371967a024cb219335fae552a8bc242b4f9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://beazfeeds.xyz
Connection: keep-alive
Referer: http://beazfeeds.xyz/
Cookie: uid_id2=56c9aa1b-b8c1-4309-901e-c78963caf6f4:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://beazfeeds.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.effectivecreativeformat.com/dfded7f9b19e96126b2d89d486f4c27a/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/dfded7f9b19e96126b2d89d486f4c27a/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Hash c74bc9a8de6743fbc9b15ba1646e48ee
e3904c24384ad32db6c4b8b7e32c1b79fc1d029d
ab54614f0b064550d68e6c6ce86f5ed0e25b63e76f3724e72220d6e2506f62d3
Analyzer Verdict Alert quad9 Sinkholed
GET /dfded7f9b19e96126b2d89d486f4c27a/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b068ec1cc2c0bd5e1974b4c892d63e83
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.effectivecreativeformat.com/5a6ca8c59ec0103874ffe52aeabe9937/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/5a6ca8c59ec0103874ffe52aeabe9937/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26939), with no line terminators
Hash f5561ef00f0f6957c2656b6513f219d7
9791d5ffd3e687f27fdf563779ffb631215aede0
022f10966b3735037f9ae844a9538fa19d155cbe5034813e7894a2ab71e2f6f0
Analyzer Verdict Alert quad9 Sinkholed
GET /5a6ca8c59ec0103874ffe52aeabe9937/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 302625243ce3f1ed0534f569c6e18d87
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.effectivecreativeformat.com/8a0e38d34d07c41ac9bb29de00b51db4/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/8a0e38d34d07c41ac9bb29de00b51db4/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Hash c74bc9a8de6743fbc9b15ba1646e48ee
e3904c24384ad32db6c4b8b7e32c1b79fc1d029d
ab54614f0b064550d68e6c6ce86f5ed0e25b63e76f3724e72220d6e2506f62d3
Analyzer Verdict Alert quad9 Sinkholed
GET /8a0e38d34d07c41ac9bb29de00b51db4/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 90f1cfb92a62864f65a2aa47f960c4bf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 88f1c978e8af79e11ed706d34457b5f7
d7f71e8b148502f8f78fe8a81b1a2e6461a20c8c
8b576067b6d7f72caff7b5d0ef977fcf283849ad5997a9b650ad43dd97e873fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B576067B6D7F72CAFF7B5D0EF977FCF283849AD5997A9B650AD43DD97E873FD"
Last-Modified: Thu, 09 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=444
Expires: Thu, 09 Feb 2023 11:09:03 GMT
Date: Thu, 09 Feb 2023 11:01:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3b555ffeaec3ab5e4573a0230150603e
1227a050f7c0cb1192fd4be9a8d622c1490ec9f7
71333ad7c2584dbe70de4c2be63b3c24963845a216140cabc9c780a6c5806c01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71333AD7C2584DBE70DE4C2BE63B3C24963845A216140CABC9C780A6C5806C01"
Last-Modified: Thu, 09 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6066
Expires: Thu, 09 Feb 2023 12:42:45 GMT
Date: Thu, 09 Feb 2023 11:01:39 GMT
Connection: keep-alive
www.effectivecreativeformat.com/8a0e38d34d07c41ac9bb29de00b51db4/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/8a0e38d34d07c41ac9bb29de00b51db4/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26943), with no line terminators
Hash 8abf68e1b4e94d020ca86bf03879068b
00c7d52df341c2de03f387000ec3bc6770edef3f
9518151c36da8667aab43152c40d62a2de82fcf1e87a43af879384248ad74d7e
Analyzer Verdict Alert quad9 Sinkholed
GET /8a0e38d34d07c41ac9bb29de00b51db4/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 823a0b13d1d9ea39ce022f4303822501
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3b555ffeaec3ab5e4573a0230150603e
1227a050f7c0cb1192fd4be9a8d622c1490ec9f7
71333ad7c2584dbe70de4c2be63b3c24963845a216140cabc9c780a6c5806c01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71333AD7C2584DBE70DE4C2BE63B3C24963845A216140CABC9C780A6C5806C01"
Last-Modified: Thu, 09 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5875
Expires: Thu, 09 Feb 2023 12:39:35 GMT
Date: Thu, 09 Feb 2023 11:01:40 GMT
Connection: keep-alive
priestsuede.com/watch.1355359967330.js?key=5168dbc80ff6a0fcf3199ef1440dcf58&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=fc885f04-dc15-476c-8d8b-f14e41d44085%3A1%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 priestsuede.com/watch.1355359967330.js?key=5168dbc80ff6a0fcf3199ef1440dcf58&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=fc885f04-dc15-476c-8d8b-f14e41d44085%3A1%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1355359967330.js?key=5168dbc80ff6a0fcf3199ef1440dcf58&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=fc885f04-dc15-476c-8d8b-f14e41d44085%3A1%3A1 HTTP/1.1
Host: priestsuede.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://beazfeeds.xyz
Connection: keep-alive
Referer: http://beazfeeds.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:40 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://beazfeeds.xyz
Access-Control-Allow-Origin: http://beazfeeds.xyz
Access-Control-Allow-Credentials: true
Location: https://priestsuede.com/watch.1355359967330.js?key=5168dbc80ff6a0fcf3199ef1440dcf58&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=fc885f04-dc15-476c-8d8b-f14e41d44085%3A1%3A1&shu=7ca45289337ce6a9b4471f11aadc5a4a80aa04171d717e9cf90211a4682076c9a1cfb210bb2ec0b119a88d00debabb8fdfd077871628f04225647a770c4fe2bbfe60efa6b348b3c6f4f964ff0d0836f20e38bfba9053e01f097d8f9d6ca5e5d36e&pst=1675940560&rmtc=t
Set-Cookie: u_pl=18274321; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI3NDMyMSwiayI6IjUxNjhkYmM4MGZmNmEwZmNmMzE5OWVmMTQ0MGRjZjU4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk5NDcxLCJwaWQiOjYwNzgxMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoiZnJ3NDUzMGVzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9iZWF6ZmVlZHMueHl6L3VuY2F0ZWdvcml6ZWQvY2xvdWQtY29tcHV0aW5nLyJ9fQ.hYpz548rLaslqrGFYa4YqiSdCtCigFNrxo6i-O20afw; expires=Thu, 09 Feb 2023 11:02:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ff622b4e9dfda4decfa53304eb04feb2
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 05aaf34382711084b053605fd6395a34
e9bc548545e280b3bd5d080fa06849ee2f1beea2
18075b23830edfdd9e4277fd6af75e88a3423ba116a60e75d3fc2b88c40c4f16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18075B23830EDFDD9E4277FD6AF75E88A3423BA116A60E75D3FC2B88C40C4F16"
Last-Modified: Wed, 08 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6173
Expires: Thu, 09 Feb 2023 12:44:33 GMT
Date: Thu, 09 Feb 2023 11:01:40 GMT
Connection: keep-alive
priestsuede.com/watch.1616622026499.js?key=5a6ca8c59ec0103874ffe52aeabe9937&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 priestsuede.com/watch.1616622026499.js?key=5a6ca8c59ec0103874ffe52aeabe9937&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1616622026499.js?key=5a6ca8c59ec0103874ffe52aeabe9937&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1 HTTP/1.1
Host: priestsuede.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://beazfeeds.xyz
Connection: keep-alive
Referer: http://beazfeeds.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:40 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://beazfeeds.xyz
Access-Control-Allow-Origin: http://beazfeeds.xyz
Access-Control-Allow-Credentials: true
Location: https://priestsuede.com/watch.1616622026499.js?key=5a6ca8c59ec0103874ffe52aeabe9937&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1&shu=6e0b6c40beb3bc26a0969c5dde14ae3f2f9f0a793cca4d2d6e455efdb45fca511895e66c3f764c3231c18d2c603c9b2812b82f2a6f80b06b787eeab3a57cb4017ddc38bd3f427f63db751614da1b48552e89834be1ae5d424723c46017bc&pst=1675940560&rmtc=t
Set-Cookie: u_pl=18293684; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI5MzY4NCwiayI6IjVhNmNhOGM1OWVjMDEwMzg3NGZmZTUyYWVhYmU5OTM3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk5NDcxLCJwaWQiOjYwNzgxMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNywicHQiOjQsInBrIjoiZnJxaTZibnkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2JlYXpmZWVkcy54eXovdW5jYXRlZ29yaXplZC9jbG91ZC1jb21wdXRpbmcvIn19.DB0w_a7nQZarAp2FzVGJ6tAvxTrecaq2a506bekKKV4; expires=Thu, 09 Feb 2023 11:02:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4dce7a5205a00a28e0a1a35ce7f625f1
Strict-Transport-Security: max-age=0; includeSubdomains
innocenceexpeditionsensation.com/watch.1025600136098.js?key=8a0e38d34d07c41ac9bb29de00b51db4&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=5390fec3-1068-4263-8a6f-baf0e7506e76%3A1%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 innocenceexpeditionsensation.com/watch.1025600136098.js?key=8a0e38d34d07c41ac9bb29de00b51db4&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=5390fec3-1068-4263-8a6f-baf0e7506e76%3A1%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1025600136098.js?key=8a0e38d34d07c41ac9bb29de00b51db4&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=5390fec3-1068-4263-8a6f-baf0e7506e76%3A1%3A1 HTTP/1.1
Host: innocenceexpeditionsensation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://beazfeeds.xyz
Connection: keep-alive
Referer: http://beazfeeds.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:40 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://beazfeeds.xyz
Access-Control-Allow-Origin: http://beazfeeds.xyz
Access-Control-Allow-Credentials: true
Location: https://innocenceexpeditionsensation.com/watch.1025600136098.js?key=8a0e38d34d07c41ac9bb29de00b51db4&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=5390fec3-1068-4263-8a6f-baf0e7506e76%3A1%3A1&shu=1fa6e5033a69704ece1c68489f68f342ce1adefae1f81d187f21f21f0aa66a55510d1aa5c9857cc69fdaaf210180c2c93c5a11d3f85eddb6e326375041a117313e7e7f86d086da2180dfd5e70d17c1e9d1856e35&pst=1675940560&rmtc=t
Set-Cookie: u_pl=18274146; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI3NDE0NiwiayI6IjhhMGUzOGQzNGQwN2M0MWFjOWJiMjlkZTAwYjUxZGI0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk5NDcxLCJwaWQiOjYwNzgxMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJrYml1aWU2MyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vYmVhemZlZWRzLnh5ei91bmNhdGVnb3JpemVkL2Nsb3VkLWNvbXB1dGluZy8ifX0.YE_444Wl3ykXcJ5oFUmzeKhjma0N8zF8jZoMRvcg6r8; expires=Thu, 09 Feb 2023 11:02:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 32c30f74af6417ebdf0eab8b361481c7
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3b708bfac4565574208d02b14e4dc2bf
5eb6ba263cac48ecbf45abd65f9518d252d7af7d
7a9c2905cbe007279256fb4e372261c29b3a18d045d90fb80776f0cf950a9b4a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A9C2905CBE007279256FB4E372261C29B3A18D045D90FB80776F0CF950A9B4A"
Last-Modified: Wed, 08 Feb 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8309
Expires: Thu, 09 Feb 2023 13:20:09 GMT
Date: Thu, 09 Feb 2023 11:01:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 05aaf34382711084b053605fd6395a34
e9bc548545e280b3bd5d080fa06849ee2f1beea2
18075b23830edfdd9e4277fd6af75e88a3423ba116a60e75d3fc2b88c40c4f16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18075B23830EDFDD9E4277FD6AF75E88A3423BA116A60E75D3FC2B88C40C4F16"
Last-Modified: Wed, 08 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16115
Expires: Thu, 09 Feb 2023 15:30:15 GMT
Date: Thu, 09 Feb 2023 11:01:40 GMT
Connection: keep-alive
www.effectivecreativeformat.com/8a0e38d34d07c41ac9bb29de00b51db4/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/8a0e38d34d07c41ac9bb29de00b51db4/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash 7a9294982198fd955139143788fb307c
4256e637547b74f9082b91159ed63bfe33922300
63975ee554fedabbeb9689875929751f778d7e86d341f3cee6b9d8385349c2a5
Analyzer Verdict Alert quad9 Sinkholed
GET /8a0e38d34d07c41ac9bb29de00b51db4/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 359acbed3be1f62590d163f180c8ed86
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
priestsuede.com/watch.1355359967330.js?key=5168dbc80ff6a0fcf3199ef1440dcf58&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=fc885f04-dc15-476c-8d8b-f14e41d44085%3A1%3A1&shu=7ca45289337ce6a9b4471f11aadc5a4a80aa04171d717e9cf90211a4682076c9a1cfb210bb2ec0b119a88d00debabb8fdfd077871628f04225647a770c4fe2bbfe60efa6b348b3c6f4f964ff0d0836f20e38bfba9053e01f097d8f9d6ca5e5d36e&pst=1675940560&rmtc=t
173.233.137.44200 OK 635 B URL HTTP/1.1 priestsuede.com/watch.1355359967330.js?key=5168dbc80ff6a0fcf3199ef1440dcf58&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=fc885f04-dc15-476c-8d8b-f14e41d44085%3A1%3A1&shu=7ca45289337ce6a9b4471f11aadc5a4a80aa04171d717e9cf90211a4682076c9a1cfb210bb2ec0b119a88d00debabb8fdfd077871628f04225647a770c4fe2bbfe60efa6b348b3c6f4f964ff0d0836f20e38bfba9053e01f097d8f9d6ca5e5d36e&pst=1675940560&rmtc=t
IP 173.233.137.44:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (582)
Hash ecdef2425abd4e55d93fd4ab95efb442
193a5db831f957782b8992d2105521c59f150371
e08c9917406cc7ac4e699bab781a92c3099df422a46e1f7c261bf209758782bc
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1355359967330.js?key=5168dbc80ff6a0fcf3199ef1440dcf58&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=fc885f04-dc15-476c-8d8b-f14e41d44085%3A1%3A1&shu=7ca45289337ce6a9b4471f11aadc5a4a80aa04171d717e9cf90211a4682076c9a1cfb210bb2ec0b119a88d00debabb8fdfd077871628f04225647a770c4fe2bbfe60efa6b348b3c6f4f964ff0d0836f20e38bfba9053e01f097d8f9d6ca5e5d36e&pst=1675940560&rmtc=t HTTP/1.1
Host: priestsuede.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://beazfeeds.xyz
Referer: http://beazfeeds.xyz/
Connection: keep-alive
Cookie: u_pl=18274321; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI3NDMyMSwiayI6IjUxNjhkYmM4MGZmNmEwZmNmMzE5OWVmMTQ0MGRjZjU4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk5NDcxLCJwaWQiOjYwNzgxMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoiZnJ3NDUzMGVzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9iZWF6ZmVlZHMueHl6L3VuY2F0ZWdvcml6ZWQvY2xvdWQtY29tcHV0aW5nLyJ9fQ.hYpz548rLaslqrGFYa4YqiSdCtCigFNrxo6i-O20afw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://beazfeeds.xyz
Access-Control-Allow-Origin: http://beazfeeds.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fc885f04-dc15-476c-8d8b-f14e41d44085:1:1; expires=Thu, 16 Feb 2023 11:01:40 GMT; secure; SameSite=None
iprc9a0ebb2899f48b5a1b838606de2d66f9=2717338; expires=Fri, 10 Feb 2023 13:01:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
uncs=1; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
pdhtkv26=true; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
uncs26=1; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 275b6f60c6baa18f4a227de6b3115015
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f47bf01c087fce105e5c33197377b37a
ef300a4e005109449a84a5f46e3ca0a15b9c70b3
a03ebba906474ff72bfc918850117f1ccff1846a4b1e1670d0a54124969c941c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A03EBBA906474FF72BFC918850117F1CCFF1846A4B1E1670D0A54124969C941C"
Last-Modified: Wed, 08 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=682
Expires: Thu, 09 Feb 2023 11:13:02 GMT
Date: Thu, 09 Feb 2023 11:01:40 GMT
Connection: keep-alive
pistolsizehoe.com/pixel/purst?dl=0&th=0&sc=0&rs=4546&rd=4546&fd=573&bv=22.10.v.9&tmpl=70
173.233.139.164200 OK 0 B URL HTTP/1.1 pistolsizehoe.com/pixel/purst?dl=0&th=0&sc=0&rs=4546&rd=4546&fd=573&bv=22.10.v.9&tmpl=70
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=4546&rd=4546&fd=573&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: pistolsizehoe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://beazfeeds.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
priestsuede.com/watch.1616622026499.js?key=5a6ca8c59ec0103874ffe52aeabe9937&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1&shu=6e0b6c40beb3bc26a0969c5dde14ae3f2f9f0a793cca4d2d6e455efdb45fca511895e66c3f764c3231c18d2c603c9b2812b82f2a6f80b06b787eeab3a57cb4017ddc38bd3f427f63db751614da1b48552e89834be1ae5d424723c46017bc&pst=1675940560&rmtc=t
173.233.137.44200 OK 2.1 kB URL HTTP/1.1 priestsuede.com/watch.1616622026499.js?key=5a6ca8c59ec0103874ffe52aeabe9937&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1&shu=6e0b6c40beb3bc26a0969c5dde14ae3f2f9f0a793cca4d2d6e455efdb45fca511895e66c3f764c3231c18d2c603c9b2812b82f2a6f80b06b787eeab3a57cb4017ddc38bd3f427f63db751614da1b48552e89834be1ae5d424723c46017bc&pst=1675940560&rmtc=t
IP 173.233.137.44:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2615)
Hash fc18ea49cf9035affab05656c2ee41d7
fa5a349920219de1911e547588453bd554a484d2
14da5e7c8a719e5f96f8641e5992513ce5d20ae6dfd595e6ed9f39ac9e31f743
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1616622026499.js?key=5a6ca8c59ec0103874ffe52aeabe9937&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1&shu=6e0b6c40beb3bc26a0969c5dde14ae3f2f9f0a793cca4d2d6e455efdb45fca511895e66c3f764c3231c18d2c603c9b2812b82f2a6f80b06b787eeab3a57cb4017ddc38bd3f427f63db751614da1b48552e89834be1ae5d424723c46017bc&pst=1675940560&rmtc=t HTTP/1.1
Host: priestsuede.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://beazfeeds.xyz
Referer: http://beazfeeds.xyz/
Connection: keep-alive
Cookie: u_pl=18293684; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI5MzY4NCwiayI6IjVhNmNhOGM1OWVjMDEwMzg3NGZmZTUyYWVhYmU5OTM3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk5NDcxLCJwaWQiOjYwNzgxMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNywicHQiOjQsInBrIjoiZnJxaTZibnkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2JlYXpmZWVkcy54eXovdW5jYXRlZ29yaXplZC9jbG91ZC1jb21wdXRpbmcvIn19.DB0w_a7nQZarAp2FzVGJ6tAvxTrecaq2a506bekKKV4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://beazfeeds.xyz
Access-Control-Allow-Origin: http://beazfeeds.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=56c9aa1b-b8c1-4309-901e-c78963caf6f4:1:1; expires=Thu, 16 Feb 2023 11:01:40 GMT; secure; SameSite=None
iprc2c47755ceba8320a2053d286efb7eb11=3569807; expires=Thu, 09 Feb 2023 15:01:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
uncs=1; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
pdhtkv27=true; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
uncs27=1; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2f025855fa9fcbfe9286c0f8348290a9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
outdilateinterrupt.com/watch.911111565518.js?key=dfded7f9b19e96126b2d89d486f4c27a&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 outdilateinterrupt.com/watch.911111565518.js?key=dfded7f9b19e96126b2d89d486f4c27a&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.911111565518.js?key=dfded7f9b19e96126b2d89d486f4c27a&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1 HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://beazfeeds.xyz
Connection: keep-alive
Referer: http://beazfeeds.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:40 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://beazfeeds.xyz
Access-Control-Allow-Origin: http://beazfeeds.xyz
Access-Control-Allow-Credentials: true
Location: https://outdilateinterrupt.com/watch.911111565518.js?key=dfded7f9b19e96126b2d89d486f4c27a&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1&shu=94f58d3035d85cff2fd5755ee95a34b2eb00b02a4f1faee22954a6b5bc6214550b6428ac94842146287699f61f052b7f6c9b417185076c20ef02badf8d3018e7c1119c99863d96dd444c3bcaf7be181510a8ee39&pst=1675940560&rmtc=t
Set-Cookie: u_pl=18301966; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODMwMTk2NiwiayI6ImRmZGVkN2Y5YjE5ZTk2MTI2YjJkODlkNDg2ZjRjMjdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk5NDcxLCJwaWQiOjYwNzgxMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoicnF6YndidTEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2JlYXpmZWVkcy54eXovdW5jYXRlZ29yaXplZC9jbG91ZC1jb21wdXRpbmcvIn19.DZstelh-IiZTjcy-o0MSDuQSeuarHNWY-TPsgTeN1EE; expires=Thu, 09 Feb 2023 11:02:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6f96e4affdde073bf2ed8a34ef55c6c8
Strict-Transport-Security: max-age=0; includeSubdomains
priestsuede.com/watch.1616622026499?key=5a6ca8c59ec0103874ffe52aeabe9937&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1
173.233.137.44200 OK 1.2 kB URL HTTP/1.1 priestsuede.com/watch.1616622026499?key=5a6ca8c59ec0103874ffe52aeabe9937&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (494)
Hash 27b356881bb09d63deba6ea2f28b48d1
3e309f88c0e748ede7913fbb05931920b5289bd3
898a85a667b40f1a8a51d3bc47df000c52ef15c49f8b2892e58e944fe16fe2ca
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1616622026499?key=5a6ca8c59ec0103874ffe52aeabe9937&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1 HTTP/1.1
Host: priestsuede.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://beazfeeds.xyz/
Cookie: u_pl=18293684; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI5MzY4NCwiayI6IjVhNmNhOGM1OWVjMDEwMzg3NGZmZTUyYWVhYmU5OTM3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk5NDcxLCJwaWQiOjYwNzgxMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNywicHQiOjQsInBrIjoiZnJxaTZibnkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2JlYXpmZWVkcy54eXovdW5jYXRlZ29yaXplZC9jbG91ZC1jb21wdXRpbmcvIn19.DB0w_a7nQZarAp2FzVGJ6tAvxTrecaq2a506bekKKV4; uid_id2=56c9aa1b-b8c1-4309-901e-c78963caf6f4:1:1; iprc9a0ebb2899f48b5a1b838606de2d66f9=2717338; pdhtkv=true; uncs=1; pdhtkv26=true; uncs26=1; iprc2c47755ceba8320a2053d286efb7eb11=3569807; pdhtkv27=true; uncs27=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI5MzY4NCwiayI6IjVhNmNhOGM1OWVjMDEwMzg3NGZmZTUyYWVhYmU5OTM3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk5NDcxLCJwaWQiOjYwNzgxMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNywicHQiOjQsInBrIjoiZnJxaTZibnkiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHA6Ly9iZWF6ZmVlZHMueHl6L3VuY2F0ZWdvcml6ZWQvY2xvdWQtY29tcHV0aW5nLyJ9fQ.jI7TYq3ZTV6PzdXpk0Oz_e302Rx20AZ2ZF8yE1VQqdM; expires=Thu, 09 Feb 2023 11:02:40 GMT; secure; SameSite=None
uid_id2=56c9aa1b-b8c1-4309-901e-c78963caf6f4:1:1; expires=Thu, 16 Feb 2023 11:01:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 81f6a2bbb026c3e316576e17761a7d84
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
outdilateinterrupt.com/watch.353944946344?key=8a0e38d34d07c41ac9bb29de00b51db4&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1
192.243.61.227200 OK 1.2 kB URL HTTP/1.1 outdilateinterrupt.com/watch.353944946344?key=8a0e38d34d07c41ac9bb29de00b51db4&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (494)
Hash ae724856656099ca25734febc80cde86
0dd800ad0ff4b129df2c99c18c82e78d35e18ee3
38945a4b9c3f076680a5606c3db0c52d3fbb0d2727fa333581be5774b51a65ea
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.353944946344?key=8a0e38d34d07c41ac9bb29de00b51db4&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1 HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://beazfeeds.xyz/
Cookie: u_pl=18301966; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODMwMTk2NiwiayI6ImRmZGVkN2Y5YjE5ZTk2MTI2YjJkODlkNDg2ZjRjMjdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk5NDcxLCJwaWQiOjYwNzgxMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoicnF6YndidTEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2JlYXpmZWVkcy54eXovdW5jYXRlZ29yaXplZC9jbG91ZC1jb21wdXRpbmcvIn19.DZstelh-IiZTjcy-o0MSDuQSeuarHNWY-TPsgTeN1EE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=18301966,18274146; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI3NDE0NiwiayI6IjhhMGUzOGQzNGQwN2M0MWFjOWJiMjlkZTAwYjUxZGI0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk5NDcxLCJwaWQiOjYwNzgxMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJrYml1aWU2MyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vYmVhemZlZWRzLnh5ei91bmNhdGVnb3JpemVkL2Nsb3VkLWNvbXB1dGluZy8ifX0.YE_444Wl3ykXcJ5oFUmzeKhjma0N8zF8jZoMRvcg6r8; expires=Thu, 09 Feb 2023 11:02:40 GMT; secure; SameSite=None
uid_id2=56c9aa1b-b8c1-4309-901e-c78963caf6f4:1:1; expires=Thu, 16 Feb 2023 11:01:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5eb55f4a74e4089472fcb4ac7e6f2d56
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
priestsuede.com/watch.1616622026499?shu=965ba8260be5f273809629e2c03dfbe9c563d9c44a994543ace4c245d9cc305929691c58b76f5232eb7a5502adb61ae6684880d703c8bde767c87a41a19b44bc5dd69f91b73beba004b6c37c1e9dffdfd942ffab642be2fa7b84b694b011879d5f&pst=1675940560&rmtc=t&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1&pii=&in=false&key=5a6ca8c59ec0103874ffe52aeabe9937&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&tz=0&dev=e&res=12.1053
173.233.137.44200 OK 761 B URL HTTP/1.1 priestsuede.com/watch.1616622026499?shu=965ba8260be5f273809629e2c03dfbe9c563d9c44a994543ace4c245d9cc305929691c58b76f5232eb7a5502adb61ae6684880d703c8bde767c87a41a19b44bc5dd69f91b73beba004b6c37c1e9dffdfd942ffab642be2fa7b84b694b011879d5f&pst=1675940560&rmtc=t&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1&pii=&in=false&key=5a6ca8c59ec0103874ffe52aeabe9937&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&tz=0&dev=e&res=12.1053
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (547)
Hash c6705ba3f53523b9c5a37f03387e1ee8
0d4f94d71d50104bb9a3bcb30161130a163e4a60
ebe6d4b846bca9e3bcb77b0c7b6cffa960873e12de8042d9783c9e32f44c2fa0
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1616622026499?shu=965ba8260be5f273809629e2c03dfbe9c563d9c44a994543ace4c245d9cc305929691c58b76f5232eb7a5502adb61ae6684880d703c8bde767c87a41a19b44bc5dd69f91b73beba004b6c37c1e9dffdfd942ffab642be2fa7b84b694b011879d5f&pst=1675940560&rmtc=t&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1&pii=&in=false&key=5a6ca8c59ec0103874ffe52aeabe9937&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&tz=0&dev=e&res=12.1053 HTTP/1.1
Host: priestsuede.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://priestsuede.com/watch.1616622026499?key=5a6ca8c59ec0103874ffe52aeabe9937&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1
Cookie: u_pl=18293684; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI5MzY4NCwiayI6IjVhNmNhOGM1OWVjMDEwMzg3NGZmZTUyYWVhYmU5OTM3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk5NDcxLCJwaWQiOjYwNzgxMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNywicHQiOjQsInBrIjoiZnJxaTZibnkiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHA6Ly9iZWF6ZmVlZHMueHl6L3VuY2F0ZWdvcml6ZWQvY2xvdWQtY29tcHV0aW5nLyJ9fQ.jI7TYq3ZTV6PzdXpk0Oz_e302Rx20AZ2ZF8yE1VQqdM; uid_id2=56c9aa1b-b8c1-4309-901e-c78963caf6f4:1:1; iprc9a0ebb2899f48b5a1b838606de2d66f9=2717338; pdhtkv=true; uncs=1; pdhtkv26=true; uncs26=1; iprc2c47755ceba8320a2053d286efb7eb11=3569807; pdhtkv27=true; uncs27=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:40 GMT
Content-Type: text/html
Content-Length: 761
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://beazfeeds.xyz/uncategorized/cloud-computing/
Access-Control-Allow-Origin: http://beazfeeds.xyz/uncategorized/cloud-computing/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=56c9aa1b-b8c1-4309-901e-c78963caf6f4:1:1; expires=Thu, 16 Feb 2023 11:01:40 GMT; secure; SameSite=None
iprc317faaa99d63e9ecbf9557ccfba47de2=2717342; expires=Fri, 10 Feb 2023 13:01:40 GMT; secure; SameSite=None
uncs=2; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
uncs27=2; expires=Fri, 10 Feb 2023 11:01:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 35dd143e3a91d352d98042f836a03d7f
Strict-Transport-Security: max-age=0; includeSubdomains
outdilateinterrupt.com/watch.911111565518?key=dfded7f9b19e96126b2d89d486f4c27a&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1
192.243.61.227200 OK 1.2 kB URL HTTP/1.1 outdilateinterrupt.com/watch.911111565518?key=dfded7f9b19e96126b2d89d486f4c27a&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (494)
Hash 2fe78180b5860833b750669ba50f8987
b07bac33d3b7e5fbe1564e3e32897222000e9880
729873d1c3ce39d893a331cbb5f853a052337de784ecd19b6448b4a53064dffd
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.911111565518?key=dfded7f9b19e96126b2d89d486f4c27a&kw=%5B%22cloud%22%2C%22computing%22%2C%22%E2%80%93%22%2C%22beaz%22%2C%22feeds%22%5D&refer=http%3A%2F%2Fbeazfeeds.xyz%2Funcategorized%2Fcloud-computing%2F&tz=0&dev=e&res=12.1053&uuid=56c9aa1b-b8c1-4309-901e-c78963caf6f4%3A1%3A1 HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://beazfeeds.xyz/
Cookie: u_pl=18301966; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODMwMTk2NiwiayI6ImRmZGVkN2Y5YjE5ZTk2MTI2YjJkODlkNDg2ZjRjMjdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk5NDcxLCJwaWQiOjYwNzgxMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoicnF6YndidTEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2JlYXpmZWVkcy54eXovdW5jYXRlZ29yaXplZC9jbG91ZC1jb21wdXRpbmcvIn19.DZstelh-IiZTjcy-o0MSDuQSeuarHNWY-TPsgTeN1EE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODMwMTk2NiwiayI6ImRmZGVkN2Y5YjE5ZTk2MTI2YjJkODlkNDg2ZjRjMjdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk5NDcxLCJwaWQiOjYwNzgxMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoicnF6YndidTEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHA6Ly9iZWF6ZmVlZHMueHl6L3VuY2F0ZWdvcml6ZWQvY2xvdWQtY29tcHV0aW5nLyJ9fQ.wgkZ72nyFoGuJYdlaVk0dqoiChsX4DJ5wIZ7LJEAtxE; expires=Thu, 09 Feb 2023 11:02:40 GMT; secure; SameSite=None
uid_id2=56c9aa1b-b8c1-4309-901e-c78963caf6f4:1:1; expires=Thu, 16 Feb 2023 11:01:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 069df30fe0d828956c91f967f2f2e3d3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 33249cdd6ecb9039c316340e5aa408ab
2ff01e53fe934119b84c1fcbb867f574b6bdf741
1f11cba1d3d980f6ce9034f592dd3e3a3806b638faa74fd677c624ce24c14ab2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F11CBA1D3D980F6CE9034F592DD3E3A3806B638FAA74FD677C624CE24C14AB2"
Last-Modified: Wed, 08 Feb 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17742
Expires: Thu, 09 Feb 2023 15:57:22 GMT
Date: Thu, 09 Feb 2023 11:01:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 170daf6beb9f23541ded52489001d9fd
d2a5c4a70d248135ad0c8c031c87500b189c142f
2ad25c2d41b1032938e209c8a587a7713c9141a6928e27ee272be97c81e60556
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2AD25C2D41B1032938E209C8A587A7713C9141A6928E27EE272BE97C81E60556"
Last-Modified: Wed, 08 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5870
Expires: Thu, 09 Feb 2023 12:39:30 GMT
Date: Thu, 09 Feb 2023 11:01:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0f562aac16a429c7fcf25028afe357a5
0a16025a02fc99bf61f3d231b709598dae28b510
699b2e11b6de1ca661231288e20b2e9816e077dcca7245ea4deb7e662df77e70
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "699B2E11B6DE1CA661231288E20B2E9816E077DCCA7245EA4DEB7E662DF77E70"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21586
Expires: Thu, 09 Feb 2023 17:01:26 GMT
Date: Thu, 09 Feb 2023 11:01:40 GMT
Connection: keep-alive
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=18293684
173.233.139.164200 OK 1.3 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=18293684
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 1676b71524fbba2a930847d6434f9e61
c98125e34a88a28089348037b68b39cd13208d45
3a2430d84bee6ea1339b256720c38897a96074efa2f1cc8967fc939ee20f0afa
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=18293684 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://priestsuede.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Fri, 10 Feb 2023 11:01:40 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTgyOTM2ODQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9wcmllc3RzdWVkZS5jb20vIn19.84l7ZMB0KWqLEfM1wCikJYyr-Oi-Czp1qX8-Qjd0Blg; expires=Thu, 09 Feb 2023 11:02:40 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 017df05ea7aab33037443fac7d8d3d02
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?shu=b98f8b235cdd884c2e5d1b9740da143eebe30cbebac2e84261840d90aa64def2ec45f30c35e732dbc83b728d017eacd2f4c502dc90541f9048e9b28b1c7046efb04dc3a2f69c785ecb394a4516a95fd644df8fcb84954cb12a74c07192efa4e731&pst=1675940560&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fpriestsuede.com%2F&psid=18293684
173.233.139.164302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=b98f8b235cdd884c2e5d1b9740da143eebe30cbebac2e84261840d90aa64def2ec45f30c35e732dbc83b728d017eacd2f4c502dc90541f9048e9b28b1c7046efb04dc3a2f69c785ecb394a4516a95fd644df8fcb84954cb12a74c07192efa4e731&pst=1675940560&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fpriestsuede.com%2F&psid=18293684
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=b98f8b235cdd884c2e5d1b9740da143eebe30cbebac2e84261840d90aa64def2ec45f30c35e732dbc83b728d017eacd2f4c502dc90541f9048e9b28b1c7046efb04dc3a2f69c785ecb394a4516a95fd644df8fcb84954cb12a74c07192efa4e731&pst=1675940560&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fpriestsuede.com%2F&psid=18293684 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTgyOTM2ODQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9wcmllc3RzdWVkZS5jb20vIn19.84l7ZMB0KWqLEfM1wCikJYyr-Oi-Czp1qX8-Qjd0Blg; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Thu, 09 Feb 2023 11:01:41 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: pdhtkv=true; expires=Fri, 10 Feb 2023 11:01:41 GMT
uncs=1; expires=Fri, 10 Feb 2023 11:01:41 GMT
pdhtkv28=true; expires=Fri, 10 Feb 2023 11:01:41 GMT
uncs28=1; expires=Fri, 10 Feb 2023 11:01:41 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ec560d6cae39f82f7c27a3cf112d1380
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
23.36.79.43307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Thu, 09 Feb 2023 11:01:41 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 09 Feb 2023 11:01:41 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; domain=.unibet.com; expires=Sat, 09-Feb-3022 11:01:41 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=23, origin; dur=66, ak_p; desc="465539_388255527_1895049224_8921_4327_1_0";dur=1
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 09 Feb 2023 11:01:41 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node01anq51txn3y8ka23zxyh4j4b3865139.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01anq51txn3y8ka23zxyh4j4b3; Path=/; Domain=.unibet.nu; Expires=Sat, 08-Feb-2025 11:01:41 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sat, 08-Feb-2025 11:01:41 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://jennyvisits.com/"; Path=/; Domain=.unibet.nu; Expires=Sat, 08-Feb-2025 11:01:41 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fjennyvisits.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_DDB4FBB83C7041F2AD425282E7D4FEAA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://jennyvisits.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 09 Feb 2023 11:01:41 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: __ucbt=node01anq51txn3y8ka23zxyh4j4b3; uniattr=ST.0.T; uniattr_ref="https://jennyvisits.com/"; affiliateId=1; B-TAG=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fjennyvisits.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_DDB4FBB83C7041F2AD425282E7D4FEAA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 09 Feb 2023 11:01:41 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 09 Feb 2023 11:01:41 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e32687e478bf56dc0f304e023d480073
e3e4fc4db7e4d669c4d0d1936291c2666057620f
e8a4ada038b4cf2b703e0026c31b829f5114cb281a6f4fab391d0e3796a7595f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8A4ADA038B4CF2B703E0026C31B829F5114CB281A6F4FAB391D0E3796A7595F"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10809
Expires: Thu, 09 Feb 2023 14:01:50 GMT
Date: Thu, 09 Feb 2023 11:01:41 GMT
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.25.188200 OK 2.0 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.25.188:0
File type HTML document, Unicode text, UTF-8 text
Hash 53b84c61049205096968884afba8311e
61549cfae39aa800541ecb4243fedce5ab143dd2
b792cf7f49c2b5c3e0e01afabebee6754a38c47595180f29baf8b04d0e43b24b
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF99188E686E"
x-ms-request-id: fae4441f-101e-0040-4d81-31153a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 599476
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bca198a1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
104.18.25.188200 OK 5.2 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
IP 104.18.25.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2392)
Hash 47c14e9298ebf3cccbdd2bef62c63b9b
9f8bd1ba01e0601ad3a9d17ce109d50109b26cc7
7189ad04986c5911f3e9f459b0a59230743a0efd8339ec7a1364096c1f0ebe1e
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: djoKeCzytkLU3NSdQsOPbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
x-ms-request-id: 0b195cdf-101e-000d-5475-3cdad6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 796c1bc918bf1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.25.188200 OK 1.9 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.25.188:0
File type HTML document, ASCII text
Hash cfd725838c0b8ebf62399cf8e4850a8d
5b9b806ce5fec20d314c57f658a80dc19938477f
99cda55d178ef70597fe951be63605362bbc1c0dbc29d1604fe398604956ce02
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF991898A021"
x-ms-request-id: e9253db8-601e-0075-8081-31792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 599470
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bca198c1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.10200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.10:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:18:19 GMT
expires: Tue, 06 Feb 2024 17:18:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 236603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.25.188200 OK 996 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Hash 34fcc83f8862c0f01b3eb2067e013ad9
794d7f5170a74f4cc9ee48f4800ba96f0429cc1d
b768bc0b5e8e8d7230fe9a634812d9782fbc32a84d1c09819224e21d19d3098a
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99174612EA"
x-ms-request-id: 82c2bcc2-201e-0029-1081-312c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 599475
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bca199b1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 187328a63de6aba551a3e83c5d92f2e9
e18f209d9fe00056952bfaac1e770fa6b47ca2ed
ef8619278b84af8054b15c470a0ad66ea52091538cb84c56252706bb46fff42c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5693
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:01:42 GMT
Last-Modified: Thu, 09 Feb 2023 09:26:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.25.188404 Not Found 644 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.25.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash 5ab5436002bbde6f447e111f63dab17e
3d79de02a4ddfdeb2097de610174c3ea46b27dab
c8d45e480ce0cdbebd29c836f1d29c13cd8e15f9c1b33effc78f10ff7f17bc9f
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: application/xml
x-ms-request-id: f76bb24a-a01e-0018-1175-3ccd65000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 25
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bca299f1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
104.18.25.188200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP 104.18.25.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DAFF991565B252"
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 3cf155d6-101e-000d-3081-31dad6000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 599474
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bcb5b101bfe-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.25.188200 OK 21 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8eeca769d6285ba52f385dd4a6cd6e07
5c8c98b39c664cf8eacd13dd08bf2076b42897f0
1b3bd12177af11c5f240f08b4a18119b2c009d50a60c8338d50f9ed87e7bc70f
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915D02464"
x-ms-request-id: 9ee27f41-c01e-000e-3881-313bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 599474
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bca29a01bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
104.18.25.188200 OK 76 kB URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.25.188:0
Hash 599dfa1a3cbca86ff960e0767e6528db
7fb05be4880a7bb555af438d254361553e846c08
3805cfbdbed7220a927bd52547fd70b155ec591156910e78442427b6bd96949a
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 268145
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bca19901bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.133.15200 OK 12 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Hash 7b5426caa4e418409d075abece4082f4
85eef09dcfc526a77b9dc23d840aff198c461870
3f07a9c28e9611158686d3daf9384ec294802023f0be1345f5529dcbc7c62311
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: text/css
x-amz-id-2: bDlIamUY1QfJPc4QlUBnXFv1f1qQDGvTvEH6wm5EFeK9XBcJboUVX25kNqwZs6Ih/vyIsNf6eIM=
x-amz-request-id: 39MR148XF08XCMJM
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1115296
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BdQKEienOYKF2cA91wFndVM7MQ7OidgTFSHIGK0TxPgchI27D4if7XyzGMDyfgtV%2F9wDz3igy6FVvtq9nAaJdHOj6%2B%2BadwatpCCF%2BBonQ7LIa2xCZVZkGMypDnOKEmV5NBwai%2Fe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c1bca89a97407-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.25.188200 OK 18 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5740), with no line terminators
Hash a5b670e2f4101c358b6885164527d54d
54e16b779876d4cfd1a902dae9b593f239d96cc2
f1673ce23d1fc0733b627ed69d3259f8e1e38743cc79721314298284c6fef943
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99184AD9A4"
x-ms-request-id: fa9ed380-a01e-0027-7f81-3105c6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 599475
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bca19991bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.74200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.74:0
Hash e31fc46e8cfba05004578764e0e6e848
823bc5f821496e041e7d9f71fd5735fe370798f4
7c24b161761d46b8d21cd0214f49b1912b42b2ae390134d65bfe949bb2105528
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Feb 2023 11:01:42 GMT
date: Thu, 09 Feb 2023 11:01:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.25.188200 OK 20 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Hash 4102271d8934eceb2807a60d14bb1b42
6963dc0898e4aff278d3e6edd1cb68bde74d7db2
5446c96368f3271e1257a348e187d171281dc73309d57593b33447123ff2d1c8
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99183CF8FA"
x-ms-request-id: d4160c8c-201e-0016-7481-31e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 599475
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bca19981bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.25.188404 Not Found 82 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.25.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash b2e1a2fef57ff7f53e3b8ed0e6175b78
a69c78cef14bd7cf5ef676b67752d7b2751329e1
60deef274ba988ed103041b07b339d229cbf1cc35389ab9d46d15441abcbdec7
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: application/xml
x-ms-request-id: f76bb24a-a01e-0018-1175-3ccd65000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 25
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bcb5b0f1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cc59641f5de3b83a980274968410378e
5a14bc44774fd1225dfb5b89b13665f5aca404b0
86d2b7ed2961d1260633ec8a3cd6707466a6d51ff1b8f85475059848cf319741
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4930
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:01:42 GMT
Last-Modified: Thu, 09 Feb 2023 09:39:32 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
104.18.25.188200 OK 705 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP 104.18.25.188:0
File type PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f9c38d591d0db74ee831be5ab563fc2
bbfbc5edbd583fcf5eebbd14c868f5e207d24ba9
c999efb4e370574a8bca226fa5bd1ca88a21f72170f330ba39093e9656666d00
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914F4D898"
x-ms-request-id: e6735b96-c01e-0021-0381-313679000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 599467
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bcc1bd51bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js?465539
104.19.147.8410 Gone 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?465539
IP 104.19.147.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pages/scripts/0012/9242.js?465539 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 410 Gone
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: application/javascript
content-length: 0
last-modified: Wed, 08 Feb 2023 15:00:58 GMT
cache-control: public, max-age=86400, s-maxage=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 72044
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bcc6dcfb503-OSL
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
104.19.147.8410 Gone 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP 104.19.147.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 410 Gone
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: application/javascript
content-length: 0
last-modified: Wed, 08 Feb 2023 15:00:58 GMT
cache-control: public, max-age=86400, s-maxage=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 72044
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bcc6dceb503-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
37.252.171.21307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 09 Feb 2023 11:01:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: fba22c24-3c62-4c4d-afa9-d568f0d90177
Set-Cookie: uuid2=4366735961411942896; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 10-May-2023 11:01:42 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
37.252.171.21200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 37.252.171.21:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 09 Feb 2023 11:01:42 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 76a0fe21-7109-4b9c-891e-a8e1c8c0607c
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVMjC]Og!]tbP6j2F-XstGt!@DQT$chYT; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 10-May-2023 11:01:42 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 983691ed960bbc7cd6e9095acdee70af
48393e57da1597d8de594c810ace8270d869609e
85ae5d09d54d97049e610c56c373344e4434279bdbd0f6e2735670c563e7f992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5129
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:01:42 GMT
Last-Modified: Thu, 09 Feb 2023 09:36:14 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675940561239
52.50.218.77200 OK 500 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675940561239
IP 52.50.218.77:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash a5ae84cbe092764907ea2d289315ba47
63478b0265caed5c77dd447fd97c4ca006b243df
b3b945d23df8314f08f62f4a7cc058813c094a8ec40bd7f208882f8d00554fc2
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675940561239 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v046-0f3ec1a9a.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=72287506698229062232018146771908596076; Max-Age=15552000; Expires=Tue, 08 Aug 2023 11:01:42 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: lQwP7OrhQzE=
Content-Length: 500
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 32fb9f1b2f08991ad2b491787e5acf3e
edc633540d172792c7fbd64d63e0225be1fce860
a7c45ecb6ebceb5381a59d3ee81ac9ed84fc3766ebf6fbc4f504307d58df54b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3884
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:01:42 GMT
Last-Modified: Thu, 09 Feb 2023 09:56:58 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 32fb9f1b2f08991ad2b491787e5acf3e
edc633540d172792c7fbd64d63e0225be1fce860
a7c45ecb6ebceb5381a59d3ee81ac9ed84fc3766ebf6fbc4f504307d58df54b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3666
Cache-Control: max-age=98301
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:01:42 GMT
Etag: "63e3a141-117"
Expires: Fri, 10 Feb 2023 14:20:03 GMT
Last-Modified: Wed, 08 Feb 2023 13:18:57 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 32fb9f1b2f08991ad2b491787e5acf3e
edc633540d172792c7fbd64d63e0225be1fce860
a7c45ecb6ebceb5381a59d3ee81ac9ed84fc3766ebf6fbc4f504307d58df54b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3884
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:01:42 GMT
Last-Modified: Thu, 09 Feb 2023 09:56:58 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
104.40.147.180200 OK 3.9 kB URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP 104.40.147.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 2ae6f264e1dd07dfb8347c4321509320
b7ace7881c65917e87db44df3822704f0f020a2b
b59456c47ca06a5ff02a7a0b1ba7ca5cdde67e53eb66ffeb7a9539ac68115afe
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Thu, 09 Feb 2023 11:01:41 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=918a28837d469cda54fea86f65a3d5a5f06872944f26694d3e52a68732d0d39c;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=918a28837d469cda54fea86f65a3d5a5f06872944f26694d3e52a68732d0d39c;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=72326090360845893002021879002511568119&ts=1675940561524
15.236.125.10200 OK 2 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=72326090360845893002021879002511568119&ts=1675940561524
IP 15.236.125.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=72326090360845893002021879002511568119&ts=1675940561524 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Thu, 09 Feb 2023 11:01:42 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
3.248.138.237200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 3.248.138.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 9 Feb 2023 11:01:42 GMT
DCS: dcs-prod-irl1-1-v046-04d38696b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 8 Feb 2023 11:26:59 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: CvxfojdxSxA=
Content-Length: 2791
Connection: keep-alive
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s99731479443589?AQB=1&ndh=1&pf=1&t=9%2F1%2F2023%2011%3A2%3A41%204%200&mid=72326090360845893002021879002511568119&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_DDB4FBB83C7041F2AD425282E7D4FEAA%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_DDB4FBB83C7041F2AD425282E7D4FEAA%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A02%20AM%7CThursday&v6=11%3A02%20AM%7CThursday&v11=GBP&c14=New&v14=New&c16=1675940561&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&v126=68246908&v127=37950&v134=1675940561&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
15.236.125.10200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s99731479443589?AQB=1&ndh=1&pf=1&t=9%2F1%2F2023%2011%3A2%3A41%204%200&mid=72326090360845893002021879002511568119&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_DDB4FBB83C7041F2AD425282E7D4FEAA%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_DDB4FBB83C7041F2AD425282E7D4FEAA%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A02%20AM%7CThursday&v6=11%3A02%20AM%7CThursday&v11=GBP&c14=New&v14=New&c16=1675940561&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&v126=68246908&v127=37950&v134=1675940561&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 15.236.125.10:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s99731479443589?AQB=1&ndh=1&pf=1&t=9%2F1%2F2023%2011%3A2%3A41%204%200&mid=72326090360845893002021879002511568119&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_DDB4FBB83C7041F2AD425282E7D4FEAA%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_DDB4FBB83C7041F2AD425282E7D4FEAA%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A02%20AM%7CThursday&v6=11%3A02%20AM%7CThursday&v11=GBP&c14=New&v14=New&c16=1675940561&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&v126=68246908&v127=37950&v134=1675940561&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Thu, 09 Feb 2023 11:01:42 GMT
expires: Wed, 08 Feb 2023 11:01:42 GMT
last-modified: Fri, 10 Feb 2023 11:01:42 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3599054824704442368-4619668457780682217
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 57e2189e39db1881e2420ddad64a1ca3
4c41ef7ec3b33c2cf4a58420700537c8073c9971
29fa92faf146319bbe2aaacee0a2876045ed5e3d02202db318a500d09fa29534
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98390
Date: Thu, 09 Feb 2023 11:01:43 GMT
Etag: "63e3ab20-1d7"
Expires: Fri, 10 Feb 2023 14:21:33 GMT
Last-Modified: Wed, 08 Feb 2023 14:01:04 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FyAy9HTfn8j7aVqaFOTOhNmfUA6A4nrRRkoV5rHKhez7uox88j8IYQ==
Age: 1229
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
104.16.170.188200 OK 8.0 kB URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP 104.16.170.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 28b66e8ad3a9f4a7bf0bf112d884cae5
efa1c4ad2dc3efda7bc4d924b5df6fd2c3377bef
c6cb1aa929085d25e781d2142322b5fc2a5d5e59c22dd496731be73b8ed27303
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 234
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bce7830b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Y_TSlwAAAENmRQMx
52.50.218.77302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y_TSlwAAAENmRQMx
IP 52.50.218.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y_TSlwAAAENmRQMx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v046-0d826ede1.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y_TSlwAAAENmRQMx
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=64591843126407531890011975137482949778; Max-Age=15552000; Expires=Tue, 08 Aug 2023 11:01:43 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: zkIMU25uRDI=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y_TSlwAAAENmRQMx
52.50.218.77200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y_TSlwAAAENmRQMx
IP 52.50.218.77:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y_TSlwAAAENmRQMx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v046-023a5908f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: u0n6XkuZTUU=
Content-Length: 59
Connection: keep-alive
welcome.unibet.com/widget/betslip/betslip.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP 104.18.25.188:0
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 268146
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bcafabc1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
104.16.170.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP 104.16.170.188:0
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 252
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bce680cb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99173FAB3F"
x-ms-request-id: af16bb2e-701e-0046-1c81-312685000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 599475
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bca199a1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914DE94BB"
x-ms-request-id: 580bcb77-701e-0034-8081-3121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 599470
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bca09861bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:24 GMT
etag: W/"705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF99157C1D3C"
x-ms-request-id: ec6073d8-501e-0051-6881-318f8e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 599476
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bca19941bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915A7459F"
x-ms-request-id: e677fb13-901e-0061-5581-313141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 599476
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bca19911bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF991835F51F"
x-ms-request-id: 1328b90b-701e-0024-5c81-31e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 599476
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bca19971bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675940501606)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202329111%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228801448156%7c1%22%7d%5d; btag=127656177_DDB4FBB83C7041F2AD425282E7D4FEAA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:01:42 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF9917716257"
x-ms-request-id: 78c0b78e-401e-0000-7881-311202000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 599475
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c1bca299e1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2